Giters

nickw444 / flask-ldap3-login

LDAP3 Logins for Flask/Flask-Login

Home Page:http://flask-ldap3-login.readthedocs.org/en/latest/

Geek Repo:Geek Repo

Github PK Tool:Github PK Tool

Using LDAPLoginForm with Flask app processes > 1

jayendren opened this issue · comments

commented

Require some guidence on how to troubleshoot using LDAPLoginForm when running flask with more than one process.

Sample configuration:

# etc/config.py

PORT = os.environ.get("PORT") or 8001
PROCESSES = os.environ.get("PROCESSES") or 5
DEBUG = os.environ.get("DEBUG") or True
THREADED = os.environ.get("THREADED") or False
HOST = os.environ.get("HOST") or "0.0.0.0"

Sample flask app:

# server/app.py
...
from flask_ldap3_login import LDAP3LoginManager
from flask_login import LoginManager, login_user, logout_user, login_required, UserMixin, current_user
from flask_ldap3_login.forms import LDAPLoginForm
...
app = Flask(__name__)
app.wsgi_app = ProxyFix(app.wsgi_app)
CORS(app)
login_manager = LoginManager(app)
ldap_manager = LDAP3LoginManager(app)
...
if __name__ == "__main__":
		app.run(
				host=config.HOST,
				port=config.PORT,
				threaded=config.THREADED,
				processes=config.PROCESSES,
				debug=config.DEBUG
		)

If I use PROCESSES = 1; I can successfully login and navigate flask app.
If this is > 1 I see that the authentication is successful however I am redirected back to the login page to re-authenticate:

13-03-2019 22:35:40.054 115146:140433430583104 DEBUG              forms 32  : Validating LDAPLoginForm against LDAP
13-03-2019 22:35:40.056 115146:140433430583104 DEBUG           __init__ 782 : Opening connection with bind user 'adreader@noop'
13-03-2019 22:35:41.070 115146:140433430583104 DEBUG           __init__ 438 : Successfully bound to LDAP as 'adreader@noop' for search_bind method
13-03-2019 22:35:41.070 115146:140433430583104 DEBUG           __init__ 460 : Performing an LDAP Search using filter '(&(objectclass=person)(mail=jay@noop))', base 'OU=Users,DC=noop', and scope 'LEVEL'
13-03-2019 22:35:41.082 115146:140433430583104 DEBUG           __init__ 782 : Opening connection with bind user 'CN=jay,OU=Users,DC=noop'
13-03-2019 22:35:41.082 115146:140433430583104 DEBUG           __init__ 496 : Directly binding a connection to a server with user:'CN=jay,OU=Users,DC=noop'
13-03-2019 22:35:41.645 115146:140433430583104 DEBUG           __init__ 500 : Authentication was successful for user 'jay@noop'
13-03-2019 22:35:41.645 115146:140433430583104 DEBUG           __init__ 566 : Searching for groups for specific user with filter '(&(objectclass=group)(uniqueMember=CN=jay,OU=Users,DC=noop))' , base 'OU=Users,DC=noop' and scope 'LEVEL'
13-03-2019 22:35:41.651 115146:140433430583104 DEBUG           __init__ 808 : Destroying connection at <0x7fb8edbf9860>
13-03-2019 22:35:41.652 115146:140433430583104 DEBUG           __init__ 808 : Destroying connection at <0x7fb8edc5cf28>
commented

Hi @jayendren thanks for the detailed issue report. It seems like this may be an issue related to #40, which is currently under investigation (However I have not found time to finish the work involved with fixing the issue).

commented

Thanks @nickw444 - I will take a look at #51 as well as an interim solution for my projects.

commented

I began working on a v2 of this library in January to set out to solve this issue and cleanup the general code architecture, however after a long internal debate, I have made the difficult decision that I will no longer be actively maintaining this repo.

I am now in the process of finding a new maintainer - if this is something that may interest you, you can find more details in the README