X-Git-Url: http://git.cascardo.eti.br/?p=cascardo%2Fipsilon.git;a=blobdiff_plain;f=ipsilon%2Flogin%2Fauthldap.py;h=321c461998cecc12cb55b1a3d2f95e0b7944325a;hp=ce096f4b12bde15c792f2c30c18a82e76ae3fe9c;hb=5f591228346bd96561b693cae43b8f14e4c3b26d;hpb=9eaa965575ef31de52cef559c420ba7880756887 diff --git a/ipsilon/login/authldap.py b/ipsilon/login/authldap.py index ce096f4..321c461 100644 --- a/ipsilon/login/authldap.py +++ b/ipsilon/login/authldap.py @@ -61,21 +61,32 @@ class LDAP(LoginFormBase, Log): username = kwargs.get("login_name") password = kwargs.get("login_password") userattrs = None - authed = False + authok = False errmsg = None if username and password: try: userattrs = self._authenticate(username, password) - authed = True - except Exception, e: # pylint: disable=broad-except + authok = True + except ldap.INVALID_CREDENTIALS as e: errmsg = "Authentication failed" + self.error(errmsg) + except ldap.LDAPError as e: + errmsg = 'Internal system error' + if isinstance(e, ldap.TIMEOUT): + self.error('LDAP request timed out') + else: + desc = e.args[0]['desc'].strip() + info = e.args[0].get('info', '').strip() + self.error("%s: %s %s" % (e.__class__.__name__, + desc, info)) + except Exception as e: # pylint: disable=broad-except + errmsg = 'Internal system error' self.error("Exception raised: [%s]" % repr(e)) else: - errmsg = "Username or password is missing" - self.error(errmsg) + self.error("Username or password is missing") - if authed: + if authok: return self.lm.auth_successful(self.trans, username, 'password', userdata=userattrs)