trying to get my Django authentication work with an LDAP server but I cannot login, I've managed to do it using forumsys test LDAP server using AUTH_LDAP_USER_DN_TEMPLATE, but adding both ou with LDAPSearchUnion (what I will need in my real project) it only shows "incorrect username/password" (my message in case of failed login)
Here's my settings.py:
AUTH_LDAP_SERVER_URI = "ldap://ldap.forumsys.com"
AUTH_LDAP_BIND_DN = "cn=read-only-admin,dc=example,dc=com"
AUTH_LDAP_BIND_PASSWORD = "password"
AUTH_LDAP_USER_SEARCH = LDAPSearchUnion(
LDAPSearch("ou=mathematicians,dc=example,dc=com",
ldap.SCOPE_SUBTREE, "(uid=%(user)s)"),
LDAPSearch("ou=scientists,dc=example,dc=com",
ldap.SCOPE_SUBTREE, "(uid=%(user)s)"),
)
AUTH_LDAP_USER_ATTR_MAP = {
'first_name': 'givenName',
'last_name': 'sn',
'email': 'mail',
}
AUTH_LDAP_ALWAYS_UPDATE_USER = True
AUTHENTICATION_BACKENDS = (
'django_auth_ldap.backend.LDAPBackend',
)
Views.py:
def login_page(request):
if request.user.is_authenticated:
return redirect("list")
context = {
'form': LoginForm,
}
if request.method == "POST":
form = LoginForm(request.POST)
if form.is_valid():
username = form.cleaned_data.get("username")
password = form.cleaned_data.get("password")
user = authenticate(request, username=username, password=password)
if user is not None:
login(request, user)
return redirect('list')
else:
messages.error(request, 'Wrong username or password')
return redirect("login")
return render(request, 'login.html', context)
Does anyone know what could I be doing wrong?
EDIT
I managed to do it by using this:
AUTH_LDAP_USER_SEARCH = LDAPSearch("ou=dc=example,dc=com",
ldap.SCOPE_SUBTREE, "(uid=%(user)s)")
But the idea is to add an OU (for example scientists) so only scientists can log in into the app.
