I’m building an internal app for my company, and are looking into using ldap3 to connect to our exchange server to validate login credentials.
I am integrating into a flask app and have a login view with the following code
@authBP.route('login', methods=['GET', 'POST'])
def loginView():
form = LoginForm()
if form.validate_on_submit():
server = Server(current_app.config['LDAP_SERVER'], get_info=ALL)
connection = Connection(server,
user='domain{initials}'.format(initials=form.init.data),
password=form.passwd.data,
auto_bind=True)
if not connection.bind():
flash('not authenticated')
else:
flash('authenticated')
return redirect(url_for('indexBP.indexView'))
return render_template('auth/login.html', form=form)
The above code works fine when I login using my actual credentials, but when I try to login using wrong credentials I do not get a flash message, but in stead get an error 500 page and the following terminal error:
raise LDAPBindError(error) ldap3.core.exceptions.LDAPBindError: automatic bind not successful – invalidCredentials
Advertisement
Answer
When you use auto_bind=True, a LDAPBindError will be raised if credentials are wrong. I can see two solutions (the first one seems more pythonic to me):
# 1st one with try/except
try:
Connection(server, user='user', password='****', auto_bind=True)
flash('authenticated')
except LDAPBindError:
flash('not authenticated')
# 2d one with if and without auto_bind
conn = Connection(server, user='user', password='****')
if conn.bind():
flash('authenticated')
else:
flash('not authenticated')