From eccc3057b6b6ccf16096558b031c6b3dc630c330 Mon Sep 17 00:00:00 2001
From: Nickolay Ponomarev <Nickolay.Ponomarev@glowbyteconsulting.com>
Date: Sat, 5 Oct 2019 04:50:21 +0300
Subject: [PATCH] Sync up `examples/basic_auth` with the README

As noted in:
https://github.com/admiralobvious/flask-simpleldap/issues/5
https://github.com/admiralobvious/flask-simpleldap/issues/43

- @login_required can't be used without like that, so it makes sense to
  replace it with the more basic `@basic_auth_required`.
- It's easy to forget to configure `LDAP_HOST`, and many people probably
  are trying to connect to a pre-existing directory, instead of bringing
  up their own.
---
 README.md                        | 32 ++++++++++++++------------------
 examples/basic_auth/app.py       |  7 ++-----
 examples/basic_auth/app_oldap.py | 17 ++++++++++++-----
 3 files changed, 28 insertions(+), 28 deletions(-)

diff --git a/README.md b/README.md
index 51e0975..1546392 100644
--- a/README.md
+++ b/README.md
@@ -18,30 +18,29 @@ Flask-SimpleLDAP depends, and will install for you, recent versions of Flask
 (0.12.4 or later) and [python-ldap](https://python-ldap.org/).
 Please consult the [python-ldap installation instructions](https://www.python-ldap.org/en/latest/installing.html) if you get an error during installation.
 
-Next, add a ``LDAP`` instance to your code and at least the three
-required configuration options:
+Next, add an ``LDAP`` instance to your code and at least the three
+required configuration options. The complete sample from
+[examples/basic_auth/app.py](examples/basic_auth/app.py) looks like this:
 
 ```python
-from flask import Flask
+from flask import Flask, g
 from flask_simpleldap import LDAP
 
 app = Flask(__name__)
+#app.config['LDAP_HOST'] = 'ldap.example.org'  # defaults to localhost
 app.config['LDAP_BASE_DN'] = 'OU=users,dc=example,dc=org'
 app.config['LDAP_USERNAME'] = 'CN=user,OU=Users,DC=example,DC=org'
 app.config['LDAP_PASSWORD'] = 'password'
 
 ldap = LDAP(app)
 
-
-@app.route('/ldap')
-@ldap.login_required
-def ldap_protected():
-    return 'Success!'
-
+@app.route('/')
+@ldap.basic_auth_required
+def index():
+    return 'Welcome, {0}!'.format(g.ldap_username)
 
 if __name__ == '__main__':
     app.run()
-
 ```
 
 You can take a look at [examples/groups](examples/groups) for a more complete 
@@ -61,7 +60,7 @@ configuration, add the following at least LDAP_USER_OBJECT_FILTER and
 LDAP_USER_OBJECT_FILTER.
 
 ```python
-from flask import Flask
+from flask import Flask, g
 from flask_simpleldap import LDAP
 
 app = Flask(__name__)
@@ -86,16 +85,13 @@ app.config['LDAP_GROUP_MEMBER_FILTER_FIELD'] = "cn"
 
 ldap = LDAP(app)
 
-
-@app.route('/ldap')
-@ldap.login_required
-def ldap_protected():
-    return 'Success!'
-
+@app.route('/')
+@ldap.basic_auth_required
+def index():
+    return 'Welcome, {0}!'.format(g.ldap_username)
 
 if __name__ == '__main__':
     app.run()
-
 ```
 
 Resources
diff --git a/examples/basic_auth/app.py b/examples/basic_auth/app.py
index efe7465..e9e745f 100644
--- a/examples/basic_auth/app.py
+++ b/examples/basic_auth/app.py
@@ -1,11 +1,8 @@
-from flask import Flask, g, request, session, redirect, url_for
+from flask import Flask, g
 from flask_simpleldap import LDAP
 
 app = Flask(__name__)
-app.secret_key = 'dev key'
-app.debug = True
-
-app.config['LDAP_HOST'] = 'ldap.example.org'
+#app.config['LDAP_HOST'] = 'ldap.example.org'  # defaults to localhost
 app.config['LDAP_BASE_DN'] = 'OU=users,dc=example,dc=org'
 app.config['LDAP_USERNAME'] = 'CN=user,OU=Users,DC=example,DC=org'
 app.config['LDAP_PASSWORD'] = 'password'
diff --git a/examples/basic_auth/app_oldap.py b/examples/basic_auth/app_oldap.py
index d795e45..4155130 100644
--- a/examples/basic_auth/app_oldap.py
+++ b/examples/basic_auth/app_oldap.py
@@ -1,19 +1,26 @@
-from flask import Flask, g, request, session, redirect, url_for
+from flask import Flask, g
 from flask_simpleldap import LDAP
 
 app = Flask(__name__)
-app.secret_key = 'dev key'
-app.debug = True
 
-app.config['LDAP_OPENLDAP'] = True
-app.config['LDAP_OBJECTS_DN'] = 'dn'
+# Base
 app.config['LDAP_REALM_NAME'] = 'OpenLDAP Authentication'
 app.config['LDAP_HOST'] = 'openldap.example.org'
 app.config['LDAP_BASE_DN'] = 'dc=users,dc=openldap,dc=org'
 app.config['LDAP_USERNAME'] = 'cn=user,ou=servauth-users,dc=users,dc=openldap,dc=org'
 app.config['LDAP_PASSWORD'] = 'password'
+
+# OpenLDAP
+app.config['LDAP_OPENLDAP'] = True
+app.config['LDAP_OBJECTS_DN'] = 'dn'
 app.config['LDAP_USER_OBJECT_FILTER'] = '(&(objectclass=inetOrgPerson)(uid=%s))'
 
+# Groups
+app.config['LDAP_GROUP_MEMBERS_FIELD'] = "uniquemember"
+app.config['LDAP_GROUP_OBJECT_FILTER'] = "(&(objectclass=groupOfUniqueNames)(cn=%s))"
+app.config['LDAP_GROUP_MEMBER_FILTER'] = "(&(cn=*)(objectclass=groupOfUniqueNames)(uniquemember=%s))"
+app.config['LDAP_GROUP_MEMBER_FILTER_FIELD'] = "cn"
+
 ldap = LDAP(app)
 
 @app.route('/')
-- 
GitLab