Skip to main content

An authentication backend for Django based on Polytechnique.org's auth-groupe-x SSO protocol.

Project description

django-authgroupex

This library provides a Django authentication backend based on Polytechnique.org’s auth-groupe-x SSO protocol.

Setup

The django-authgroupex package requires only a minimal pair of settings to work:

# Enable AuthGroupeX authentication backend
AUTHENTICATION_BACKENDS = (
    'django_authgroupex.auth.AuthGroupeXBackend',
    'django.contrib.auth.backends.ModelBackend',  # Optional
)

# Read secret key from file
AUTHGROUPEX_KEY = open('authgroupex.key', 'r').readline()

It should also be included in your projects urls.py file:

urlpatterns = patterns('',
    # Usual suspects here
    url(r'^xorgauth/', include('django_authgroupex.views', namespace='authgroupex')),
)

If you’re using the django.contrib.admin app, you may also override its login form:

from django.contrib import admin
admin.site.login_template = 'authgroupex/admin_login.html'

Settings

django-authgroupex provides the following settings:

  • AUTHGROUPEX_KEY: Required, the secret key used to connect to an AuthGroupeX-compatible server.

  • AUTHGROUPEX_ENDPOINT: The remote endpoint (an AuthGroupeX-compatible server). Default: https://www.polytechnique.org/auth-groupe-x/utf8

  • AUTHGROUPEX_FIELDS: The list of profile fields to require upon connection; order matters. Default: ('username', 'firstname', 'lastname', 'email')

  • AUTHGROUPEX_USER_MODEL: Model storing users. Default: auth.User

  • AUTHGROUPEX_USER_GROUP: Model storing groups. Default: auth.Group

  • AUTHGROUPEX_SUPERADMIN_PERMS: A list of AuthGroupeX permissions that enable the is_admin flag on this server. Default: ()

  • AUTHGROUPEX_STAFF_PERMS: A list of AuthGroupeX permissions that enable the is_staff flag on this server.

  • AUTHGROUPEX_DISABLE_DEADS: Whether a user connecting from a “dead” account should be switched to is_active=False Default: False

  • AUTHGROUPEX_GROUP: Name of the AuthGroupeX group to use for a single-group website. Default: ''

  • AUTHGROUPEX_MAP_GROUPS: Dict mapping an AuthGroupeX permission to a local group name. Default: {}

  • AUTHGROUPEX_RETURN_URL: Name of the (local) return url for successful logins. Default: settings.LOGIN_URL

  • AUTHGROUPEX_LOGIN_REDIRECT_URL: Name of the URL to redirect the user to after a successful login. Default: settings.LOGIN_REDIRECT_URL

Testing

For testing purposes, it is advised to not use a production private key.

django_authgroupex has a special, “fake” mode for such cases. That fake mode adds a couple of URLs handling a local endpoint where the end user can choose custom values for requested fields.

Installation requires a couple of extra settings:

# settings.py
AUTHGROUPEX_FAKE = True
AUTHGROUPEX_ENDPOINT = 'authgroupex:fake_endpoint'

The AUTHGROUPEX_FAKE setting will enable two views for handling fake requests:

  • One validates the input (which can also be used to validate external clients)

  • The second provides a dynamic form based on AUTHGROUPEX_FIELDS, enabling users to select there preferred response.

The AUTHGROUPEX_ENDPOINT setting should include the namespace at which django_authgroupex.urls was inserted.

Project details


Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

django_authgroupex-0.2.2.tar.gz (13.3 kB view details)

Uploaded Source

File details

Details for the file django_authgroupex-0.2.2.tar.gz.

File metadata

File hashes

Hashes for django_authgroupex-0.2.2.tar.gz
Algorithm Hash digest
SHA256 dc6e46438ef82b7ceae2ac333c2464bb202086866b71d3e2d87e6b8851f97aa4
MD5 c4bdb96da9ea7c5d9027ca0d5349a874
BLAKE2b-256 6fdda7deac5094d948d3dbc8ecc1d638ff919943fd68ff1739021ed258ff24da

See more details on using hashes here.

Supported by

AWS AWS Cloud computing and Security Sponsor Datadog Datadog Monitoring Fastly Fastly CDN Google Google Download Analytics Microsoft Microsoft PSF Sponsor Pingdom Pingdom Monitoring Sentry Sentry Error logging StatusPage StatusPage Status page