fastapi-practices · dividduang · Apr 27, 2025 · Apr 27, 2025 · Apr 28, 2025
diff --git a/backend/.env.example b/backend/.env.example
@@ -21,6 +21,11 @@ OAUTH2_GITHUB_CLIENT_ID='test'
 OAUTH2_GITHUB_CLIENT_SECRET='test'
 OAUTH2_LINUX_DO_CLIENT_ID='test'
 OAUTH2_LINUX_DO_CLIENT_SECRET='test'
+# LDAP
+LDAP_SERVER = '10.10.10.34'
+LDAP_PORT = 636
+LDAP_BASE_DN = 'OU=Group,dc=dc,dc=cn'
+LDAP_BASE_DC = 'domain_name' 
 # Task
 # Celery
 CELERY_BROKER_REDIS_DATABASE=1

diff --git a/backend/app/admin/api/v1/auth/__init__.py b/backend/app/admin/api/v1/auth/__init__.py
@@ -3,9 +3,11 @@
 from fastapi import APIRouter
 
 from backend.app.admin.api.v1.auth.auth import router as auth_router
+from backend.app.admin.api.v1.auth.ldap_auth import router as ldap_auth_router
 from backend.app.admin.api.v1.auth.captcha import router as captcha_router
 
 router = APIRouter(prefix='/auth')
 
 router.include_router(auth_router, tags=['授权'])
+router.include_router(ldap_auth_router, tags=['LDAP'])
 router.include_router(captcha_router, prefix='/captcha', tags=['验证码'])
diff --git a/backend/app/admin/api/v1/auth/auth.py b/backend/app/admin/api/v1/auth/auth.py
@@ -34,7 +34,6 @@ async def user_login(
     data = await auth_service.login(request=request, response=response, obj=obj, background_tasks=background_tasks)
     return response_base.success(data=data)
 
-
 @router.post('/token/new', summary='创建新 token')
 async def create_new_token(request: Request) -> ResponseSchemaModel[GetNewToken]:
     data = await auth_service.new_token(request=request)

diff --git a/backend/app/admin/api/v1/auth/ldap_auth.py b/backend/app/admin/api/v1/auth/ldap_auth.py
@@ -0,0 +1,28 @@
+#!/usr/bin/env python3
+# -*- coding: utf-8 -*-
+from typing import Annotated
+
+from fastapi import APIRouter, Depends, Request, Response
+from fastapi.security import HTTPBasicCredentials
+
+from starlette.background import BackgroundTasks
+
+from backend.app.admin.schema.token import GetLoginToken, GetSwaggerToken
+from backend.app.admin.schema.user import AuthLoginParam
+from backend.app.admin.service.auth_service import auth_service
+from backend.common.response.response_schema import ResponseSchemaModel, response_base
+
+
+router = APIRouter()
+
+@router.post('/login/ldap_swagger', summary='swagger 调试专用', description='用于快捷获取 token 进行 ldap_swagger 认证')
+async def swagger_ldap_login(obj: Annotated[HTTPBasicCredentials, Depends()]) -> GetSwaggerToken:
+    token, user = await auth_service.swagger_ldap_login(obj=obj)
+    return GetSwaggerToken(access_token=token, user=user)
+
+@router.post('/ldap_login', summary='LDAP登录', description='使用LDAP账号和密码登录系统')
+async def ldap_login(
+    request: Request, response: Response, obj: AuthLoginParam, background_tasks: BackgroundTasks
+) -> ResponseSchemaModel[GetLoginToken]:
+    data = await auth_service.ldap_login(request=request, response=response, obj=obj, background_tasks=background_tasks)
+    return response_base.success(data=data)
diff --git a/backend/app/admin/conf.py b/backend/app/admin/conf.py
@@ -18,6 +18,13 @@ class AdminSettings(BaseSettings):
     OAUTH2_LINUX_DO_CLIENT_ID: str
     OAUTH2_LINUX_DO_CLIENT_SECRET: str
 
+    # LDAP
+    LDAP_SERVER: str 
+    LDAP_PORT: int 
+    LDAP_BASE_DN: str 
+    LDAP_BASE_DC: str 
+
+
     # OAuth2
     OAUTH2_FRONTEND_REDIRECT_URI: str = 'http://localhost:5173/oauth2/callback'