Add more options to ldap

app/models.py

@@ -20,6 +20,8 @@ if 'LDAP_TYPE' in app.config.keys():
     LDAP_PASSWORD = app.config['LDAP_PASSWORD']
     LDAP_SEARCH_BASE = app.config['LDAP_SEARCH_BASE']
     LDAP_TYPE = app.config['LDAP_TYPE']
+    LDAP_FILTER = app.config['LDAP_FILTER']
+    LDAP_USERNAMEFIELD = app.config['LDAP_USERNAMEFIELD']
 else:
     LDAP_TYPE = False
 
@@ -155,7 +157,8 @@ class User(db.Model):
                 return False
 
             if LDAP_TYPE == 'ldap':
-              searchFilter = "cn=%s" % self.username
+              searchFilter = "(&(%s=%s)%s)" % (LDAP_USERNAMEFIELD, self.username, LDAP_FILTER)
+              logging.info('Ldap searchFilter "%s"' % searchFilter)
             else:
               searchFilter = "(&(objectcategory=person)(samaccountname=%s))" % self.username
             try:
@@ -188,6 +191,7 @@ class User(db.Model):
                             # this might be changed in the future
                             self.firstname = result[0][0][1]['givenName'][0]
                             self.lastname = result[0][0][1]['sn'][0]
+                            self.email = result[0][0][1]['mail'][0]
                         except:
                             self.firstname = self.username
                             self.lastname = ''
@@ -214,7 +218,7 @@ class User(db.Model):
         We will create a local user (in DB) in order to manage user
         profile such as name, roles,...
         """
-        user = User(username=self.username, firstname=self.firstname, lastname=self.lastname, role_id=self.role_id)
+        user = User(username=self.username, firstname=self.firstname, lastname=self.lastname, role_id=self.role_id, email=self.email)
         db.session.add(user)
         db.session.commit()
         # assgine user_id to current_user after create in the DB

app/views.py

@@ -66,7 +66,7 @@ def login():
 
     if request.method == 'GET':
         LDAP_ENABLED = True if 'LDAP_TYPE' in app.config.keys() else False
-        LOGIN_TITLE = app.config['LOGIN_TITLE']
+        LOGIN_TITLE = app.config['LOGIN_TITLE'] if 'LOGIN_TITLE' in app.config.keys() else ''
         BASIC_ENABLED = app.config['BASIC_ENABLED']
         SIGNUP_ENABLED = app.config['SIGNUP_ENABLED']
         return render_template('login.html', ldap_enabled=LDAP_ENABLED, login_title=LOGIN_TITLE, basic_enabled=BASIC_ENABLED, signup_enabled=SIGNUP_ENABLED)

config_template.py

@@ -6,6 +6,7 @@ WTF_CSRF_ENABLED = True
 SECRET_KEY = 'We are the world'
 BIND_ADDRESS = '127.0.0.1'
 PORT = 9393
+LOGIN_TITLE = "PDNS"
 
 # TIMEOUT - for large zones
 TIMEOUT = 10
@@ -28,6 +29,9 @@ LDAP_URI = 'ldaps://your-ldap-server:636'
 LDAP_USERNAME = 'cn=dnsuser,ou=users,ou=services,dc=duykhanh,dc=me'
 LDAP_PASSWORD = 'dnsuser'
 LDAP_SEARCH_BASE = 'ou=System Admins,ou=People,dc=duykhanh,dc=me'
+# Additional options only if LDAP_TYPE=ldap
+LDAP_USERNAMEFIELD = 'uid'
+LDAP_FILTER = '(objectClass=inetorgperson)'
 
 #Default Auth
 BASIC_ENABLED = True