flask-ldapauth

Release 0.0.3

List url link, script tags, reponse headers

Homepage Repository PyPI Python

License
MIT
Install
pip install flask-ldapauth==0.0.3

Documentation

OS Dependencies

Debian

apt install python3-dev libldap2-dev libsasl2-dev

Centos

yum install python3-devel openldap-devel.x86_64 libgsasl-devel.x86_64

Alpine

apk add musl-dev openldap-dev gcc libgsasl-dev

Install

pip install Flask-LDAPAuth

Settings

App configs

NAME Default
LDAP_URL None
LDAP_ROOTDN None
LDAP_USERDN None
LDAP_GROUP False
LDAP_START_TLS True
LDAP_USER_FILTER 'cn'
LDAP_TIMEOUT 10
SECRET_KEY None
LDAP_TOKEN_EXPIRE 8

Examples

Simple User Authentication

from flask import Flask, jsonify, make_response
from flask_ldapauth import LDAPAuth

app = Flask(__name__)

app.config['LDAP_URL'] = "ldap://localhost:389"
app.config['LDAP_ROOTDN'] = "dc=localhost"
app.config['LDAP_USERDN'] = "ou=People,dc=localhost"

auth = LDAPAuth(app)

@app.route('/login')
def index():
    user = auth.connect(username='nmacias',
                        password='password')

    if user is False:
        return jsonify({'mesg': 'invalid username or password'}), 401

    return jsonify({'mesg': 'login'})

def run():
    app.config['DEBUG'] = True
    app.config['ENV'] = 'development'
    app.run()


def main():
    run()


if __name__ == '__main__':
    main()

Advance User Authenciation

  • Only allow user if part of a group
  • Create auth token cookies
  • Protect routes
  • Return JSON data on protected routes
from flask import Flask, jsonify, make_response
from flask_ldapauth import LDAPAuth

app = Flask(__name__)


app.config['LDAP_URL'] = "ldap://localhost:389"
app.config['LDAP_ROOTDN'] = "dc=localhost"
app.config['LDAP_USERDN'] = "ou=People,dc=localhost"
app.config['LDAP_GROUP'] = "admins"

app.config['SECRET_KEY'] = 'supersecretkey'

auth = LDAPAuth(app)


@app.route('/protected', methods=['GET', 'POST'])
@auth.protected(data=True)
def propected(data):

    return jsonify({'mesg': 'Top secret', 'name': data['name']})


@app.route('/login')
def login():
    user = auth.connect(username='nmacias',
                        password='password', return_user=True)

    if user is False:
        return jsonify({'mesg': 'invalid username or password'}), 401

    token = auth.token.create(payload=user)

    response = make_response(jsonify({'token': token}))

    response.set_cookie('token', value=token, httponly=True)

    return response


@app.route('/logout')
def logout():

    response = make_response(jsonify({}))
    response.set_cookie('token', expires=0)

    return response


@app.route('/validate/<token>')
def validate(token):

    token_validate = auth.token.validate(token=token)

    if token_validate is False:
        return jsonify({'mesg': 'Invalid token'}), 401

    return jsonify({})


def run():
    app.config['DEBUG'] = True
    app.config['ENV'] = 'development'
    app.run()


def main():
    run()


if __name__ == '__main__':
    main()

Stats

Dependencies
3
Dependent packages
0
Dependent repositories
0
Total releases
2
Latest release
First release
Stars
0
Forks
0
Watchers
1
Contributors
0
Repository size
0 Bytes
SourceRank
7

Development practices

Source repo 2FA enabled
TEXT!
Package manager 2FA enabled
TEXT!
Is security responsive
TEXT!
Dependencies are managed
TEXT!
Issue-free release available
TEXT!
Succession plan available
TEXT!
Package manager 2FA enabled
TEXT!

The Tidelift Subscription provides access to a continuously curated stream of human-researched and maintainer-verified data on open source packages and their licenses, releases, vulnerabilities, and development practices.

Learn more

Releases

0.0.3
0.0.2

Something wrong with this page? Make a suggestion

Export .ABOUT file for this package

Last synced: 2021-03-15 21:50:10 UTC

Login to resync this project