login: use case-sensitive names for display/kerberos
parent
8476b58c1a
commit
1cced0d613
|
@ -111,12 +111,22 @@ def login_form():
|
|||
|
||||
@app.route('/login', methods=["POST"])
|
||||
def login_action():
|
||||
# LDAP usernames/DNs are case-insensitive, so we normalize them just in
|
||||
# case,
|
||||
username = flask.request.form.get("username", "").lower()
|
||||
password = flask.request.form.get("password", "")
|
||||
goto = flask.request.values.get("goto", "/")
|
||||
dn = config.dn_format % username
|
||||
|
||||
conn = connect_to_ldap(dn, password)
|
||||
if conn:
|
||||
# Now that we have logged in, we can retrieve the 'real' username (which
|
||||
# might be cased differently from the login name).
|
||||
res = conn.search_s(dn, ldap.SCOPE_SUBTREE)
|
||||
for (k, vs) in res[0][1].items():
|
||||
if k == 'uid':
|
||||
username = vs[0].decode()
|
||||
|
||||
flask.session["username"] = username
|
||||
flask.session['dn'] = dn
|
||||
context.refresh_profile()
|
||||
|
|
Loading…
Reference in New Issue