use django-allauth for authentication using oauth2 with authentic2
This commit is contained in:
parent
9327d695af
commit
aff2d7e05c
|
@ -0,0 +1 @@
|
|||
# Create your models here.
|
|
@ -0,0 +1,33 @@
|
|||
from allauth.socialaccount import providers
|
||||
from allauth.socialaccount.providers.base import ProviderAccount
|
||||
from allauth.socialaccount.providers.oauth2.provider import OAuth2Provider
|
||||
from allauth.account.models import EmailAddress
|
||||
|
||||
class Authentic2Account(ProviderAccount):
|
||||
def to_str(self):
|
||||
return self.account.uid
|
||||
|
||||
|
||||
class Authentic2Provider(OAuth2Provider):
|
||||
id = 'authentic2'
|
||||
name = 'Authentic2'
|
||||
package = 'portail_citoyen2.allauth_authentic2'
|
||||
account_class = Authentic2Account
|
||||
|
||||
def extract_uid(self, data):
|
||||
return str(data['username'])
|
||||
|
||||
def extract_common_fields(self, data):
|
||||
return dict(email=data.get('email'),
|
||||
username=data.get('username'),
|
||||
name=data.get('displayname'))
|
||||
|
||||
def extract_email_addresses(self, data):
|
||||
ret = [EmailAddress(email=data['email'],
|
||||
verified=True,
|
||||
primary=True)]
|
||||
return ret
|
||||
|
||||
|
||||
|
||||
providers.registry.register(Authentic2Provider)
|
|
@ -0,0 +1,5 @@
|
|||
from allauth.socialaccount.providers.oauth2.urls import default_urlpatterns
|
||||
from .provider import Authentic2Provider
|
||||
|
||||
urlpatterns = default_urlpatterns(Authentic2Provider)
|
||||
|
|
@ -0,0 +1,43 @@
|
|||
import urlparse
|
||||
import requests
|
||||
|
||||
from django.core.exceptions import ImproperlyConfigured
|
||||
|
||||
from allauth.socialaccount.providers.oauth2.views import (OAuth2Adapter,
|
||||
OAuth2LoginView,
|
||||
OAuth2CallbackView)
|
||||
from .provider import Authentic2Provider
|
||||
|
||||
|
||||
class Authentic2OAuth2Adapter(OAuth2Adapter):
|
||||
provider_id = Authentic2Provider.id
|
||||
|
||||
def get_url(self):
|
||||
provider = self.get_provider()
|
||||
try:
|
||||
return provider.get_settings()['URL']
|
||||
except IndexError:
|
||||
raise ImproperlyConfigured('The authentic2 provider needs an URL defined in settings')
|
||||
|
||||
@property
|
||||
def access_token_url(self):
|
||||
return urlparse.urljoin(self.get_url(), 'access_token')
|
||||
|
||||
@property
|
||||
def authorize_url(self):
|
||||
return urlparse.urljoin(self.get_url(), 'authorize')
|
||||
|
||||
@property
|
||||
def profile_url(self):
|
||||
return urlparse.urljoin(self.get_url(), 'user-info')
|
||||
|
||||
def complete_login(self, request, app, token, **kwargs):
|
||||
resp = requests.get(self.profile_url,
|
||||
params={'access_token': token.token})
|
||||
extra_data = resp.json()
|
||||
return self.get_provider().sociallogin_from_response(request,
|
||||
extra_data)
|
||||
|
||||
|
||||
oauth2_login = OAuth2LoginView.adapter_view(Authentic2OAuth2Adapter)
|
||||
oauth2_callback = OAuth2CallbackView.adapter_view(Authentic2OAuth2Adapter)
|
|
@ -66,13 +66,16 @@ TEMPLATE_LOADERS = (
|
|||
)
|
||||
|
||||
TEMPLATE_CONTEXT_PROCESSORS = (
|
||||
'django.core.context_processors.request',
|
||||
'django.contrib.auth.context_processors.auth',
|
||||
'allauth.account.context_processors.account',
|
||||
'allauth.socialaccount.context_processors.socialaccount',
|
||||
'django.core.context_processors.debug',
|
||||
'django.core.context_processors.i18n',
|
||||
'django.core.context_processors.media',
|
||||
'django.core.context_processors.request',
|
||||
'django.contrib.messages.context_processors.messages',
|
||||
'django.core.context_processors.static',
|
||||
'django.core.context_processors.tz',
|
||||
'django.contrib.messages.context_processors.messages',
|
||||
'cms.context_processors.media',
|
||||
'sekizai.context_processors.sekizai',
|
||||
'portail_citoyen2.context_processors.template_vars',
|
||||
|
@ -94,14 +97,11 @@ MIDDLEWARE_CLASSES = (
|
|||
'entrouvert.djommon.middleware.VersionMiddleware',
|
||||
)
|
||||
|
||||
PORTAIL_CITOYEN_FAVICON_URL = ''
|
||||
|
||||
ROOT_URLCONF = 'portail_citoyen2.urls'
|
||||
|
||||
TEMPLATE_DIRS = ['/var/lib/%s/templates' % PROJECT_NAME, os.path.join(PROJECT_PATH, 'templates')]
|
||||
if os.environ.get('TEMPLATE_DIRS'):
|
||||
TEMPLATE_DIRS = os.environ['TEMPLATE_DIRS'].split(':')
|
||||
else:
|
||||
TEMPLATE_DIRS = ('/var/lib/%s/templates' % PROJECT_NAME,)
|
||||
TEMPLATE_DIRS = os.environ['TEMPLATE_DIRS'].split(':') + TEMPLATE_DIRS
|
||||
|
||||
INSTALLED_APPS = (
|
||||
'django.contrib.auth',
|
||||
|
@ -126,10 +126,32 @@ INSTALLED_APPS = (
|
|||
'passerelle_register_plugin',
|
||||
'feed_plugin',
|
||||
'data_source_plugin',
|
||||
'allauth',
|
||||
'allauth.account',
|
||||
'allauth.socialaccount',
|
||||
# ... include the providers you want to enable:
|
||||
'portail_citoyen2.allauth_authentic2',
|
||||
'portail_citoyen2',
|
||||
)
|
||||
|
||||
AUTHENTICATION_BACKENDS = ('django.contrib.auth.backends.ModelBackend',)
|
||||
AUTHENTICATION_BACKENDS = (
|
||||
'django.contrib.auth.backends.ModelBackend',
|
||||
'allauth.account.auth_backends.AuthenticationBackend',
|
||||
)
|
||||
# auth and allauth settings
|
||||
LOGIN_REDIRECT_URL = os.environ.get('LOGIN_REDIRECT_URL', '/')
|
||||
LOGOUT_URL = os.environ.get('LOGOUT_URL', '/accounts/logout/')
|
||||
LOGIN_URL = os.environ.get('LOGIN_URL', '/accounts/authentic2/login/?process=login')
|
||||
SOCIALACCOUNT_QUERY_EMAIL = True
|
||||
SOCIALACCOUNT_PROVIDERS = {
|
||||
'authentic2': {
|
||||
'URL': 'http://localhost:9000/idp/oauth2/',
|
||||
'SCOPE': ['read'],
|
||||
},
|
||||
}
|
||||
SOCIALACOUNT_AUTO_SIGNUP = True
|
||||
ACCOUNT_LOGOUT_ON_GET = True
|
||||
ACCOUNT_UNIQUE_EMAIL = False
|
||||
|
||||
MESSAGE_STORAGE = 'django.contrib.messages.storage.session.SessionStorage'
|
||||
|
||||
|
@ -163,7 +185,6 @@ else:
|
|||
|
||||
SECRET_KEY = os.environ.get('SECRET_KEY', '0!=(1kc6kri-ui+tmj@mr+*0bvj!(p*r0duu2n=)7@!p=pvf9n')
|
||||
|
||||
LOGIN_REDIRECT_URL = os.environ.get('LOGIN_REDIRECT_URL', '/')
|
||||
|
||||
SAML_METADATA_ROOT = 'metadata'
|
||||
|
||||
|
|
|
@ -21,7 +21,7 @@
|
|||
<div id="toplinks">
|
||||
<span class="logged-in">
|
||||
<p class="user fullname">{{ user.get_full_name }}</p>
|
||||
<a class="logout" href="{% url 'logout' %}">Déconnexion</a>
|
||||
<a class="logout" href="{{ LOGOUT_URL }}">Déconnexion</a>
|
||||
{% user_in_group "Agglo::Téléservices::Admin" as is_eservice_admin %}
|
||||
{% user_in_group_prefix "Agglo::Téléservices::BackOffice::" as is_eservice_backoffice_user %}
|
||||
{% if is_eservice_admin %}
|
||||
|
|
|
@ -1,5 +1,4 @@
|
|||
from django.conf.urls import patterns, include, url
|
||||
from django.conf.urls.i18n import i18n_patterns
|
||||
from django.contrib import admin
|
||||
from django.conf import settings
|
||||
|
||||
|
@ -7,11 +6,12 @@ from django.conf import settings
|
|||
admin.autodiscover()
|
||||
|
||||
|
||||
urlpatterns = patterns('',
|
||||
urlpatterns = patterns('portail_citoyen2.views',
|
||||
url(r'^admin/', include(admin.site.urls)),
|
||||
url(r'^admin_tools/', include('admin_tools.urls')),
|
||||
url(r'^accounts/', include('django.contrib.auth.urls')),
|
||||
url(r'^stats/$', 'portail_citoyen2.views.stats'),
|
||||
url(r'^accounts/logout/$', 'logout', name='account_logout'),
|
||||
(r'^accounts/', include('allauth.urls')),
|
||||
url(r'^stats/$', 'stats'),
|
||||
)
|
||||
|
||||
# urlpatterns = patterns('',
|
||||
|
|
|
@ -5,6 +5,15 @@ from django.http import HttpResponse
|
|||
from django.utils.timezone import now
|
||||
|
||||
from django.contrib.auth import get_user_model
|
||||
from allauth.account.views import LogoutView
|
||||
from allauth.account.adapter import get_adapter
|
||||
|
||||
class PCLogoutView(LogoutView):
|
||||
def get_redirect_url(self):
|
||||
return (self.request.REQUEST.get(self.redirect_field_name) or
|
||||
get_adapter().get_logout_redirect_url(self.request))
|
||||
|
||||
logout = PCLogoutView.as_view()
|
||||
|
||||
def stats(request):
|
||||
User = get_user_model()
|
||||
|
|
|
@ -11,3 +11,4 @@ django>=1.5.1,<1.6
|
|||
south>=0.8.4
|
||||
Pillow
|
||||
djangocms-text-ckeditor
|
||||
django-allauth
|
||||
|
|
Reference in New Issue