django-auth-ldap - 在自定义视图中显示LDAP中的用户信息

时间:2014-08-09 18:03:56

标签: python django ldap django-auth-ldap

我正在使用django-auth-ldap进行以下设置,因为ldap服务器上没有默认/全局'admin'用户,它仅用于验证用户和用户本身可能会看到他们的用户信息。

AUTH_LDAP_BIND_AS_AUTHENTICATING_USER=True
django-ldap-debug.log中的

我在(在登录用户中)调用视图LDAPBackend().populate_user(request.user.username)

时出现以下错误 
search_s('uid=vchrizz,ou=Users,dc=funkfeuer,dc=at', 0, '(objectClass=*)') raised NO_SUCH_OBJECT({'desc': 'No such object'},)
search_s('uid=vchrizz,ou=Users,dc=funkfeuer,dc=at', 0, '(objectClass=*)') returned 0 objects:

仅在登录时(使用login_required中的django.contrib.auth.decorators),它才会返回一个用户对象:

search_s('uid=vchrizz,ou=Users,dc=funkfeuer,dc=at', 0, '(objectClass=*)') returned 1 objects: uid=vchrizz,ou=users,dc=funkfeuer,dc=at

然后我注意到,我需要设置

AUTH_LDAP_BIND_DN
AUTH_LDAP_BIND_PASSWORD

摆脱错误,但首先我不想指定具有密码的用户(导致bind_as_authenticating_user),第二个populate_user()仍然返回NoneType ...

为什么呢?如何从ldap获取返回的用户信息?

我的目标是在我的custom / userinfo / view中显示ldap-user的所有ldap用户信息,如uidNumber。 http://pastebin.com/VqGiwzFE

谢谢,克里斯

1 个答案:

答案 0 :(得分:2)

最后auth.authenticate失踪了,我不得不rtfm:

Storing additional information about users 这是获取用户信息的首选方式,而不是我想要的方式。

settings.py:

AUTH_LDAP_PROFILE_ATTR_MAP = {
    "uid": "uid",
    "cn": "cn",
    "sn": "sn",
    "givenName": "givenName",
    "userPassword": "userPassword",
    "shadowLastChange": "shadowLastChange",
    "shadowMax": "shadowMax",
    "shadowWarning": "shadowWarning",
    "loginShell": "loginShell",
    "uidNumber": "uidNumber",
    "gidNumber": "gidNumber",
    "homeDirectory": "homeDirectory",
    "gecos": "gecos",
    "mail": "mail",
    "l": "l",
    "telephoneNumber": "telephoneNumber",
}
AUTH_PROFILE_MODULE = 'myapp.UserProfile'

models.py:

from django.db import models
from django.contrib.auth.models import User
from django.db.models.signals import post_save

class UserProfile(models.Model):
    # This field is required.
    user = models.OneToOneField(User)
    # Other fields here
    uid = models.CharField(max_length=254)
    cn = models.CharField(max_length=254)
    sn = models.CharField(max_length=254)
    givenName = models.CharField(max_length=254)
    userPassword = models.CharField(max_length=254)
    shadowLastChange = models.IntegerField(null=True)
    shadowMax = models.IntegerField(null=True)
    shadowWarning = models.IntegerField(null=True)
    loginShell = models.CharField(max_length=254)
    uidNumber = models.IntegerField(null=True)
    gidNumber = models.IntegerField(null=True)
    homeDirectory = models.CharField(max_length=254)
    gecos = models.CharField(max_length=254)
    mail = models.EmailField(max_length=254)
    l = models.CharField(max_length=254)
    telephoneNumber = models.CharField(max_length=254)

def create_user_profile(sender, instance, created, **kwargs):
    #if created:
    #    UserProfile.objects.create(user=instance)
    UserProfile.objects.get_or_create(user=instance)

post_save.connect(create_user_profile, sender=User)

views.py:

from django.contrib.auth.decorators import login_required
from django.http import HttpResponseRedirect
from django.shortcuts import render
from myapp.models import UserProfile

@login_required
def userinfo(request):
    try:
        ldapuserprofile = UserProfile.objects.get(uid=request.user.username)
    except UserProfile.DoesNotExist:
        return HttpResponseRedirect('/login/')
    context = {'request': request, 'ldapuser': ldapuserprofile,}
    return render(request, 'myapp/userinfo.html', context)

然后在html模板中可以访问{{ ldapuser.givenName }}

也许对某人有帮助。

谢谢,克里斯

相关问题
最新问题