2025-04-29 18:09:00 +08:00
|
|
|
import ldap
|
|
|
|
|
from django.contrib.auth import get_user_model
|
2025-11-18 10:52:10 +08:00
|
|
|
import environ
|
2025-04-29 18:09:00 +08:00
|
|
|
|
2025-11-18 10:52:10 +08:00
|
|
|
# 1. 环境变量读取
|
|
|
|
|
env = environ.Env()
|
|
|
|
|
|
|
|
|
|
# 2. LDAP服务器host和port
|
|
|
|
|
server_uri = env('AUTH_LDAP_SERVER_URI', default='ldap://dns.paisat.cn:389')
|
2026-01-28 16:50:40 +08:00
|
|
|
dn = env('AUTH_LDAP_BIND_DN',default='CN=Administrator,CN=Users,DC=sstc,DC=ctu')
|
|
|
|
|
password = env('AUTH_LDAP_BIND_PASSWORD',default='WXWX2019!!!!!!')
|
|
|
|
|
base_dn = env('BASE_DN',default='OU=all,DC=sstc,DC=ctu')
|
|
|
|
|
filter_str = env('FILTER_STR',default='(sAMAccountName=%(user)s)')
|
2025-11-18 10:52:10 +08:00
|
|
|
|
|
|
|
|
# 3. 连接LDAP服务器进行操作
|
|
|
|
|
def load_ldap_users(url=server_uri,
|
2026-01-28 16:50:40 +08:00
|
|
|
dn=dn,
|
|
|
|
|
pwd=password,
|
|
|
|
|
search_dn=base_dn,
|
2025-04-29 18:09:00 +08:00
|
|
|
search_filter='(&(sAMAccountName=*))'):
|
|
|
|
|
Users = get_user_model()
|
|
|
|
|
|
|
|
|
|
ldap_server = ldap.initialize(url)
|
|
|
|
|
ldap_server.simple_bind_s(dn, pwd)
|
|
|
|
|
ldap_users = ldap_server.search_ext_s(search_dn,
|
|
|
|
|
ldap.SCOPE_SUBTREE,
|
|
|
|
|
search_filter)
|
|
|
|
|
|
|
|
|
|
temp_users = []
|
|
|
|
|
for user in ldap_users:
|
|
|
|
|
username_field = user[-1]['sAMAccountName'][0]
|
|
|
|
|
email_field = user[-1].get('mail', username_field + b'@sstc.ctu')[0]
|
|
|
|
|
if isinstance(email_field, int):
|
|
|
|
|
email_field = username_field + b'@sstc.ctu'
|
|
|
|
|
user_dict = {
|
|
|
|
|
'username': username_field.decode(),
|
|
|
|
|
'name': user[-1]['name'][0].decode(),
|
|
|
|
|
'email': email_field.decode(),
|
|
|
|
|
}
|
|
|
|
|
temp_users.append(user_dict)
|
|
|
|
|
db_user = Users.objects.filter(username=user_dict['username'])
|
|
|
|
|
exsits = db_user.exists()
|
|
|
|
|
if exsits:
|
|
|
|
|
# 如果存在则更新
|
|
|
|
|
update_flag = False
|
|
|
|
|
c_user = db_user.first()
|
|
|
|
|
if c_user != user_dict['username']:
|
|
|
|
|
c_user.username = user_dict['username']
|
|
|
|
|
update_flag = True
|
|
|
|
|
if c_user.name != user_dict['name']:
|
|
|
|
|
c_user.name = user_dict['name']
|
|
|
|
|
update_flag = True
|
|
|
|
|
if c_user.email != user_dict['email']:
|
|
|
|
|
c_user.email = user_dict['email']
|
|
|
|
|
update_flag = True
|
|
|
|
|
if update_flag:
|
2026-01-28 16:50:40 +08:00
|
|
|
c_user.set_password('wxwx2018!!!')
|
2025-04-29 18:09:00 +08:00
|
|
|
c_user.save()
|
|
|
|
|
else:
|
|
|
|
|
user_dict['remark'] = '自动同步LDAP数据用户'
|
|
|
|
|
user_dict['status'] = '1'
|
|
|
|
|
user_dict['phone'] = '18888888888'
|
|
|
|
|
user_dict['role'] = 'user'
|
|
|
|
|
user_dict['accountId'] = 'user'
|
|
|
|
|
user_single = Users.objects.create(**user_dict)
|
|
|
|
|
user_single.set_password('wxwx2018!!!')
|
|
|
|
|
user_single.save()
|
|
|
|
|
# 6月3日新增组别
|
|
|
|
|
|
