Commit 300812ba authored by Stefan Bunde's avatar Stefan Bunde
Browse files

TG-258 TG-280 move ldap settings in separate file and pass default settings

To activate ldap settings, you have to set LDAP_ENABLED to true. Unless you
set the environment variables to configure ldap, the defaults are used.
parent 942745c5
......@@ -70,18 +70,24 @@ AUTH_PASSWORD_VALIDATORS = [
},
]
AUTHENTICATION_BACKENDS = [
'django_auth_ldap.backend.LDAPBackend',
'django.contrib.auth.backends.ModelBackend',
"django.contrib.auth.backends.ModelBackend",
]
import ldap
from django_auth_ldap.config import LDAPSearch
AUTH_LDAP_SERVER_URI = 'ldap://localhost'
AUTH_LDAP_BIND_DN = 'cn=admin,dc=example,dc=org'
AUTH_LDAP_BIND_PASSWORD = 'admin'
AUTH_LDAP_USER_SEARCH = LDAPSearch('dc=example,dc=org', ldap.SCOPE_SUBTREE, '(uid=%(user)s)')
LDAP_ENABLED = True
if LDAP_ENABLED:
try:
from .ldap import *
except ImportError:
raise ImportError(
"Failed to load LDAP settings. Either you disable LDAP by setting "
"'LDAP_ENABLED = False' or you create a ldap.py file in the settings directory!"
)
AUTHENTICATION_BACKENDS.append("django_auth_ldap.backend.LDAPBackend")
AUTH_USER_MODEL = 'castellum_auth.User'
......
import ldap
import os
from django_auth_ldap.config import LDAPSearch
host = os.environ.get("LDAP_HOST", "ldap://localhost")
distinguised_name = os.environ.get("LDAP_DISTINGUISHED_NAME", "dc=example,dc=org")
username = os.environ.get("LDAP_USERNAME", "cn=admin," + distinguised_name)
password = os.environ.get("LDAP_PASSWORD", "admin")
AUTH_LDAP_SERVER_URI = host
AUTH_LDAP_BIND_DN = username
AUTH_LDAP_BIND_PASSWORD = password
AUTH_LDAP_USER_SEARCH = LDAPSearch(distinguised_name, ldap.SCOPE_SUBTREE, '(uid=%(user)s)')
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment