Models
- class nginx_ldap_auth.app.models.UserManager[source]
-
- settings
The application settings
- pool: TimeLimitedAIOConnectionPool | None
The LDAP connection pool
- client() LDAPClient [source]
Return a new LDAP client instance.
If
nginx_ldap_auth.settings.Settings.ldap_starttls
isTrue
, the client will be configured to use TLS.
- async authenticate(username: str, password: str) bool [source]
Authenticate a user against the LDAP server.
- Parameters:
username – the username to authenticate
password – the password to authenticate with
- Raises:
LDAPError – if an error occurs while communicating with the LDAP server
- Returns:
True
if the user is authenticated,False
otherwise
- async exists(username: str) bool [source]
Return
True
if the user exists in the LDAP directory,False
otherwise.- Parameters:
username – the username to check
- Raises:
LDAPError – if an error occurred while communicating with the LDAP server
AuthenticationError – if the LDAP server rejects the credentials of
nginx_ldap_auth.settings.Settings.ldap_binddn
andnginx_ldap_auth.settings.Settings.ldap_password
- Returns:
True
if the user exists in the LDAP directory,False
otherwise
- async is_authorized(username: str) bool [source]
Test whether the user is authorized to log in. This is done by performing an LDAP search using the filter specified in
nginx_ldap_auth.settings.Settings.ldap_authorization_filter
. If that setting isNone
, the user is considered authorized.- Parameters:
username – the username to check
- Raises:
LDAPError – if an error occurred while communicating with the LDAP server
AuthenticationError – if the LDAP server rejects the credentials of
nginx_ldap_auth.settings.Settings.ldap_binddn
andnginx_ldap_auth.settings.Settings.ldap_password
- Returns:
True
if the user is authorized to log in,False
otherwise.
- async get(username: str) User | None [source]
Get a user from the LDAP directory, and return it as a
User
. When getting the user, we will use the LDAP search filter specified innginx_ldap_auth.settings.Settings.ldap_get_user_filter
.- Parameters:
username – the username for which to get user information
- Raises:
LDAPError – if an error occurred while communicating with the LDAP server
AuthenticationError – if the LDAP server rejects the credentials of
nginx_ldap_auth.settings.Settings.ldap_binddn
andnginx_ldap_auth.settings.Settings.ldap_password
- Returns:
The user information as a
User
instance, orNone
if the user is not returned by the LDAP search filter