root/alpine313/: django-auth-ldap-2.2.0 metadata and description

Homepage Simple index PyPI page

Django LDAP authentication backend.

author Peter Sagerson
author_email psagers@ignorare.net
classifiers
  • Development Status :: 5 - Production/Stable
  • Environment :: Web Environment
  • Framework :: Django
  • Framework :: Django :: 1.11
  • Framework :: Django :: 2.2
  • Framework :: Django :: 3.0
  • Intended Audience :: Developers
  • Intended Audience :: System Administrators
  • License :: OSI Approved :: BSD License
  • Programming Language :: Python
  • Programming Language :: Python :: 3
  • Programming Language :: Python :: 3 :: Only
  • Programming Language :: Python :: 3.5
  • Programming Language :: Python :: 3.6
  • Programming Language :: Python :: 3.7
  • Programming Language :: Python :: 3.8
  • Topic :: Internet :: WWW/HTTP
  • Topic :: Software Development :: Libraries :: Python Modules
  • Topic :: System :: Systems Administration :: Authentication/Directory :: LDAP
license BSD
metadata_version 2.1
platform
  • UNKNOWN
project_urls
  • Documentation, https://django-auth-ldap.readthedocs.io/
  • Source, https://github.com/django-auth-ldap/django-auth-ldap
  • Tracker, https://github.com/django-auth-ldap/django-auth-ldap/issues
requires_dist
  • Django (>=1.11)
  • python-ldap (>=3.1)
requires_python >=3.5
File Tox results History
django_auth_ldap-2.2.0-py3-none-any.whl
Size
20 KB
Type
Python Wheel
Python
3
https://readthedocs.org/projects/django-auth-ldap/badge/?version=latest https://img.shields.io/pypi/v/django-auth-ldap.svg https://img.shields.io/travis/django-auth-ldap/django-auth-ldap/master.svg?label=travis-ci https://img.shields.io/pypi/l/django-auth-ldap.svg

This is a Django authentication backend that authenticates against an LDAP service. Configuration can be as simple as a single distinguished name template, but there are many rich configuration options for working with users, groups, and permissions.

This version is supported on Python 3.5+; and Django 1.11+. It requires python-ldap >= 3.1.

Installation

Install the package with pip:

$ pip install django-auth-ldap

It requires python-ldap >= 3.1. You’ll need the OpenLDAP libraries and headers available on your system.

To use the auth backend in a Django project, add 'django_auth_ldap.backend.LDAPBackend' to AUTHENTICATION_BACKENDS. Do not add anything to INSTALLED_APPS.

AUTHENTICATION_BACKENDS = [
    'django_auth_ldap.backend.LDAPBackend',
]

LDAPBackend should work with custom user models, but it does assume that a database is present.

Example Configuration

Here is a complete example configuration from settings.py that exercises nearly all of the features. In this example, we’re authenticating against a global pool of users in the directory, but we have a special area set aside for Django groups (ou=django,ou=groups,dc=example,dc=com). Remember that most of this is optional if you just need simple authentication. Some default settings and arguments are included for completeness.

import ldap
from django_auth_ldap.config import LDAPSearch, GroupOfNamesType


# Baseline configuration.
AUTH_LDAP_SERVER_URI = 'ldap://ldap.example.com'

AUTH_LDAP_BIND_DN = 'cn=django-agent,dc=example,dc=com'
AUTH_LDAP_BIND_PASSWORD = 'phlebotinum'
AUTH_LDAP_USER_SEARCH = LDAPSearch(
    'ou=users,dc=example,dc=com',
    ldap.SCOPE_SUBTREE,
    '(uid=%(user)s)',
)
# Or:
# AUTH_LDAP_USER_DN_TEMPLATE = 'uid=%(user)s,ou=users,dc=example,dc=com'

# Set up the basic group parameters.
AUTH_LDAP_GROUP_SEARCH = LDAPSearch(
    'ou=django,ou=groups,dc=example,dc=com',
    ldap.SCOPE_SUBTREE,
    '(objectClass=groupOfNames)',
)
AUTH_LDAP_GROUP_TYPE = GroupOfNamesType(name_attr='cn')

# Simple group restrictions
AUTH_LDAP_REQUIRE_GROUP = 'cn=enabled,ou=django,ou=groups,dc=example,dc=com'
AUTH_LDAP_DENY_GROUP = 'cn=disabled,ou=django,ou=groups,dc=example,dc=com'

# Populate the Django user from the LDAP directory.
AUTH_LDAP_USER_ATTR_MAP = {
    'first_name': 'givenName',
    'last_name': 'sn',
    'email': 'mail',
}

AUTH_LDAP_USER_FLAGS_BY_GROUP = {
    'is_active': 'cn=active,ou=django,ou=groups,dc=example,dc=com',
    'is_staff': 'cn=staff,ou=django,ou=groups,dc=example,dc=com',
    'is_superuser': 'cn=superuser,ou=django,ou=groups,dc=example,dc=com',
}

# This is the default, but I like to be explicit.
AUTH_LDAP_ALWAYS_UPDATE_USER = True

# Use LDAP group membership to calculate group permissions.
AUTH_LDAP_FIND_GROUP_PERMS = True

# Cache distinguished names and group memberships for an hour to minimize
# LDAP traffic.
AUTH_LDAP_CACHE_TIMEOUT = 3600

# Keep ModelBackend around for per-user permissions and maybe a local
# superuser.
AUTHENTICATION_BACKENDS = (
    'django_auth_ldap.backend.LDAPBackend',
    'django.contrib.auth.backends.ModelBackend',
)

Contributing

If you’d like to contribute, the best approach is to send a well-formed pull request, complete with tests and documentation. Pull requests should be focused: trying to do more than one thing in a single request will make it more difficult to process.

If you have a bug or feature request you can try logging an issue.

There’s no harm in creating an issue and then submitting a pull request to resolve it. This can be a good way to start a conversation and can serve as an anchor point.