Use JWT Auth for authenticate against LDAP service

2018-06-11 18:13:19

I'm creating a web services that use JWT Auth. I'm using django-rest-framework-jwt for that. I want my users could authenticate using their ldap accounts. I have found that there's a Django authentication backend that authenticates against an LDAP service. The function that does the authentication in django-rest-framework-jwt is coded like this :

def authenticate_credentials(self, payload):
    try:
        user_id = payload.get('user_id')

        if user_id:
            user = User.objects.get(pk=user_id, is_active=True)
        else:
            msg = 'Invalid payload'
            raise exceptions.AuthenticationFailed(msg)
    except User.DoesNotExist:
        msg = 'Invalid signature'
        raise exceptions.AuthenticationFailed(msg)

    return user

The function looks in the User model to authenticate the user. I think that even if I setup the ldap backend, it will never work. Am I right? If yes what can I change to be able to use JWT Auth and be able to authenticate against LDAP service?

Every Django authentication backend has a very simple API. Normally, they're installed in the AUTHENTICATION_BACKENDS setting, but there's nothing stopping you from using them manually:

from django_auth_ldap.backend import LDAPBackend

user = LDAPBackend().authenticate(username, password)

This is assuming that users are authenticating with a username and password. If you need to authenticate against LDAP by some other means, then you're probably on your own.

One thing to keep in mind is that every authentication backend will create/return the same User model objects. So assuming a user has been authenticated once, your user_id-based code above should be compatible with any underlying backend.

链接地址: http://www.djcxy.com/p/33694.html

上一篇: Django非唯一的用户名字段警告

下一篇: 使用JWT Auth进行LDAP服务验证