Commit 841639de authored by Recteur LP's avatar Recteur LP

authorize_non_ldap_user option

parent fe3a02b8
......@@ -11,6 +11,7 @@ ldapauth:
port: 389
ssl: False
version: 3
authorize_non_ldap_user: False # Set to True to Accept non LDAP user in the Remote-User Header
user_id: sAMAccountName
user: 'CN=svc_account,DC=example,DC=com'
password: xxx
......
......@@ -97,6 +97,7 @@ class auth():
return users
def get(self, name):
pyrmin.log.debug("Trying to get: " + name)
if sys.version_info >= (3,0):
filter = "(&(" + self.config['user_id'] + "=" + name + "))"
for entry in self.__getresults(filter):
......@@ -163,3 +164,16 @@ class auth():
"mail": mail,
"img": gravatar_url
}
if len(name) > 0 and self.config['authorize_non_ldap_user']:
return {
"username": name,
"auth": True,
"admin": False,
"division": "",
"displayname": name,
"mobile": "",
"company": "",
"mail": "",
"img": "https://assets.github.com/images/gravatars/gravatar-140.png"
}
......@@ -14,4 +14,8 @@
{{ forms.input('basedn', label="BASE DN", value=config.basedn) }}
{{ forms.input('authorize_non_ldap_user', label="Non LDAP User", value=config.authorize_non_ldap_user) }}
{{ forms.input('user_id', label="User Login Attribute", value=config.user_id) }}
{{ forms.input('admin', label="Admin Group", value=config.admin) }}
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment