Added login system.

bcdeeb79 · Jean Michel Rouly · a269ca8c · bcdeeb79 · bcdeeb79
Commit bcdeeb79 authored Dec 15, 2013 by Jean Michel Rouly
--- a/go/settings/settings.py
+++ b/go/settings/settings.py
@@ -168,3 +168,48 @@ LOGGING = {
 LOGIN_URL = '/login'
 LOGOUT_URL = '/logout'
 LOGIN_REDIRECT_URL = '/'
+
+
+# Authentication
+# http://pythonhosted.org/django-auth-ldap
+
+import ldap
+# Baseline configuration
+
+# Keep ModelBackend around for per-user permissions and maybe a local
+# superuser.
+AUTHENTICATION_BACKENDS = (
+    'django_auth_ldap.backend.LDAPBackend',
+    'django.contrib.auth.backends.ModelBackend',
+)
+
+AUTH_LDAP_SERVER_URI = "ldaps://directory.gmu.edu:636"  # server url
+
+AUTH_LDAP_BIND_DN = "ou=people,o=gmu.edu"               # bind DN
+
+AUTH_LDAP_BIND_AS_AUTHENTICATING_USER = True            # use the user
+
+AUTH_LDAP_USER_DN_TEMPLATE = "uid=%(user)s,ou=people,o=gmu.edu"
+
+AUTH_LDAP_GLOBAL_OPTIONS = {                            # ignore UAC cert.
+    ldap.OPT_X_TLS : ldap.OPT_X_TLS_DEMAND,
+    ldap.OPT_X_TLS_REQUIRE_CERT : ldap.OPT_X_TLS_NEVER,
+}
+
+# Populate the Django user from the LDAP directory.
+AUTH_LDAP_USER_ATTR_MAP = {
+    "first_name": "givenName",
+    "last_name": "sn",
+    "email": "mail"
+}
+#AUTH_LDAP_USER_FLAGS_BY_GROUP = {
+#    "is_active": "cn=active,ou=django,ou=groups,dc=example,dc=com",
+#    "is_staff": "cn=staff,ou=django,ou=groups,dc=example,dc=com",
+#    "is_superuser": "cn=superuser,ou=django,ou=groups,dc=example,dc=com"
+#}
+#AUTH_LDAP_PROFILE_FLAGS_BY_GROUP = {
+#    "is_awesome": "cn=awesome,ou=django,ou=groups,dc=example,dc=com",
+#}
+
+# This is the default, but I like to be explicit.
+AUTH_LDAP_ALWAYS_UPDATE_USER = True
--- a/go/templates/login.html
+++ b/go/templates/login.html
@@ -7,5 +7,33 @@ Go - Login


 {% block content %}
-Login page.
+<h3>~Login~</h3>
+
+{% for error in form.errors %}
+  <p class="error">{{ error }}</p>
+{% endfor %}
+
+<form id="login-form" method="post"
+action="{% url 'django.contrib.auth.views.login' %}">
+{% csrf_token %}
+
+  <label for="username">Username</label>
+  <br/><br/>
+  <input type="text" id="username" name="username" placeholder="Username"
+  {% if form.username.errors %} class="error"{% endif %} />
+  <br/><br/>
+
+  <label for="password">Password</label>
+  <br/><br/>
+  <input type="password" id="password" name="password" placeholder="Password"
+  {% if form.password.errors %} class="error"{% endif %} />
+  <br/><br/>
+
+  <input type="submit" value="Login" />
+
+</form>
+
+<p>You must be <a href="{% url 'signup' %}">registered</a> to use this
+service.</p>
+
 {% endblock %}