added example using blueprints/factories

examples/blueprints/blueprints/app.py

+from flask import Flask, g, session
+
+from .config import BaseConfig
+from .extensions import ldap
+from .core import core
+from .foo import foo
+
+DEFAULT_BLUEPRINTS = (
+    core,
+    foo
+)
+
+
+def create_app(config=None, app_name=None, blueprints=None):
+    if app_name is None:
+        app_name = BaseConfig.PROJECT
+    if blueprints is None:
+        blueprints = DEFAULT_BLUEPRINTS
+    app = Flask(app_name)
+    configure_app(app, config)
+    register_hooks(app)
+    register_blueprints(app, blueprints)
+    register_extensions(app)
+    return app
+
+
+def configure_app(app, config=None):
+    if config:
+        app.config.from_object(config)
+
+
+def register_hooks(app):
+    @app.before_request
+    def before_request():
+        g.user = None
+        if 'user_id' in session:
+            # This is where you'd query your database to get the user info.
+            g.user = {}
+            # Create a global with the LDAP groups the user is a member of.
+            g.ldap_groups = ldap.get_user_groups(user=session['user_id'])
+
+
+def register_blueprints(app, blueprints):
+    for blueprint in blueprints:
+        app.register_blueprint(blueprint)
+
+
+def register_extensions(app):
+    ldap.init_app(app)

examples/blueprints/blueprints/config.py

+class BaseConfig(object):
+    PROJECT = 'foo'
+    SECRET_KEY = 'dev key'
+    DEBUG = True
+
+    # LDAP
+    LDAP_HOST = 'ldap.example.org'
+    LDAP_BASE_DN = 'OU=users,dc=example,dc=org'
+    LDAP_USERNAME = 'CN=user,OU=Users,DC=example,DC=org'
+    LDAP_PASSWORD = 'password'
+    LDAP_LOGIN_VIEW = 'core.login'

examples/blueprints/blueprints/core/__init__.py

+from .views import core

examples/blueprints/blueprints/core/views.py

+from flask import Blueprint, g, request, session, redirect, url_for
+from ..extensions import ldap
+
+core = Blueprint('core', __name__)
+
+
+@core.route('/')
+@ldap.login_required
+def index():
+    return 'Successfully logged in!'
+
+
+@core.route('/login', methods=['GET', 'POST'])
+def login():
+    if g.user:
+        return redirect(url_for('index'))
+    if request.method == 'POST':
+        user = request.form['user']
+        passwd = request.form['passwd']
+        test = ldap.bind_user(user, passwd)
+        if test is None:
+            return 'Invalid credentials'
+        else:
+            session['user_id'] = request.form['user']
+            return redirect('/')
+    return """<form action="" method="post">
+                user: <input name="user"><br>
+                password:<input type="password" name="passwd"><br>
+                <input type="submit" value="Submit"></form>"""
+
+
+@core.route('/group')
+@ldap.group_required(groups=['Web Developers', 'QA'])
+def group():
+    return 'Group restricted page'
+
+
+@core.route('/logout')
+def logout():
+    session.pop('user_id', None)
+    return redirect(url_for('index'))

examples/blueprints/blueprints/extensions.py

+from flask.ext.simpleldap import LDAP
+ldap = LDAP()

examples/blueprints/blueprints/foo/__init__.py

+from .views import foo

examples/blueprints/blueprints/foo/views.py

+from flask import Blueprint
+from ..extensions import ldap
+
+foo = Blueprint('foo', __name__, url_prefix='/foo')
+
+
+@foo.route('/group')
+@ldap.group_required(groups=['Web Developers', 'QA'])
+def group():
+    return 'Group restricted page in foo module'

examples/blueprints/run.py

+from blueprints.app import create_app
+from blueprints.config import BaseConfig
+
+app = create_app(BaseConfig)
+
+if __name__ == "__main__":
+    app.run()