django-auth-ldap - 在自定义视图中显示来自 LDAP 的用户信息

Question

我正在使用具有以下设置的 django-auth-ldap，因为 ldap 服务器上没有默认/全局“管理员”用户，它仅用于验证用户，用户自己可能会看到他们的用户信息。

AUTH_LDAP_BIND_AS_AUTHENTICATING_USER=True

在django-ldap-debug.log 中，当（作为登录用户）在视图LDAPBackend().populate_user(request.user.username) 中调用时出现以下错误

search_s('uid=vchrizz,ou=Users,dc=funkfeuer,dc=at', 0, '(objectClass=*)') raised NO_SUCH_OBJECT({'desc': 'No such object'},)
search_s('uid=vchrizz,ou=Users,dc=funkfeuer,dc=at', 0, '(objectClass=*)') returned 0 objects: 

仅在登录时（使用来自django.contrib.auth.decorators 的login_required）它似乎返回一个用户对象：

search_s('uid=vchrizz,ou=Users,dc=funkfeuer,dc=at', 0, '(objectClass=*)') returned 1 objects: uid=vchrizz,ou=users,dc=funkfeuer,dc=at

然后我注意到，我需要设置

AUTH_LDAP_BIND_DN
AUTH_LDAP_BIND_PASSWORD

要摆脱错误，但首先我不想指定一个带密码的用户（因为 bind_as_authenticating_user），第二个 populate_user() 仍然返回 NoneType ...

为什么？ ldap如何获取返回的用户信息？

我的目标是在我的自定义 /userinfo/ 视图中显示来自 ldap-user 的所有 ldap 用户信息，例如 uidNumber。 http://pastebin.com/VqGiwzFE

谢谢，克里斯

Answer 1

最后auth.authenticate 不见了，我不得不 rtfm：

Storing additional information about users 这是获取用户信息的首选方式，而不是我正在寻找的方式。

settings.py：

AUTH_LDAP_PROFILE_ATTR_MAP = {
    "uid": "uid",
    "cn": "cn",
    "sn": "sn",
    "givenName": "givenName",
    "userPassword": "userPassword",
    "shadowLastChange": "shadowLastChange",
    "shadowMax": "shadowMax",
    "shadowWarning": "shadowWarning",
    "loginShell": "loginShell",
    "uidNumber": "uidNumber",
    "gidNumber": "gidNumber",
    "homeDirectory": "homeDirectory",
    "gecos": "gecos",
    "mail": "mail",
    "l": "l",
    "telephoneNumber": "telephoneNumber",
}
AUTH_PROFILE_MODULE = 'myapp.UserProfile'

models.py：

from django.db import models
from django.contrib.auth.models import User
from django.db.models.signals import post_save

class UserProfile(models.Model):
    # This field is required.
    user = models.OneToOneField(User)
    # Other fields here
    uid = models.CharField(max_length=254)
    cn = models.CharField(max_length=254)
    sn = models.CharField(max_length=254)
    givenName = models.CharField(max_length=254)
    userPassword = models.CharField(max_length=254)
    shadowLastChange = models.IntegerField(null=True)
    shadowMax = models.IntegerField(null=True)
    shadowWarning = models.IntegerField(null=True)
    loginShell = models.CharField(max_length=254)
    uidNumber = models.IntegerField(null=True)
    gidNumber = models.IntegerField(null=True)
    homeDirectory = models.CharField(max_length=254)
    gecos = models.CharField(max_length=254)
    mail = models.EmailField(max_length=254)
    l = models.CharField(max_length=254)
    telephoneNumber = models.CharField(max_length=254)

def create_user_profile(sender, instance, created, **kwargs):
    #if created:
    #    UserProfile.objects.create(user=instance)
    UserProfile.objects.get_or_create(user=instance)

post_save.connect(create_user_profile, sender=User)

views.py：

from django.contrib.auth.decorators import login_required
from django.http import HttpResponseRedirect
from django.shortcuts import render
from myapp.models import UserProfile

@login_required
def userinfo(request):
    try:
        ldapuserprofile = UserProfile.objects.get(uid=request.user.username)
    except UserProfile.DoesNotExist:
        return HttpResponseRedirect('/login/')
    context = {'request': request, 'ldapuser': ldapuserprofile,}
    return render(request, 'myapp/userinfo.html', context)

然后在html模板中可以访问{{ ldapuser.givenName }}

也许它对某人有帮助。

谢谢，克里斯