I would like when a user creates an account in Django, that the user information :
- Username
- Password
- Email
- First and Last Name
- Mobile
Gets also populated in my LDAP server. Also when the user get deactivated, this gets reflected in LDAP.
Authentication will still be done in Django.
I need the user information as i have another application which is getting the user info from LDAP. I need both to be have the same user universe.
Are there any snippet that does that already ?
I saw many code to authenticate thourgh LDAP, but what i really need is to populate the LDAP directory with my Django user on the fly
Thanks for your help
Check out this snippet, it should do exactly what you're after (a bit old though, so YMMV with newer django)
Related
I am using django-python3-ldap for LDAP authentication in Django. This works completely fine but whenever an LDAP user is (successfully) authenticated the user details are stored in the local Django database (auth_user table).
My question now is when the same
(LDAP) user tries to authenticate next time, the user will be authenticated by LDAP or by the default Django authentication (since the user details are now stored in the local Django database)?
If the user is authenticated using local Django database then the user can still able to get access even after the user is removed from the LDAP server? This is a real concern for me?.
If this is the case is there a way, so that the LDAP user details is removed from the database (auth_user table) everytime the user is logged out and created every time the user is logged in?. Any help in the right direction is highly appreciated. Thank you for your valuable inputs.
From the documentation:
When a user attempts to authenticate, a connection is made to the LDAP
server, and the application attempts to bind using the provided
username and password. If the bind attempt is successful, the user
details are loaded from the LDAP server and saved in a local Django
User model. The local model is only created once, and the details will
be kept updated with the LDAP record details on every login.
It authenticates by binding each time, and updates the information from LDAP (as you have it configured) each time. The Django user won't be removed from Django's user table if removed from LDAP; if you set multiple auth backends to also using the Django default auth, the user should be able to login (perhaps after a password reset) if removed from LDAP. If you look in your auth_user table you will noticed users using Django auth have their passwords hashed with pbkdf2_sha256, and the LDAP users passwords do not.
I am using Django rest framework to build my application backend. I have used Django-rest-auth (https://github.com/Tivix/django-rest-auth) to enable login and registration for my app. It is already working.
However as per my new requirement, I have a list of usernames and only those usernames can register into my system. How can I achieve this?
I had few ideas (do not know if they make total sense):
1. A new model to store usernames, so that in future more usernames can be added via admin interface
2. Whenever a user makes a call from client: the entered username is checked against this new usernames table and if it exists in the table registration is allowed.
Or there can be a still easier way to do this? Any code snippets?
I'm currently using django-auth-ldap to authenticate with LDAP, and I've looked through all the docs for the library, it doesn't mention what happens to the django database when the database we are authenticating against removes the user.
I know we can do a check when we authenticate to make sure if the user is removed, but how do I clean up the user since a user will be created if it's successfully authenticated. Do I just do it like I'd normally do with Django user object?
Thank you!
I am trying to integrate django sanction into my blog app (django newbie here), but I seem not to be able to "logout" the user after the login process (using Google OAuth2.0).
The entire process seems pain free - i.e I am able to get all user details on my db, and able to access user details on my django templates, but, when I logout and try to log back in, it seems to remember my credentials (cookies?). I am trying to logout from here
p.s: I am developing on localhost - wondering if this is the problem(?)
See here: How to force user logout in django?
quote:
I don't think there is a sanctioned way to do this in Django yet.
The user id is stored in the session object, but it is encoded. Unfortunately, that means you'll have to iterate through all sessions, decode and compare...
I have a cakephp application that has a users database and currently has approximately 50 users.
I was wondering what would be the best way to migrate the application to django without affecting the users.
I am concerned because the passwords are all encrypted of course, and most probably the encryption will not be the same in django.
The simplest approach would be to create the users with random passwords in your new application, then when switching send them an invitation with a login link. Take a look at this app: https://github.com/fajran/django-loginurl
Then ask the users to choose a password when they login the first time.
Second way, not so nice - but if you don't want to ask for the password again and you don't have a way to decrypt the existing one:
Modify your existing application in a way that it sends the username and password (taken from the existing login form - so you have it in cleartext) to the new backend. Then pull the profile from the legacy-app to the new one and create/migrate the user-profile.