petr
/
www.tagesschule-elementa.ch
forked from TagesschuleElementa/www.tagesschule-elementa.ch
2
1
Fork 0
Code Issues Pull Requests Releases Wiki Activity

install aldryn-sso 1.1.16

Browse Source
standalone
Simon Caminada 8 years ago
parent acc2f753fa
commit 9eb0831c29
5 changed files with 145 additions and 4 deletions
Show Stats Download Patch File Download Diff File

4
addons/aldryn-sso/addon.json
Unescape Escape View File

@ -0,0 +1,4 @@
{
"installed-apps": [],
"package-name": "aldryn-sso"
}

134
addons/aldryn-sso/aldryn_config.py
Unescape Escape View File

@ -0,0 +1,134 @@
# -*- coding: utf-8 -*-
from aldryn_client import forms
class Form(forms.BaseForm):
hide_user_management = forms.CheckboxField(
'Hide user management',
required=False,
initial=False,
)
def to_settings(self, data, settings):
from functools import partial
from django.core.urlresolvers import reverse_lazy
from aldryn_addons.exceptions import ImproperlyConfigured
from aldryn_addons.utils import boolean_ish
from aldryn_addons.utils import djsenv
def boolean_ish_or(value, or_values=()):
if value in or_values:
return value
return boolean_ish(value)
env = partial(djsenv, settings=settings)
settings['ALDRYN_SSO_HIDE_USER_MANAGEMENT'] = data['hide_user_management']
# if the SSO button is the only configured login option: redirect right
# to the login without showing the page.
settings['ALDRYN_SSO_ENABLE_AUTO_SSO_LOGIN'] = boolean_ish(
env('ALDRYN_SSO_ENABLE_AUTO_SSO_LOGIN', True)
)
settings['SSO_DSN'] = env('SSO_DSN')
settings['LOGIN_REDIRECT_URL'] = '/'
settings['ALDRYN_SSO_ENABLE_SSO_LOGIN'] = boolean_ish(
env(
'ALDRYN_SSO_ENABLE_SSO_LOGIN',
default=boolean_ish(settings['SSO_DSN']),
)
)
settings['ALDRYN_SSO_ENABLE_LOGIN_FORM'] = boolean_ish(
env(
'ALDRYN_SSO_ENABLE_LOGIN_FORM',
default=not settings['ALDRYN_SSO_HIDE_USER_MANAGEMENT'],
)
)
settings['ALDRYN_SSO_ENABLE_LOCALDEV'] = boolean_ish(
env(
'ALDRYN_SSO_ENABLE_LOCALDEV',
default=env('STAGE') == 'local',
)
)
settings['ALDRYN_SSO_ALWAYS_REQUIRE_LOGIN'] = boolean_ish_or(
env(
'ALDRYN_SSO_ALWAYS_REQUIRE_LOGIN',
default=env('STAGE') == 'test',
),
or_values=(
'basicauth',
)
)
settings['ALDRYN_SSO_LOGIN_WHITE_LIST'] = env(
'ALDRYN_SSO_LOGIN_WHITE_LIST',
default=[]
)
settings['ADDON_URLS'].append('aldryn_sso.urls')
settings['ADDON_URLS_I18N'].append('aldryn_sso.urls_i18n')
# aldryn_sso must be after django.contrib.admin so it can unregister
# the User/Group Admin if necessary.
settings['INSTALLED_APPS'].insert(
settings['INSTALLED_APPS'].index('django.contrib.admin'),
'aldryn_sso'
)
if settings['ALDRYN_SSO_ENABLE_SSO_LOGIN']:
# Expire user session every day because:
# Users can change their data on the SSO server.
# We cannot do a sync of "recently changed" user data due to these reasons:
# - security risk, leaking user data to unauthorized websites,
# - it would require some periodic tasks (celery?),
# - stage websites are being paused during which the sync wouldn't work
settings['CLOUD_USER_SESSION_EXPIRATION'] = 24 * 60 * 60 # 24h = 1day
if not settings['SSO_DSN']:
raise ImproperlyConfigured(
'ALDRYN_SSO_ENABLE_SSO_LOGIN is True, but no SSO_DSN is set.')
if settings['ALDRYN_SSO_ALWAYS_REQUIRE_LOGIN'] == 'basicauth':
basicauth_user = env('ALDRYN_SSO_BASICAUTH_USER')
basicauth_password = env('ALDRYN_SSO_BASICAUTH_PASSWORD')
if basicauth_user and basicauth_password:
settings['ALDRYN_SSO_BASICAUTH_USER'] = basicauth_user
settings['ALDRYN_SSO_BASICAUTH_PASSWORD'] = basicauth_password
else:
raise ImproperlyConfigured(
'ALDRYN_SSO_ALWAYS_REQUIRE_LOGIN set to "basicauth", but ALDRYN_SSO_BASICAUTH_USER and ALDRYN_SSO_BASICAUTH_PASSWORD not set'
)
position = settings['MIDDLEWARE_CLASSES'].index('django.contrib.auth.middleware.AuthenticationMiddleware') + 1
settings['MIDDLEWARE_CLASSES'].insert(position, 'aldryn_sso.middleware.BasicAuthAccessControlMiddleware')
elif settings['ALDRYN_SSO_ALWAYS_REQUIRE_LOGIN']:
position = settings['MIDDLEWARE_CLASSES'].index('django.contrib.auth.middleware.AuthenticationMiddleware') + 1
settings['MIDDLEWARE_CLASSES'].insert(position, 'aldryn_sso.middleware.AccessControlMiddleware')
settings['ALDRYN_SSO_LOGIN_WHITE_LIST'].extend([
reverse_lazy('simple-sso-login'),
reverse_lazy('aldryn_sso_login'),
reverse_lazy('aldryn_sso_localdev_login'),
reverse_lazy('aldryn_localdev_create_user'),
])
if settings['ALDRYN_SSO_ALWAYS_REQUIRE_LOGIN']:
settings['SHARING_VIEW_ONLY_TOKEN_KEY_NAME'] = env('SHARING_VIEW_ONLY_TOKEN_KEY_NAME')
settings['SHARING_VIEW_ONLY_SECRET_TOKEN'] = env('SHARING_VIEW_ONLY_SECRET_TOKEN')
settings['ALDRYN_SSO_OVERIDE_ADMIN_LOGIN_VIEW'] = env(
'ALDRYN_SSO_OVERIDE_ADMIN_LOGIN_VIEW',
any([
settings['ALDRYN_SSO_ENABLE_SSO_LOGIN'],
settings['ALDRYN_SSO_ENABLE_LOGIN_FORM'],
settings['ALDRYN_SSO_ENABLE_LOCALDEV'],
])
)
if settings['ALDRYN_SSO_OVERIDE_ADMIN_LOGIN_VIEW']:
# configure our combined login view to be the default
settings['LOGIN_URL'] = 'aldryn_sso_login'
# see admin.py for how we force admin to use this view as well
return settings

3
addons/aldryn-sso/settings.json
Unescape Escape View File

@ -0,0 +1,3 @@
{
"hide_user_management": false
}

1
requirements.in
Unescape Escape View File

@ -1,2 +1,3 @@
# <INSTALLED_ADDONS> # Warning: text inside the INSTALLED_ADDONS tags is auto-generated. Manual changes will be overwritten.
https://control.divio.com/api/v1/apps/serve/aldryn-sso/1.1.16/dbe0c45a-c981-4beb-8624-b0d2c4196aa0/aldryn-sso-1.1.16.tar.gz#egg=aldryn-sso==1.1.16
# </INSTALLED_ADDONS>

7
settings.py
Unescape Escape View File

@ -1,10 +1,9 @@
# -*- coding: utf-8 -*-
INSTALLED_ADDONS = [
# <INSTALLED_ADDONS> # Warning: this is auto-generated. Manual changes will be overwritten.
'aldryn-addons',
'aldryn-django',
# </INSTALLED_ADDONS>'
# <INSTALLED_ADDONS> # Warning: text inside the INSTALLED_ADDONS tags is auto-generated. Manual changes will be overwritten.
'aldryn-sso',
# </INSTALLED_ADDONS>
]
import aldryn_addons.settings

Write Preview
Loading…
Cancel
Save