7x31
/
cmdb
mirror of https://github.com/veops/cmdb.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

[更新] 修复 LDAP 登录失败的问题 (#336) 

Co-authored-by: sherlock <sherlock@gmail.com>
This commit is contained in:
kdyq007 2023-12-25 09:36:31 +08:00 committed by GitHub
parent 3919dfdfbb
commit b093569453
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
2 changed files with 6 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
cmdb-api/api/lib/perm/authentication/ldap.py
View File

@ -23,13 +23,13 @@ from api.models.acl import User
def authenticate_with_ldap(username, password): def authenticate_with_ldap(username, password):
config = AuthenticateDataCRUD(AuthenticateType.LDAP).get() config = AuthenticateDataCRUD(AuthenticateType.LDAP).get()
server = Server(config.get('LDAP').get('ldap_server'), get_info=ALL, connect_timeout=3) server = Server(config.get('ldap_server'), get_info=ALL, connect_timeout=3)
if '@' in username: if '@' in username:
email = username email = username
who = config['LDAP'].get('ldap_user_dn').format(username.split('@')[0]) who = config.get('ldap_user_dn').format(username.split('@')[0])
else: else:
who = config['LDAP'].get('ldap_user_dn').format(username) who = config.get('ldap_user_dn').format(username)
email = "{}@{}".format(who, config['LDAP'].get('ldap_domain')) email = "{}@{}".format(who, config.get('ldap_domain'))
username = username.split('@')[0] username = username.split('@')[0]
user = User.query.get_by_username(username) user = User.query.get_by_username(username)
@ -41,7 +41,7 @@ def authenticate_with_ldap(username, password):
conn = Connection(server, user=who, password=password, auto_bind=AUTO_BIND_NO_TLS) conn = Connection(server, user=who, password=password, auto_bind=AUTO_BIND_NO_TLS)
except LDAPBindError: except LDAPBindError:
conn = Connection(server, conn = Connection(server,
user=f"{username}@{config['LDAP'].get('ldap_domain')}", user=f"{username}@{config.get('ldap_domain')}",
password=password, password=password,
auto_bind=AUTO_BIND_NO_TLS) auto_bind=AUTO_BIND_NO_TLS)

2
cmdb-api/api/views/acl/login.py
View File

@ -39,7 +39,7 @@ class LoginView(APIView):
password = request.values.get("password") password = request.values.get("password")
_role = None _role = None
config = AuthenticateDataCRUD(AuthenticateType.LDAP).get() config = AuthenticateDataCRUD(AuthenticateType.LDAP).get()
if config.get('LDAP', {}).get('enabled') or config.get('LDAP', {}).get('enable'): if config.get('enabled') or config.get('enable'):
from api.lib.perm.authentication.ldap import authenticate_with_ldap from api.lib.perm.authentication.ldap import authenticate_with_ldap
user, authenticated = authenticate_with_ldap(username, password) user, authenticated = authenticate_with_ldap(username, password)
else: else: