1

我想在 Django 中设置一个 LDAP 身份验证后端,并且我已经ldap3成功地确认了绑定。我现在意识到用 just 为我的 LDAP 后端编写一个类ldap3并不是那么简单,安装 django_auth_ldap可能是另一种探索途径。

我已经测试了一些代码来创建到 LDAP“服务器”的绑定,然后执行简单的搜索。一切都好。我测试的这个方法在我的 Django 框架之外。

在我的 Django 框架中实现相同的方法时,我在调用该方法时遇到了一个问题。由于打印语句,我知道view被调用为预期的,但是应该执行第一个“if”语句的代码部分不会被调用,除非我从“POST”更改为“GET”。但这似乎产生了下一个问题(当我设置为“GET”时,强制执行下一行),因为我希望随后调用登录页面,然后我可以在其中输入我的 LDAP 凭据,最终确认 LDAP 连接。这是我的代码:

 views.py

 def login_ldap(request):
    LDAP_SERVER = '10.222.4.88'
    searchFilter='random'
    print (request)
    print (LDAP_SERVER)  

print ("request.method:{0}".format(request.method))

if request.method == "GET":
    print ("if statement executed")
    username = request.GET['username']
    print ("U:{0}".format(username))
    password = request.GET['password']
    print ("P:{0}".format(password))

    # Define the server and bind_dn
    server = Server(LDAP_SERVER, get_info=ALL) 
    bind_dn = 'cn={0}, ou=Prod, ou=Extern, ou=User, ou=ABC, dc=DEF, dc=com'.format(username)
    # Define the Connection  
    conn = Connection(server, bind_dn, password, auto_bind=True) # Use raise_exceptions=True for exceptions 
    print ("search: {0}",format(conn.search))
    print ("conn: {0}",format(conn))
    conn.start_tls() #Session now on a secure channel. See output from following print statement and "tls started"
    print ("conn_tls: {0}",format(conn))
    d = conn.extend.standard.who_am_i() 
    print (d)
    #print ("Server Info: {0}",format(server.info))
    conn.open()
    conn.bind()

    # The LDAP search base for looking up users.
    LDAP_AUTH_SEARCH_BASE = "ou=ABC, dc=DEF, dc=com"

    if conn.bind():
        conn.search(
                 search_base=LDAP_AUTH_SEARCH_BASE,
                 search_filter= '(cn={})'.format(searchFilter), # This is the user being searched for
                 search_scope=SUBTREE # BASE & LEVEL also possible settings
                    ) 
        entry = conn.entries[0] 
        res = conn.bind()       
    print (res)

return render(request, 'search_page.html', {'entry':entry})

我的网页上收到的错误消息:

MultiValueDictKeyError at /login_ldap/
"'username'"
Request Method: GET
Request URL:    http://127.0.0.1:8000/login_ldap/
Django Version: 1.11
Exception Type: MultiValueDictKeyError
Exception Value:    
"'username'"

我认为这与 GET 方法有关,而不再与 POST 方法有关。为什么request.method在 Django 中实现时自动设置为 GET 而不是 POST?这个类是在正确的位置,在views.py文件中进行身份验证,还是应该有一个单独的文件?究竟应该包括settings.py什么(与 BACKEND_AUTH 相关)?

编辑:

views.py 

def login_view(request): 
if request.POST: 
username = request.POST['username'] 
print ("U:{0}".format(username)) 
password = request.POST['password'] 
print ("P:{0}".format(password)) 
user = authenticate(username=username, password=password) 
print (user) 
if user is not None: 
if user.is_active: 
login(request, user) 
return redirect('index') 
else: 
messages.error(request, "User is not active in Database") 
else: 
print ("Please check your credentials!") 
messages.error(request, "Please check your username and password!") 
return render(request, 'login.html') 


index.html 

<div class="row"> 
<div class="col-lg-3"></div> 
<div class="col-lg-6"><H1>This is the public page, Please <a href="{% url 'login_ldap' %}">Login</a></H1></div> 
</div> 


urls.py 

urlpatterns = [ 
url(r'^admin/', admin.site.urls), 
url(r'^login_ldap/$', login_ldap, name='login_ldap'), 
url(r'^login/$', login_view, name='login'), 
url(r'^logout/$', logout_view, name='logout'), 
url(r'^change_password/$', change_password, name='change_password'), 
url(r'^$', index, name='index'), 
] 

settings.py 

AUTHENTICATION_BACKENDS = ( 
'django.contrib.auth.backends.ModelBackend', 
)

search_page.html

{% load static %} 
<link rel="stylesheet" href="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/bootstrap.min.css" integrity="sha384-BVYiiSIFeK1dGmJRAkycuHAHRg32OmUcww7on3RYdg4Va+PmSTsz/K68vbdEjh4u" crossorigin="anonymous"> 
<link href='{% static "login.css" %}' rel="stylesheet"> 

<div class="wrapper"> 
<form method='post' action="" class="form-signin">{% csrf_token %} 
<h2 class="form-signin-heading">Please login</h2> 
<input type="text" class="form-control" name="username" placeholder="Username" required="" autofocus=""/> 
<br> 
<input type="password" class="form-control" name="password" placeholder="Password" required=""/> 
<br> 
<button class="btn btn-lg btn-primary btn-block" type="submit">Login</button> 
</form> 
</div>
4

1 回答 1

0

您可以使用 get() 函数来获取数据。

if request.method == "GET":
    print ("if statement executed")
    username = request.GET.get('username')

如需更多参考,您可以在此处查看,

Django中的MultiValueDictKeyError

关于 POST 方法,您可能需要在视图之前导入 csr_exempt 并使用装饰器。

from django.views.decorators.csrf import csrf_exempt
@csrf_exempt
def myView(request):
于 2018-06-11T07:17:51.783 回答