- Sep 05, 2015
-
-
admiralobvious authored
-
admiralobvious authored
-
admiralobvious authored
-
admiralobvious authored
-
- Sep 01, 2015
-
-
Alexandre Ferland authored
Works properly with OpenLDAP directories
-
- Aug 27, 2015
-
-
Jose Manuel Lopez Lujan authored
-
- Aug 21, 2015
-
-
Jose Manuel Lopez Lujan authored
LDAP_GROUP_MEMBER_FILTER, LDAP_GROUP_MEMBER_FILTER_FIELD - Examples: basic_auth/app_oldap.py and groups/app_oldap.py - Updated README.md with a more instructions - PEP8 check closes #16 closes #15 closes #14
-
Jose Manuel Lopez Lujan authored
- Three configuration directives have been added: LDAP_OPENLDAP, LDAP_GROUP_MEMBER_FILTER, LDAP_GROUP_MEMBER_FILTER_FIELD - Examples: basic_auth/app_oldap.py and groups/app_oldap.py - Updated README.md with a more instructions closes #16 closes #15 closes #14
-
- Jan 22, 2015
-
-
admiralobvious authored
Merged PRs: #11 and #13. Fixed some PEP 8 issues and typos.
-
Alexandre Ferland authored
Only trust .bind_user() with a non-empty password.
-
Alexandre Ferland authored
Login redirect to original requested page
-
- Jan 18, 2015
-
-
Timothy Allen authored
There are two reasons one migh call .bind_user(): you might want to connect to an LDAP server and perform operations on that user's behalf, or you might want to check whether a username and password pair are valid. Unfortunately, if you give the password as an empty string, many LDAP servers will grant you access as an anonymous user, regardless of the username you ask for, so just because .bind_user() accepts a username/password pair doesn't mean that's the correct password for that user. Therefore: - I've added a warning to the bind_user() docstring. - I've modified the `basic_auth_required()` decorator to guard against empty passwords. - I've modified the various code examples to guard against empty passwords.
-
- Jan 06, 2015
-
-
Chris Seymour authored
-
Chris Seymour authored
-
- Dec 07, 2014
-
-
admiralobvious authored
-
admiralobvious authored
-
admiralobvious authored
-
admiralobvious authored
-
admiralobvious authored
implements HTTP Basic Auth and fixes issue #4.
-
- Nov 24, 2014
-
-
Alexandre Ferland authored
Update AUTHORS
-
- Nov 23, 2014
-
-
Timothy Allen authored
-
Alexandre Ferland authored
Basic auth decorator
-
- Nov 19, 2014
-
-
Timothy Allen authored
-
Timothy Allen authored
This is much less flexible than .login_required() (because HTTP authentication is less flexible than custom login pages), but easier to use in a simple proof-of-concept.
-
Timothy Allen authored
Now .login_required() and .group_required() document what they require LDAP_LOGIN_VIEW to do.
-
- Sep 06, 2014
-
-
admiralobvious authored
-
admiralobvious authored
Fixes #3.
-
- Aug 21, 2014
-
-
admiralobvious authored
to link to the new example using blueprints and app factories
-
- Aug 19, 2014
-
-
admiralobvious authored
-
- Aug 15, 2014
-
-
Alexandre Ferland authored
Use a python code block for syntax rendering
-
-
Chris Seymour authored
-
cseymour authored
-
Alexandre Ferland authored
-
- Aug 14, 2014
-
-
Chris Seymour authored
-
- Aug 10, 2014
-
-
admiralobvious authored
-
admiralobvious authored
-
admiralobvious authored
-
admiralobvious authored
-
admiralobvious authored
-