ohai cas hows your sex life

go/go/cas_callbacks.py

+from django.contrib.auth.models import User
+from django.conf import settings
+
+def create_user(tree):
+
+    username = tree[0][0].text
+    user, user_created = User.objects.get_or_create(username=username)
+
+    if user_created:
+        user.email = "%s@%s" % (username, settings.ORGANIZATION_EMAIL_DOMAIN)
+        user.save()
+
+        print("Created user %s!" % username)

go/settings/settings.py.template

 import secret
 import os
 
+AUTH_MODE="CAS"
+
 BASE_DIR = os.path.dirname(os.path.dirname(__file__))
 
 DEBUG = False
@@ -62,6 +64,7 @@ MIDDLEWARE_CLASSES = (
     'django.middleware.csrf.CsrfViewMiddleware',
     'django.contrib.auth.middleware.AuthenticationMiddleware',
     'django.contrib.messages.middleware.MessageMiddleware',
+    'cas.middleware.CASMiddleware',
 )
 
 ROOT_URLCONF = 'settings.urls'
@@ -116,35 +119,45 @@ LOGIN_URL = '/login'
 LOGOUT_URL = '/logout'
 LOGIN_REDIRECT_URL = '/'
 
-
-import ldap
-
 AUTHENTICATION_BACKENDS = (
-    'django_auth_ldap.backend.LDAPBackend',
     'django.contrib.auth.backends.ModelBackend',
 )
 
-AUTH_LDAP_SERVER_URI = "ldaps://directory.gmu.edu:636"  # server url
-
-AUTH_LDAP_BIND_DN = "ou=people,o=gmu.edu"               # bind DN
 
-AUTH_LDAP_BIND_AS_AUTHENTICATING_USER = True            # use the user
+if AUTH_MODE.lower() == 'ldap':
+    import ldap
 
-AUTH_LDAP_USER_DN_TEMPLATE = "uid=%(user)s,ou=people,o=gmu.edu"
+    AUTHENTICATION_BACKENDS += (
+        'django_auth_ldap.backend.LDAPBackend',
+    )
 
-AUTH_LDAP_GLOBAL_OPTIONS = {                            # ignore UAC cert.
-    ldap.OPT_X_TLS : ldap.OPT_X_TLS_DEMAND,
-    ldap.OPT_X_TLS_REQUIRE_CERT : ldap.OPT_X_TLS_NEVER,
-}
+    AUTH_LDAP_SERVER_URI = "ldaps://directory.gmu.edu:636"  # server url
+    AUTH_LDAP_BIND_DN = "ou=people,o=gmu.edu"               # bind DN
+    AUTH_LDAP_BIND_AS_AUTHENTICATING_USER = True            # use the user
+    AUTH_LDAP_USER_DN_TEMPLATE = "uid=%(user)s,ou=people,o=gmu.edu"
+    AUTH_LDAP_GLOBAL_OPTIONS = {                            # ignore UAC cert.
+        ldap.OPT_X_TLS : ldap.OPT_X_TLS_DEMAND,
+        ldap.OPT_X_TLS_REQUIRE_CERT : ldap.OPT_X_TLS_NEVER,
+    }
+    AUTH_LDAP_USER_ATTR_MAP = {
+        "first_name": "givenName",
+        "last_name": "sn",
+        "email": "mail"
+    }
+    AUTH_LDAP_ALWAYS_UPDATE_USER = True
 
-AUTH_LDAP_USER_ATTR_MAP = {
-    "first_name": "givenName",
-    "last_name": "sn",
-    "email": "mail"
-}
+elif AUTH_MODE.lower() == 'cas':
+    CAS_SERVER_URL = "https://login.gmu.edu"
+    CAS_LOGOUT_COMPLETELY = True
+    CAS_PROVIDE_URL_TO_LOGOUT = True
 
-AUTH_LDAP_ALWAYS_UPDATE_USER = True
+    AUTHENTICATION_BACKENDS += (
+        'cas.backends.CASBackend',
+    )
 
+    CAS_RESPONSE_CALLBACKS = (
+        'go.cas_callbacks.create_user',
+    )
 
 PIWIK_SITE_ID = secret.PIWIK_SITE_ID
 PIWIK_URL = secret.PIWIK_URL

go/settings/urls.py

@@ -39,8 +39,7 @@ urlpatterns = patterns('go.views',
 urlpatterns += patterns('django.contrib.auth.views',
 
     # Auth pages
-    url(r'^login$', 'login', {'template_name' : 'login.html'},
-        name='go_login'),
+    url(r'^login$', 'login', name='go_login'),
     url(r'^logout$', 'logout', {'next_page' : '/'},
         name='go_logout'),
 )

requirements.txt

@@ -12,3 +12,4 @@ python-ldap==2.4.15
 simplejson==3.3.1
 six==1.7.3
 wsgiref==0.1.2
+git+https://github.com/the-ben-waters/django-cas.git