Add better debugging to LDAP
This commit is contained in:
Joseph Schorr
parent
469f25b64c
commit
f9c1f123c2
1 changed files with 6 additions and 0 deletions
|
|
@ -52,11 +52,15 @@ class LDAPUsers(object):
|
|||
user_search_dn = ','.join(self._user_rdn + self._base_dn)
|
||||
query = u'(|({0}={2})({1}={2}))'.format(self._uid_attr, self._email_attr,
|
||||
username_or_email)
|
||||
|
||||
logger.debug('Conducting user search: %s => %s', user_search_dn, query)
|
||||
user = conn.search_s(user_search_dn, ldap.SCOPE_SUBTREE, query.encode('utf-8'))
|
||||
|
||||
logger.debug('Found user data: %s', user)
|
||||
if len(user) != 1:
|
||||
return None
|
||||
|
||||
logger.debug('Found user: %s', user[0])
|
||||
return user[0]
|
||||
|
||||
def verify_user(self, username_or_email, password):
|
||||
|
|
@ -75,10 +79,12 @@ class LDAPUsers(object):
|
|||
found_dn, found_response = found_user
|
||||
|
||||
# First validate the password by binding as the user
|
||||
logger.debug('Found user %s; validating password', username_or_email)
|
||||
try:
|
||||
with LDAPConnection(self._ldap_uri, found_dn, password.encode('utf-8')):
|
||||
pass
|
||||
except ldap.INVALID_CREDENTIALS:
|
||||
logger.exception('Invalid LDAP credentials')
|
||||
return None
|
||||
|
||||
# Now check if we have a federated login for this user
|
||||
|
|
|
|||
Reference in a new issue