LDAP登录FLASK
[英]LDAP-login FLASK
问题描述
I am using FLASK_LDAP_AUTH for login system. 
我正在使用FLASK_LDAP_AUTH作为登录系统。 I am checking a another server server AD to login. 我正在检查另一个服务器服务器AD进行登录。 but when i run it only look at my local host ? 但是当我运行它时,只查看我的本地主机? also it keep saying following error 401 {"error": "unauthorized", "message": "Please authenticate with a valid token", "status": 401} 它也一直说以下错误401 {“错误”:“未经授权”,“消息”:“请使用有效令牌进行身份验证”,“状态”:401}
app.config['SECRET_KEY'] = 'somethingsecret'
app.config['LDAP_AUTH_SERVER'] = 'ldap://serverIP'
app.config['LDAP_TOP_DN'] = 'ou=Users,dc=your_org,dc=TEST.domain'
app.register_blueprint(token, url_prefix='/auth')
In this link https://github.com/drowolath/flask-ldap-auth its say something with token which is not clear. 在此链接https://github.com/drowolath/flask-ldap-auth中,它说的带有一些不清楚的令牌。 Hope anyone can help 希望任何人都能帮助
1 个解决方案
解决方案1
0 已采纳 2018-09-28 14:30:02
Looks like this auth project basically uses a token in lieu of a cookie to maintain auth in a session. 看起来这个auth项目基本上使用令牌代替cookie来维护会话中的auth。 Without a token, your authentication attempt is never even getting to the point of talking to the directory server. 没有令牌,您的身份验证尝试甚至无法达到与目录服务器对话的目的。 The verify_auth_token function fails with a bad signature error (specifically "BadSignature: No '.' found in value"). verify_auth_token函数失败,并出现错误的签名错误(特别是“ BadSignature:在值中找不到'。'”)。 Without tracing, though, the only output you get is the 401 error that you see. 但是,如果不进行跟踪,唯一的输出就是看到的401错误。
The authentication process is two step -- first obtain a token from the URL http://127.0.0.1:5000/auth/request-token . 身份验证过程分为两个步骤-首先从URL http://127.0.0.1:5000/auth/request-token获取令牌。 Assuming valid credentials are supplied, the URL returns JSON containing the token. 假设提供了有效的凭据,则URL返回包含令牌的JSON。 Depending on how you are using the token, you may need to base64 encode it (the httpie example on the GitHub page handles this for you, but the example below includes the explicit encoding step). 根据您使用令牌的方式,可能需要对令牌进行base64编码( GitHub页面上的httpie示例为您处理了此令牌,但以下示例包括显式编码步骤)。
You then use the token when accessing subsequent pages, for instance http://127.0.0.1:5000/ 然后,您可以在访问后续页面时使用令牌,例如http://127.0.0.1:5000/
import requests
import base64
API_ENDPOINT = "http://127.0.0.1:5000/auth/request-token"
SITE_URL = "http://127.0.0.1:5000/"
tupleAuthValues = ("userIDToTest", "P@s5W0Rd2T35t")
tokenResponse = requests.post(url = API_ENDPOINT, auth=tupleAuthValues)
if(tokenResponse.status_code is 200):
jsonResponse = tokenResponse.json()
strToken = jsonResponse['token']
print("The token is %s" % strToken)
strB64Token = base64.b64encode(strToken)
print("The base64 encoded token is %s" % strB64Token)
strHeaders = {'Authorization': 'Basic {}'.format(strB64Token)}
responseSiteAccess = requests.get(SITE_URL, headers=strHeaders)
print(responseSiteAccess.content)
else:
print("Error requesting token: %s" % tokenResponse.status_code)
Running the code above, you get: 运行上面的代码,您将获得:
[lisa@linux02 flask-ldap]# python authtest.py
The token is eyJhbGciOiJIUzI1NiIsImV4cCI6MTUzODE0NzU4NiwiaWF0IjoxNTM4MTQzOTg2fQ.eyJ1c2VybmFtZSI6ImdhdXNzIn0.FCJrECBlG1B6HQJKwt89XL3QrbLVjsGyc-NPbbxsS_U:
The base64 encoded token is ZXlKaGJHY2lPaUpJVXpJMU5pSXNJbVY0Y0NJNk1UVXpPREUwTnpVNE5pd2lhV0YwSWpveE5UTTRNVFF6T1RnMmZRLmV5SjFjMlZ5Ym1GdFpTSTZJbWRoZFhOekluMC5GQ0pyRUNCbEcxQjZIUUpLd3Q4OVhMM1FyYkxWanNHeWMtTlBiYnhzU19VOg==
Hello, world
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.