result.user_groups TypeError: 'NoneType' object is not callable
AlKult opened this issue · comments
Hi,
The authentication itself works fine, but the application appears to be failing down the road.
File "/foo/bar/lib/python3.6/site-packages/flask_ldap3_login/forms.py", line 45, in validate_ldap
result.user_groups
TypeError: 'NoneType' object is not callable
In order to troubleshoot this, I created the following script:
from flask_ldap3_login import LDAP3LoginManager
config = dict()
user = 'myuser'
password = 'mypassword'
config['LDAP_HOST'] = 'ldap.corp.dummy.local'
config['LDAP_BASE_DN'] = 'DC=corp,DC=dummy,DC=local'
config['LDAP_USER_DN'] = 'OU=Standard,OU=Users,OU=BR,OU=corp'
config['LDAP_GROUP_DN'] = 'OU=Corp-Groups,OU=Roles,OU=Groups,OU=BR,OU=corp'
config['LDAP_USER_RDN_ATTR'] = 'cn'
config['LDAP_USER_LOGIN_ATTR'] = 'sAMAccountName'
config['LDAP_BIND_USER_DN'] = 'CN=BindAccount,OU=Service,OU=Users,OU=BR,OU=corp,DC=corp,DC=dummy,DC=local'
config['LDAP_BIND_USER_PASSWORD'] = '<bind password>'
ldap_manager = LDAP3LoginManager()
ldap_manager.init_config(config)
response = ldap_manager.authenticate(user, password)
print(response.status, response.user_groups, len(response.user_info['memberOf']))
When I run it, it returns the following:
AuthenticationResponseStatus.success [] 40
That is, the authentication is successful, but response.user_groups is empty.
response.user_info returns loads of info from the AD, and the groups are contained in 'memberOf' within it.
How do I fix this? Is there any way to tell it where in user info to search for user groups for? Or is this something else?
Best regards,
Albert.
I think this is a duplicate of #57, with the solution here
In order to fix this problem I had to import my User model into my init file. This automagically sets the _save_user callback.
I've imported my User model into my init file, but it's made no dfference, I'm afraid. The error is exactly the same.
Best regards,
Albert.
OK, my bad. I didn't realise this module had to save verified credentials somewhere (it was not optional, that is), so even though the User module was loaded, there was no logic to save credentials coming from the ldap module. As soon as I've fixed the logic, it started to work.