{"id":13725416,"url":"https://github.com/alexferl/flask-simpleldap","last_synced_at":"2025-12-12T00:41:11.149Z","repository":{"id":19552313,"uuid":"22800941","full_name":"alexferl/flask-simpleldap","owner":"alexferl","description":"LDAP authentication extension for the Flask web framework","archived":false,"fork":false,"pushed_at":"2025-01-13T18:25:02.000Z","size":217,"stargazers_count":183,"open_issues_count":3,"forks_count":53,"subscribers_count":8,"default_branch":"master","last_synced_at":"2025-09-17T00:40:21.737Z","etag":null,"topics":["flask","flask-extension","flask-simpleldap","ldap-authentication","ldap-user","openldap","pyldap","python","python-ldap"],"latest_commit_sha":null,"homepage":"","language":"Python","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/alexferl.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2014-08-10T03:51:56.000Z","updated_at":"2025-05-02T03:17:47.000Z","dependencies_parsed_at":"2024-06-19T00:04:57.982Z","dependency_job_id":"730a642d-03d0-464a-9862-484a9f75e2a8","html_url":"https://github.com/alexferl/flask-simpleldap","commit_stats":{"total_commits":122,"total_committers":23,"mean_commits":5.304347826086956,"dds":0.6147540983606558,"last_synced_commit":"e05f1f2bff2bbb789fb0402fc1e8f1cc06c81695"},"previous_names":["admiralobvious/flask-simpleldap"],"tags_count":15,"template":false,"template_full_name":null,"purl":"pkg:github/alexferl/flask-simpleldap","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/alexferl%2Fflask-simpleldap","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/alexferl%2Fflask-simpleldap/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/alexferl%2Fflask-simpleldap/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/alexferl%2Fflask-simpleldap/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/alexferl","download_url":"https://codeload.github.com/alexferl/flask-simpleldap/tar.gz/refs/heads/master","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/alexferl%2Fflask-simpleldap/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":278717444,"owners_count":26033542,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","status":"online","status_checked_at":"2025-10-07T02:00:06.786Z","response_time":59,"last_error":null,"robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":true,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["flask","flask-extension","flask-simpleldap","ldap-authentication","ldap-user","openldap","pyldap","python","python-ldap"],"created_at":"2024-08-03T01:02:22.502Z","updated_at":"2025-10-07T03:47:32.030Z","avatar_url":"https://github.com/alexferl.png","language":"Python","funding_links":[],"categories":["Python"],"sub_categories":[],"readme":"# Flask-SimpleLDAP\nFlask-SimpleLDAP provides LDAP authentication for Flask and is compatible with and tested on Python 3.8+.\n\n## Quickstart\nFirst, install Flask-SimpleLDAP:\n\n```shell\npip install flask-simpleldap\n```\n\nFlask-SimpleLDAP depends, and will install for you, a recent version of Flask\n(2.2.5 or later) and [python-ldap](https://python-ldap.org/).\nPlease consult the [python-ldap installation instructions](https://www.python-ldap.org/en/latest/installing.html) if you get an error during installation.\n\nNext, add an `LDAP` instance to your code and at least the three\nrequired configuration options. The complete sample from\n[examples/basic_auth/app.py](examples/basic_auth/app.py) looks like this:\n\n```python\nfrom flask import Flask, g\nfrom flask_simpleldap import LDAP\n\napp = Flask(__name__)\n# app.config[\"LDAP_HOST\"] = \"ldap.example.org\" # defaults to localhost\napp.config[\"LDAP_BASE_DN\"] = \"OU=users,dc=example,dc=org\"\napp.config[\"LDAP_USERNAME\"] = \"CN=user,OU=Users,DC=example,DC=org\"\napp.config[\"LDAP_PASSWORD\"] = \"password\"\n\nldap = LDAP(app)\n\n@app.route(\"/\")\n@ldap.basic_auth_required\ndef index():\n return f\"Welcome, {g.ldap_username}!\"\n\nif __name__ == \"__main__\":\n app.run()\n```\n\nWhen the user visits the protected URL, the browser will prompt for the\nlogin and password via the built-in HTTP authentication window. Note that\nwith the default value of `LDAP_USER_OBJECT_FILTER` the login is expected\nto match the [`userPrincipalName` attribute](https://ldapwiki.com/wiki/Wiki.jsp?page=UserPrincipalName)\nof the LDAP user, e.g. `me@mydomain.com`.\n\nOnce you get the basic example working, check out the more complex ones:\n\n- [examples/groups](examples/groups) demonstrates using:\n - `@ldap.login_required` for form/cookie-based auth, instead of basic HTTP authentication.\n - `@ldap.group_required()` to restrict access to pages based on the user's LDAP groups.\n- [examples/blueprints](examples/blueprints) implements the same functionality, but uses Flask's\n[application factories](https://flask.palletsprojects.com/en/3.0.x/patterns/appfactories/)\nand [blueprints](https://flask.palletsprojects.com/en/3.0.x/blueprints/).\n\n\n## OpenLDAP\nAdd the `LDAP` instance to your code and depending on your OpenLDAP\nconfiguration, add the following at least `LDAP_USER_OBJECT_FILTER` and\n`LDAP_USER_OBJECT_FILTER`.\n\n```python\nfrom flask import Flask, g\nfrom flask_simpleldap import LDAP\n\napp = Flask(__name__)\n\n# Base\napp.config[\"LDAP_REALM_NAME\"] = \"OpenLDAP Authentication\"\napp.config[\"LDAP_HOST\"] = \"openldap.example.org\"\napp.config[\"LDAP_BASE_DN\"] = \"dc=users,dc=openldap,dc=org\"\napp.config[\"LDAP_USERNAME\"] = \"cn=user,ou=servauth-users,dc=users,dc=openldap,dc=org\"\napp.config[\"LDAP_PASSWORD\"] = \"password\"\n\n# OpenLDAP\napp.config[\"LDAP_OBJECTS_DN\"] = \"dn\"\napp.config[\"LDAP_OPENLDAP\"] = True\napp.config[\"LDAP_USER_OBJECT_FILTER\"] = \"(\u0026(objectclass=inetOrgPerson)(uid=%s))\"\n\n# Groups\napp.config[\"LDAP_GROUP_MEMBERS_FIELD\"] = \"uniquemember\"\napp.config[\"LDAP_GROUP_OBJECT_FILTER\"] = \"(\u0026(objectclass=groupOfUniqueNames)(cn=%s))\"\napp.config[\"LDAP_GROUP_MEMBER_FILTER\"] = \"(\u0026(cn=*)(objectclass=groupOfUniqueNames)(uniquemember=%s))\"\napp.config[\"LDAP_GROUP_MEMBER_FILTER_FIELD\"] = \"cn\"\n\nldap = LDAP(app)\n\n@app.route(\"/\")\n@ldap.basic_auth_required\ndef index():\n return f\"Welcome, {g.ldap_username}!\"\n\nif __name__ == \"__main__\":\n app.run()\n```\n\n## Configuration\n| Setting | Description |\n|----------------------------------|-----------------------------------------------------------------------------------------------------------------------------------------------------------|\n| `LDAP_HOST` | The host name or IP address of your LDAP server. Default: `\"localhost\"`. |\n| `LDAP_PORT` | The port number of your LDAP server. Default: `389`. |\n| `LDAP_SCHEMA` | The LDAP schema to use between `\"ldap\"`, `\"ldapi\"` and `\"ldaps\"`. Default: `\"ldap\"`. |\n| `LDAP_SOCKET_PATH` | If `LDAP_SCHEMA` is set to `\"ldapi\"`, the path to the Unix socket path. Default: `\"/\"`. |\n| `LDAP_USERNAME` | **Required**: The username used to bind. |\n| `LDAP_PASSWORD` | **Required**: The password used to bind. |\n| `LDAP_TIMEOUT` | How long (seconds) a connection can take to be opened before timing out. Default: `10`. |\n| `LDAP_LOGIN_VIEW` | Views decorated with `.login_required()` or`.group_required()` will redirect unauthenticated requests to this view. Default: `\"login\"`. |\n| `LDAP_REALM_NAME` | Views decorated with `.basic_auth_required()` will use this as the \"realm\" part of HTTP Basic Authentication when responding to unauthenticated requests. |\n| `LDAP_OPENLDAP` | Set to `True` if your server is running OpenLDAP. Default: `False`. |\n| `LDAP_USE_SSL` | Set to `True` if your server uses SSL. Default: `False`. |\n| `LDAP_USE_TLS` | Set to `True` if your server uses TLS. Default: `False`. |\n| `LDAP_REQUIRE_CERT` | Set to `True` if your server requires a certificate. Default: `False`. |\n| `LDAP_CERT_PATH` | Path to the certificate if `LDAP_REQUIRE_CERT` is `True`. |\n| `LDAP_CUSTOM_OPTIONS` | `dict` of ldap options you want to set in this format: `{option: value}`. Default: `None`. |\n| `LDAP_BASE_DN` | **Required**: The distinguished name to use as the search base. |\n| `LDAP_OBJECTS_DN` | The field to use as the objects' distinguished name. Default: `\"distinguishedName\"`. |\n| `LDAP_USER_FIELDS` | `list` of fields to return when searching for a user's object details. Default: `[]` (all). |\n| `LDAP_USER_GROUPS_FIELD` | The field to return when searching for a user's groups. Default: `\"memberOf\"`. |\n| `LDAP_USER_OBJECT_FILTER` | The filter to use when searching for a user object. Default: `\"(\u0026(objectclass=Person)(userPrincipalName=%s))\"` |\n| `LDAP_USERS_OBJECT_FILTER` | The filter to use when searching for users objects. Default: `\"objectclass=Person\"` |\n| `LDAP_GROUP_FIELDS` | `list` of fields to return when searching for a group's object details. Default: `[]` (all). |\n| `LDAP_GROUP_MEMBER_FILTER` | The group member filter to use when using OpenLDAP. Default: `\"*\"`. |\n| `LDAP_GROUP_MEMBER_FILTER_FIELD` | The group member filter field to use when using OpenLDAP. Default: `\"*\"`. |\n| `LDAP_GROUP_MEMBERS_FIELD` | The field to return when searching for a group's members. Default: `\"member\"`. |\n| `LDAP_GROUP_OBJECT_FILTER` | The filter to use when searching for a group object. Default: `\"(\u0026(objectclass=Group)(userPrincipalName=%s))\"`. |\n| `LDAP_GROUPS_OBJECT_FILTER` | The filter to use when searching for groups objects. Default: `\"objectclass=Group\"`. |\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Falexferl%2Fflask-simpleldap","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Falexferl%2Fflask-simpleldap","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Falexferl%2Fflask-simpleldap/lists"}