Code

Changes between Version 17 and Version 18 of MultipleAuthBackends


Ignore:
Timestamp:
02/19/08 08:14:10 (6 years ago)
Author:
guettli
Comment:

remove outdated information, added link to LDAP Auth Backend

Legend:

Unmodified
Added
Removed
Modified
  • MultipleAuthBackends

    v17 v18  
    66http://code.djangoproject.com/browser/django/trunk/docs/authentication.txt 
    77 
    8 ---- 
    9  
    10 Start: Added by a relative newbie on May 12, 2006 
    11  
    12 Note: In the multi-auth branch (2892), you need to set AUTHENTICATION_BACKENDS to a tuple, similar to MULTIAUTH_BACKENDS above.  the {{{authenticate}}} method looks for this setting in your settings.py file.  I have it working and all I have is: 
    13  
    14 {{{ 
    15 #!python 
    16  
    17 AUTHENTICATION_BACKENDS = ( 
    18     "django.contrib.auth.copy_of_backends.LDAPBackend", 
    19 ) 
    20 }}} 
    21  
    22 I made a copy of contrib.auth.backends so the svn can update it without overwriting my LDAPBackend class.  Don't know if that is the best way to do it or not, but it works. 
    23  
    24 ''I recommend you put it someplace like {{{myapp.auth.LDAPBackend}}}. Maintianing patches to Django is going to be a PITA. --Joseph Kocherhans'' 
    25  
    26 I also hacked the contrib.auth.models file to change the check_password function to check against our LDAP server, and added a few small functions to check the type of user account.  I know this will break next time I update the source, but I have a copy of that as well.  There is surely a better way, but I'm still learning. 
    27  
    28 ''You shouldn't have to hack the {{{check_password}}} function at all. It isn't called directly by Django's views anymore... only indirectly via {{{django.contrib.auth.backends.ModelBacked}}}, which you aren't using. -Joseph Kocherhans'' 
    29  
    30 End of newbie addition 
    31  
    32 ---- 
    338 
    349=== sample LDAPBackend class === 
    3510 
    36 From the same newbie as above on May 12, 2006 
    37  
    38 This is located in the contrib/auth/copy_of_backends.py file.  The two original models are still in the file as well.  I just added this one in the middle. 
    39  
    40 {{{ 
    41 #!python 
    42  
    43 class LDAPBackend: 
    44     """ 
    45     Authenticate against our LDAP Database 
    46     """ 
    47     def authenticate(self, username=None, password=None): 
    48         # bind and see if the user exists 
    49         if ldap.userExists(username): 
    50             # user exists in our LDAP, see if they exist in Django 
    51             # if not, add them to django's user database since django relies on that 
    52             try: 
    53                 user = User.objects.get(username=username) 
    54                 if ldap.check_ldap_password(username, password): 
    55                     return user 
    56             except User.DoesNotExist: 
    57                 # get the first name, last name, email from ldap 
    58                 u = ldap.getUser(username) 
    59                 # get user attributes here as well, like mail, fname, lname 
    60                 user = User(username=username, password='getmefromldap') 
    61                 user.email = mail 
    62                 user.first_name = fname 
    63                 user.last_name = lname 
    64                 user.is_staff = False 
    65                 user.is_superuser = False 
    66                 user.save() 
    67                 return user 
    68         else: 
    69             return None 
    70  
    71     def get_user(self, user_id): 
    72         try: 
    73             return User.objects.get(pk=user_id) 
    74         except User.DoesNotExist: 
    75             return None 
    76 }}} 
    77  
    78 And it worked!  I was able to logon as a user who had no entry in Django, and then it added my entry and away I went.  Pretty nice stuff. 
     11See #2507