Django Integrated LDAP authentication method

Recent project requirements, to achieve the LDAP authentication method, the Internet to find a bit, the general way is to use DJANGO-AUTH-LDAP and PYTHON-LDAP these two third libraries. The implementation method is as follows:

1. Pip Install Python-ldap Django-auth-ldap

The author's environment is CENTOS6, installing PYTHON-LDAP on Windows will cause problems

2. Configuring the Django settings.py file

Authentication_backends = (
    ' django_auth_ldap.backend.LDAPBackend ',   # LDAP authentication
    ' Django.contrib.auth.xxxx.xxxxx ',         # Local Default authentication method
    
)

Auth_ldap_server_uri = "ldap://127.0.0.1"      # LDAP server address
	 
auth_ldap_bind_dn = '    # can be empty, can also fill in a real LDAP user 
	 
Auth_ldap_bind_password = '
	 
Auth_ldap_user_search = Ldapsearch ("ou=test,dc=test,dc=com", LDAP. Scope_subtree, "(cn=% (user))")   # The first parameter is the scope of the search
	 
Auth_ldap_user_attr_map = {"First_Name": "GivenName", "Last_ Name ":" SN "," username ":" sn "}
	 
auth_ldap_always_update_user = True

After this configuration, the user logs on the first LDAP authentication, when the LDAP authentication fails, will go to the local default authentication method. However, there is a drawback to this approach, that is, LDAP configuration changes, you need to change settings.py, a bit of trouble. The LDAP configuration is then configured in the Web page, and then the LDAP configuration information is written into the database, so it is necessary to change the source of PYTHON-AUTH-LDAP, let it read LDAP configuration information from the database.

Put the DJANGO-AUTH-LDAP source package into the project, modify the backends.py file, and let the original read from the settings configuration file read from the database.

Class Ldapsettings (object): "" "This is a simple class to take the place of the global Settings object. An instance would contain all of our settings as attributes, with default values if they is not specified by the C
    Onfiguration. "" "defaults = {' Always_update_user ': True, ' authorize_all_users ': False, ' Bind_as_authentica Ting_user ': false, ' bind_dn ': ', ' bind_password ': ', ' cache_groups ': false, ' connection_
        OPTIONS ': {}, ' Deny_group ': None, ' find_group_perms ': False, ' group_cache_timeout ': none,
        ' Group_search ': None, ' Group_type ': None, ' mirror_groups ': false, ' Permit_empty_password ': false,  ' Profile_attr_map ': {}, ' Profile_flags_by_group ': {}, ' Require_group ': None, ' Server_uri ': ' LDAP://localhost ', ' start_tls ': False, ' user_attrlist ': None, ' User_attr_map ': {}, ' USER _dn_template ': NOne, ' User_flags_by_group ': {}, ' User_search ': None,} def __init__ (self, prefix= ' auth_ldap_ ', de faults={}): "" "Loads our settings from django.conf.settings, applying defaults for any that is O
        Mitted. "" "Import LDAP defaults = Dict (Self.defaults, **defaults) Ldap_auth_info = authsettings.objects.f  Ilter (Is_delete=false). First () ldap_info_db = {"Server_uri": "Ldap_server_uri", "BIND_DN": "Ldap_bind_dn", "Bind_password": "ldap_bind_passwd", "User_search": "LDAP
                _user_search "} for Name, default in Defaults.items (): If name in Ldap_info_db.keys (): If name = = "Server_uri": db_attr = ldap_info_db.get (name) value = GetAttr (ldap_au
           Th_info, Db_attr) + ":" + str (getattr (ldap_auth_info, "Ldap_server_port")) elif name = = "User_search":         RDN = "(cn=% (user) s)" If ldap_auth_info.ldap_user_search = = "cn" Else "(uid=% (user) s)" Value = Ldapsearch (ldap_auth_info.ldap_based_dn, LDAP.  Scope_subtree, RDN) else:db_attr = ldap_info_db.get (name) value = GetAttr (Ldap_auth_info, db_attr) Else:value = getattr (django.conf.settings, prefix + name, D Efault) SetAttr (self, name, value)