Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

add LDAP user auto-creation functionality #2968

Open
wants to merge 1 commit into
base: Develop
Choose a base branch
from
Open

add LDAP user auto-creation functionality #2968

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
1 change: 1 addition & 0 deletions cps/admin.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -1179,6 +1179,7 @@ def _configuration_ldap_helper(to_save):
reboot_required |= _config_string(to_save, "config_ldap_cert_path")
reboot_required |= _config_string(to_save, "config_ldap_key_path")
_config_string(to_save, "config_ldap_group_name")
_config_checkbox(to_save, "config_ldap_autocreate_user")

address = urlparse(to_save.get("config_ldap_provider_url", ""))
to_save["config_ldap_provider_url"] = (address.hostname or address.path).strip("/")
Expand Down
1 change: 1 addition & 0 deletions cps/config_sql.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -137,6 +137,7 @@ class _Settings(_Base):
config_ldap_group_object_filter = Column(String, default='(&(objectclass=posixGroup)(cn=%s))')
config_ldap_group_members_field = Column(String, default='memberUid')
config_ldap_group_name = Column(String, default='calibreweb')
config_ldap_autocreate_user = Column(Boolean, default=False)

config_kepubifypath = Column(String, default=None)
config_converterpath = Column(String, default=None)
Expand Down
4 changes: 4 additions & 0 deletions cps/templates/config_edit.html
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -260,6 +260,10 @@ <h4 class="panel-title">
<div class="form-group">
<input type="checkbox" id="config_ldap_openldap" name="config_ldap_openldap" {% if config.config_ldap_openldap %}checked{% endif %}>
<label for="config_ldap_openldap">{{_('LDAP Server is OpenLDAP?')}}</label>
</div>
<div class="form-group">
<input type="checkbox" id="config_ldap_autocreate_user" name="config_ldap_autocreate_user" {% if config.config_ldap_autocreate_user %}checked{% endif %}>
<label for="config_ldap_autocreate_user">{{_('Automatically create the user when logging in?')}}</label>
</div>
<h4 class="text-center">{{_('Following Settings are Needed For User Import')}}</h4>
<div class="form-group">
Expand Down
26 changes: 20 additions & 6 deletions cps/web.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -43,6 +43,7 @@
from . import constants, logger, isoLanguages, services
from . import db, ub, config, app
from . import calibre_db, kobo_sync_status
from .admin import ldap_import_create_user
from .search import render_search_results, render_adv_search_results
from .gdriveutils import getFileFromEbooksFolder, do_gdrive_download
from .helper import check_valid_domain, check_email, check_username, \
Expand Down Expand Up @@ -1360,14 +1361,27 @@ def login_post():
user = ub.session.query(ub.User).filter(func.lower(ub.User.name) == form.get('username', "").strip().lower()) \
.first()
remember_me = bool(form.get('remember_me'))
if config.config_login_type == constants.LOGIN_LDAP and services.ldap and user and form['password'] != "":
if config.config_login_type == constants.LOGIN_LDAP and services.ldap and (user or config.config_ldap_autocreate_user) and form['password'] != "":
login_result, error = services.ldap.bind_user(form['username'], form['password'])
if login_result:
log.debug(u"You are now logged in as: '{}'".format(user.name))
return handle_login_user(user,
remember_me,
_(u"you are now logged in as: '%(nickname)s'", nickname=user.name),
"success")
log.debug(u"LDAP Login succeeded for user: '{}'".format(form['username']))
if config.config_ldap_autocreate_user and not user:
log.debug(u"LDAP login succeeded but user does not exist but auto-create has been enabled; trying to create the user")
user_data = services.ldap.get_object_details(user=form['username'], query_filter=config.config_ldap_user_object)
user_count, message = ldap_import_create_user(user, user_data)
user = ub.session.query(ub.User).filter(func.lower(ub.User.name) == form.get('username', "").strip().lower()).first()
if not user:
log.error(u"LDAP user auto creation failed")

if user:
log.debug("You are now logged in as: '{}'".format(user.name))
return handle_login_user(user,
remember_me,
_(u"you are now logged in as: '%(nickname)s'", nickname=user.name),
"success")
else:
log.info("Login failed for user '{}'".format(user.name))
flash(_(u"Wrong Username or Password"), category="error")
elif login_result is None and user and check_password_hash(str(user.password), form['password']) \
and user.name != "Guest":
log.info("Local Fallback Login as: '{}'".format(user.name))
Expand Down