我有一个Flask webapp,允许用户使用Active Directory凭据登录。我想要的是AD ' displayName' ,它只是用户名的一个属性,将在整个会话中使用。
我尝试过:
能够在每个用户会话的基础上调用LDAP属性的最佳方法是什么?
def get_ldap_connection():
conn = ldap.initialize(app.config['LDAP_PROVIDER_URL'])
return conn
class User(db.Model):
id = db.Column(db.Integer, primary_key=True)
username = db.Column(db.String(100))
def __init__(self, username, password, display_name):
self.username = username
self.display_name = display_name
@staticmethod
def try_login(username, password):
conn = get_ldap_connection()
conn.simple_bind_s(domain+username, password)
@staticmethod
def whoami(username, password):
conn = get_ldap_connection()
conn.simple_bind_s(domain + username, password)
base = "OU=Users,OU=Corp,DC=mydomain,DC=ad"
criteria = ldap.filter.filter_format('(&(objectClass=user)(sAMAccountName=%s))', [username])
userattribute = ['displayName']
result = conn.search_s(base, ldap.SCOPE_SUBTREE, criteria, userattribute)
global displayName
displayName = result[0][1]['displayName'][0]
def is_authenticated(self):
return True
def is_active(self):
return True
def is_anonymous(self):
return False
def get_id(self):
return unicode(self.id)