Added above file for ldap backend authentication using mayan-edms. This is settings file which is used to run mayan-edms.

2017-01-11 08:09:36 +00:00
parent 93e178a1e2
commit 863c435bf5
1 changed files with 64 additions and 0 deletions
--- a/mayan/settings/ldap_connection_settings.py
+++ b/mayan/settings/ldap_connection_settings.py
@@ -0,0 +1,64 @@
+
+from __future__ import absolute_import
+
+import ldap
+from django_auth_ldap.config import LDAPSearch
+
+from .base import *
+from django.conf import settings
+from django.contrib.auth import get_user_model
+
+SECRET_KEY = '_kxl#@(0wzgh$9_1p%9sbiu4*+v&t8n=*e4@6bm@$l#e+qs5e0'
+
+# makes sure this works in Active Directory
+ldap.set_option(ldap.OPT_REFERRALS, 0)
+
+# This is the default, but I like to be explicit.
+AUTH_LDAP_ALWAYS_UPDATE_USER = True
+
+LDAP_USER_AUTO_CREATION = "False"
+LDAP_URL = "ldap://10.1.1.212:389/"
+LDAP_BASE_DN = "dc=paramatrix,dc=co,dc=in"
+LDAP_ADDITIONAL_USER_DN = "dc=people"
+LDAP_ADMIN_DN = ""
+LDAP_PASSWORD = ""
+
+AUTH_LDAP_SERVER_URI = LDAP_URL
+AUTH_LDAP_BIND_DN = LDAP_ADMIN_DN
+AUTH_LDAP_BIND_PASSWORD = LDAP_PASSWORD
+
+
+AUTH_LDAP_USER_SEARCH = LDAPSearch('%s,%s'%(LDAP_ADDITIONAL_USER_DN, LDAP_BASE_DN), ldap.SCOPE_SUBTREE, "(uid=%(user)s)")
+AUTH_LDAP_USER_ATTR_MAP = {
+                           "first_name": "cn",
+                           "last_name": "sn",
+			   "email": "mail"
+                          }
+
+AUTHENTICATION_BACKENDS = (
+'django_auth_ldap.backend.LDAPBackend',
+'mayan.settings.settings_local.EmailOrUsernameModelBackend',
+)
+
+class EmailOrUsernameModelBackend(object):
+    """
+    This is a ModelBacked that allows authentication with either a username or an email address.
+
+    """
+    def authenticate(self, username=None, password=None):
+        if '@' in username:
+            kwargs = {'email': username}
+        else:
+            kwargs = {'username': username}
+        try:
+            user = get_user_model().objects.get(**kwargs)
+            if user.check_password(password):
+                return user
+        except User.DoesNotExist:
+            return None
+
+    def get_user(self, username):
+        try:
+            return get_user_model().objects.get(pk=username)
+        except get_user_model().DoesNotExist:
+            return None