Use connections saved on flask.g.ldap_conn

This could be useful if we want to connect as a user for the current request: g.ldap_conn = ldap.connect(binddn, secret)
rroemhild · Oct 11, 2015 · 352273f · 352273f
1 parent 36500b0
commit 352273f
Show file tree

Hide file tree

Showing 6 changed files with 30 additions and 12 deletions.
diff --git a/CHANGELOG.rst b/CHANGELOG.rst
@@ -1,7 +1,12 @@
 Changelog
 =========
 
-0.6.6 (2015-08-10)
+0.6.7 (2015-10-11)
+------------------
+
+* Use connections saved on flask.g.ldap_conn
+
+0.6.6 (2015-10-8)
 ------------------
 * Return manager class in queries instead of fix LDAPEntry class
 * Update six 1.9.0 -> 1.10.0

diff --git a/README.rst b/README.rst
@@ -159,6 +159,16 @@ Authenticate with Client
         return 'Welcome %s.' % username
 
 
+Bind as user
+------------
+
+To bind as user for the current request save a new connection to ``flask.g.ldap_conn``:
+
+.. code-block:: python
+
+    g.ldap_conn = ldap.connect(userdn, password)
+    user = User.query.get(userdn)
+
 Unit Test
 ---------
 

diff --git a/flask_ldapconn/__init__.py b/flask_ldapconn/__init__.py
@@ -1,6 +1,6 @@
 # -*- coding: utf-8 -*-
 from ssl import CERT_REQUIRED, PROTOCOL_TLSv1
-from flask import current_app
+from flask import current_app, g
 from flask import _app_ctx_stack as stack
 from ldap3 import Server, Connection, Tls
 from ldap3 import STRATEGY_SYNC, GET_ALL_INFO, SUBTREE
@@ -21,8 +21,8 @@ def __init__(self, app=None):
 
         self.Entry = LDAPEntry
         self.Attribute = LDAPAttribute
-
         self.Model = self.Entry
+        self._app = app
 
         if app is not None:
             self.init_app(app)
@@ -82,19 +82,25 @@ def connect(self, user, password):
         return ldap_conn
 
     def teardown(self, exception):
+        if hasattr(g, 'ldap_conn'):
+            g.ldap_conn.unbind()
+
         ctx = stack.top
         if hasattr(ctx, 'ldap_conn'):
             ctx.ldap_conn.unbind()
 
     @property
     def connection(self):
-        user = current_app.config['LDAP_BINDDN']
-        password = current_app.config['LDAP_SECRET']
+        if hasattr(g, 'ldap_conn'):
+            return g.ldap_conn
 
         ctx = stack.top
         if ctx is not None:
             if not hasattr(ctx, 'ldap_conn'):
-                ctx.ldap_conn = self.connect(user, password)
+                ctx.ldap_conn = self.connect(
+                    current_app.config['LDAP_BINDDN'],
+                    current_app.config['LDAP_SECRET']
+                )
             return ctx.ldap_conn
 
     def authenticate(self,

diff --git a/flask_ldapconn/entry.py b/flask_ldapconn/entry.py
@@ -134,9 +134,7 @@ def get_entry_modify_dict(self, attr_dict):
 
     @property
     def connection(self):
-        app = current_app._get_current_object()
-        ldapc = app.extensions.get('ldap_conn')
-        return ldapc
+        return current_app.extensions.get('ldap_conn')
 
     def delete(self):
         '''Delete this entry from LDAP server'''

diff --git a/flask_ldapconn/query.py b/flask_ldapconn/query.py
@@ -27,8 +27,7 @@ def __iter__(self):
 
     def get_reader_result(self):
         query = ','.join(self.query)
-        app = current_app._get_current_object()
-        ldapc = app.extensions.get('ldap_conn')
+        ldapc = current_app.extensions.get('ldap_conn')
         reader = Reader(connection=ldapc.connection,
                         object_def=self.object_def,
                         query=query,

diff --git a/setup.py b/setup.py
@@ -14,7 +14,7 @@
 
 setup(
     name='Flask-LDAPConn',
-    version='0.6.6',
+    version='0.6.7',
     url='http://github.com/rroemhild/flask-ldapconn',
     license='BSD',
     author='Rafael Römhild',