ohai cas hows your sex life

a25d3dc4 · Jean Michel Rouly · 4f42871c · a25d3dc4 · a25d3dc4 · a25d3dc4
Commit a25d3dc4 authored Feb 25, 2015 by Jean Michel Rouly
4 changed files
--- a/go/go/cas_callbacks.py
+++ b/go/go/cas_callbacks.py
+from django.contrib.auth.models import User
+from django.conf import settings
+
+def create_user(tree):
+
+    username = tree[0][0].text
+    user, user_created = User.objects.get_or_create(username=username)
+
+    if user_created:
+        user.email = "%s@%s" % (username, settings.ORGANIZATION_EMAIL_DOMAIN)
+        user.save()
+
+        print("Created user %s!" % username)
--- a/go/settings/settings.py.template
+++ b/go/settings/settings.py.template
 import secret
 import os

+AUTH_MODE="CAS"
+
 BASE_DIR = os.path.dirname(os.path.dirname(__file__))

 DEBUG = False
@@ -62,6 +64,7 @@ MIDDLEWARE_CLASSES = (
    'django.middleware.csrf.CsrfViewMiddleware',
    'django.contrib.auth.middleware.AuthenticationMiddleware',
    'django.contrib.messages.middleware.MessageMiddleware',
+    'cas.middleware.CASMiddleware',
 )

 ROOT_URLCONF = 'settings.urls'
@@ -116,35 +119,45 @@ LOGIN_URL = '/login'
 LOGOUT_URL = '/logout'
 LOGIN_REDIRECT_URL = '/'

-
-import ldap
-
 AUTHENTICATION_BACKENDS = (
-    'django_auth_ldap.backend.LDAPBackend',
    'django.contrib.auth.backends.ModelBackend',
 )

-AUTH_LDAP_SERVER_URI = "ldaps://directory.gmu.edu:636"  # server url
-
-AUTH_LDAP_BIND_DN = "ou=people,o=gmu.edu"               # bind DN

-AUTH_LDAP_BIND_AS_AUTHENTICATING_USER = True            # use the user
+if AUTH_MODE.lower() == 'ldap':
+    import ldap

-AUTH_LDAP_USER_DN_TEMPLATE = "uid=%(user)s,ou=people,o=gmu.edu"
+    AUTHENTICATION_BACKENDS += (
+        'django_auth_ldap.backend.LDAPBackend',
+    )

-AUTH_LDAP_GLOBAL_OPTIONS = {                            # ignore UAC cert.
-    ldap.OPT_X_TLS : ldap.OPT_X_TLS_DEMAND,
-    ldap.OPT_X_TLS_REQUIRE_CERT : ldap.OPT_X_TLS_NEVER,
-}
+    AUTH_LDAP_SERVER_URI = "ldaps://directory.gmu.edu:636"  # server url
+    AUTH_LDAP_BIND_DN = "ou=people,o=gmu.edu"               # bind DN
+    AUTH_LDAP_BIND_AS_AUTHENTICATING_USER = True            # use the user
+    AUTH_LDAP_USER_DN_TEMPLATE = "uid=%(user)s,ou=people,o=gmu.edu"
+    AUTH_LDAP_GLOBAL_OPTIONS = {                            # ignore UAC cert.
+        ldap.OPT_X_TLS : ldap.OPT_X_TLS_DEMAND,
+        ldap.OPT_X_TLS_REQUIRE_CERT : ldap.OPT_X_TLS_NEVER,
+    }
+    AUTH_LDAP_USER_ATTR_MAP = {
+        "first_name": "givenName",
+        "last_name": "sn",
+        "email": "mail"
+    }
+    AUTH_LDAP_ALWAYS_UPDATE_USER = True

-AUTH_LDAP_USER_ATTR_MAP = {
-    "first_name": "givenName",
-    "last_name": "sn",
-    "email": "mail"
-}
+elif AUTH_MODE.lower() == 'cas':
+    CAS_SERVER_URL = "https://login.gmu.edu"
+    CAS_LOGOUT_COMPLETELY = True
+    CAS_PROVIDE_URL_TO_LOGOUT = True

-AUTH_LDAP_ALWAYS_UPDATE_USER = True
+    AUTHENTICATION_BACKENDS += (
+        'cas.backends.CASBackend',
+    )

+    CAS_RESPONSE_CALLBACKS = (
+        'go.cas_callbacks.create_user',
+    )

 PIWIK_SITE_ID = secret.PIWIK_SITE_ID
 PIWIK_URL = secret.PIWIK_URL

--- a/go/settings/urls.py
+++ b/go/settings/urls.py
@@ -39,8 +39,7 @@ urlpatterns = patterns('go.views',
 urlpatterns += patterns('django.contrib.auth.views',

    # Auth pages
-    url(r'^login$', 'login', {'template_name' : 'login.html'},
-        name='go_login'),
+    url(r'^login$', 'login', name='go_login'),
    url(r'^logout$', 'logout', {'next_page' : '/'},
        name='go_logout'),
 )

--- a/requirements.txt
+++ b/requirements.txt
@@ -12,3 +12,4 @@ python-ldap==2.4.15
 simplejson==3.3.1
 six==1.7.3
 wsgiref==0.1.2
+git+https://github.com/the-ben-waters/django-cas.git