Skip to main content

Verify user supplied mails against LDAP

Project description

# Pretix verify mails against ldap This is a pretix plugin that can be used to verify the user provided mails against an ldap server. This does not verify the users password.<br> WARNING: This does verify that the user registering is the owner of the mail address.

## Usage 1. Install 2. Configure in admin settings 3. Enable the plugin for your event.

## Security Conserns ### Query While we use a function of python-ldap to sanitize user input there might still be a possible exploit by inserting custom code into the ldap query. You should definitely use a read only user for ldap. User data should not be exposed as we do not print user data to the end user.

### Brutforcing Via a brutforcing attack this opens up the user to find valid mail adresses in your ldap. This is not different to a password reset feature telling you that it has (not) found an mail address.

Project details


Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

pretix-ldap-mails-1.0.0.tar.gz (5.9 kB view details)

Uploaded Source

File details

Details for the file pretix-ldap-mails-1.0.0.tar.gz.

File metadata

  • Download URL: pretix-ldap-mails-1.0.0.tar.gz
  • Upload date:
  • Size: 5.9 kB
  • Tags: Source
  • Uploaded using Trusted Publishing? No
  • Uploaded via: twine/1.15.0 pkginfo/1.8.2 requests/2.23.0 setuptools/41.4.0 requests-toolbelt/0.9.1 tqdm/4.55.1 CPython/2.7.17

File hashes

Hashes for pretix-ldap-mails-1.0.0.tar.gz
Algorithm Hash digest
SHA256 c916c5353ee4ad83f787c83c3669b8a6c5f87dcfa6a24c669a9cfb77d08ee8e7
MD5 c34d8fc5922404f443a061470b9d41a6
BLAKE2b-256 8a072be6bb66beaf6a20c42594b6e4198f72abbac7b23cfd99f4187a94b1c1ec

See more details on using hashes here.

Supported by

AWS Cloud computing and Security Sponsor Datadog Monitoring Fastly CDN Google Download Analytics Pingdom Monitoring Sentry Error logging StatusPage Status page