使用python-ldap实现登录方法-Python教程-PHP中文网

使用python-ldap实现登录方法

高洛峰

发布： 2017-03-21 13:31:53

原创

2307 人浏览过

这篇文章详解使用python-ldap实现登录方法

ldap_config = {
    &#39;ldap_path&#39;: &#39;ldap://xx.xx.xx.xx:389&#39;,
    &#39;base_dn&#39;: &#39;ou=users,dc=ledo,dc=com&#39;,
    &#39;ldap_user&#39;: &#39;uid=reporttest,ou=users,dc=ledo,dc=com&#39;,
    &#39;ldap_pass&#39;: &#39;111111.0&#39;,
    &#39;original_pass&#39;: &#39;111111.0&#39;
}

ldap_message = {
    0: 0, #&#39;ok&#39;
    1: 1, #&#39;用户名或密码错误&#39;
    2: 2, #ldap验证异常&#39;
}

import ldap
import base64
import hashlib
from config_message import ldap_config, ldap_message


class LDAP_API(object):

    _ldap_path = ldap_config[&#39;ldap_path&#39;]
    _base_dn = ldap_config[&#39;base_dn&#39;]
    _ldap_user = ldap_config[&#39;ldap_user&#39;]
    _ldap_pass = ldap_config[&#39;ldap_pass&#39;]
    _original_pass = ldap_config[&#39;original_pass&#39;]

    # 连接ldap服务器
    def __init__(self):

        try:
            self.ldapconn = ldap.initialize(self._ldap_path)
            self.ldapconn.protocal_version = ldap.VERSION3
            self.ldapconn.simple_bind(self._ldap_user, self._ldap_pass)

        except ldap.LDAPError, e:
            print e

    # 验证用户登录
    def ldap_check_login(self, username, password):

        obj = self.ldapconn
        searchScope = ldap.SCOPE_SUBTREE
        # searchFilter = &#39;(&(cn=&#39;+username+&#39;)(userPassword=&#39;+password+&#39;))&#39;
        searchFilter = &#39;uid=&#39; + username

        try:
            obj.search(self._base_dn, searchScope, searchFilter, None)  # id--2
            # 将上一步计算的id在下面运算
            result_type, result_data = obj.result(2, 0)
            if result_type != ldap.RES_SEARCH_ENTRY:
                return {&#39;status&#39;: ldap_message[1], &#39;data&#39;: &#39;&#39;}
            dic = result_data[0][1]
            l_realname = dic[&#39;sn&#39;][0]
            l_password = dic[&#39;userPassword&#39;][0]
            md_password = LDAP_API.hash_md5(password)
            if l_password in (password, md_password):
                return {&#39;status&#39;: ldap_message[0], &#39;data&#39;: l_realname}
            else:
                return {&#39;status&#39;: ldap_message[1], &#39;data&#39;: &#39;&#39;}
        except ldap.LDAPError, e:
            return {&#39;status&#39;: ldap_message[2], &#39;data&#39;: &#39;&#39;}

    @staticmethod
    def hash_md5(data):
        md = hashlib.md5()
        md.update(str(data))
        a = md.digest()
        b = &#39;{MD5}&#39; + base64.b64encode(a)
        return b

登录后复制

以上是使用python-ldap实现登录方法的详细内容。更多信息请关注PHP中文网其他相关文章！