- Apr 11, 2017
-
-
admiralobvious authored
-
- Dec 20, 2016
-
-
Alexandre Ferland authored
Fix set_option call to LDAP for SSL CERT
-
- Dec 18, 2016
-
-
Kristof Marien authored
-
- Sep 08, 2016
-
-
Alexandre Ferland authored
-
Alexandre Ferland authored
-
Alexandre Ferland authored
-
- Jun 08, 2016
-
-
admiralobvious authored
-
Alexandre Ferland authored
-
Alexandre Ferland authored
-
admiralobvious authored
-
- Jun 06, 2016
-
-
Alexandre Ferland authored
-
- Jun 05, 2016
-
-
admiralobvious authored
-
admiralobvious authored
-
admiralobvious authored
-
admiralobvious authored
-
Alexandre Ferland authored
-
Alexandre Ferland authored
-
Alexandre Ferland authored
-
- Jan 04, 2016
-
-
Alexandre Ferland authored
-
- Sep 05, 2015
-
-
admiralobvious authored
-
admiralobvious authored
-
admiralobvious authored
-
admiralobvious authored
-
- Sep 01, 2015
-
-
Alexandre Ferland authored
Works properly with OpenLDAP directories
-
- Aug 27, 2015
-
-
Jose Manuel Lopez Lujan authored
-
- Aug 21, 2015
-
-
Jose Manuel Lopez Lujan authored
LDAP_GROUP_MEMBER_FILTER, LDAP_GROUP_MEMBER_FILTER_FIELD - Examples: basic_auth/app_oldap.py and groups/app_oldap.py - Updated README.md with a more instructions - PEP8 check closes #16 closes #15 closes #14
-
Jose Manuel Lopez Lujan authored
- Three configuration directives have been added: LDAP_OPENLDAP, LDAP_GROUP_MEMBER_FILTER, LDAP_GROUP_MEMBER_FILTER_FIELD - Examples: basic_auth/app_oldap.py and groups/app_oldap.py - Updated README.md with a more instructions closes #16 closes #15 closes #14
-
- Jan 22, 2015
-
-
admiralobvious authored
Merged PRs: #11 and #13. Fixed some PEP 8 issues and typos.
-
Alexandre Ferland authored
Only trust .bind_user() with a non-empty password.
-
Alexandre Ferland authored
Login redirect to original requested page
-
- Jan 18, 2015
-
-
Timothy Allen authored
There are two reasons one migh call .bind_user(): you might want to connect to an LDAP server and perform operations on that user's behalf, or you might want to check whether a username and password pair are valid. Unfortunately, if you give the password as an empty string, many LDAP servers will grant you access as an anonymous user, regardless of the username you ask for, so just because .bind_user() accepts a username/password pair doesn't mean that's the correct password for that user. Therefore: - I've added a warning to the bind_user() docstring. - I've modified the `basic_auth_required()` decorator to guard against empty passwords. - I've modified the various code examples to guard against empty passwords.
-
- Jan 06, 2015
-
-
Chris Seymour authored
-
Chris Seymour authored
-
- Dec 07, 2014
-
-
admiralobvious authored
-
admiralobvious authored
-
admiralobvious authored
-
admiralobvious authored
-
admiralobvious authored
implements HTTP Basic Auth and fixes issue #4.
-
- Nov 24, 2014
-
-
Alexandre Ferland authored
Update AUTHORS
-
- Nov 23, 2014
-
-
Timothy Allen authored
-