Skip to content

GitLab

Commit cd3fbef5 authored by David Haynes's avatar David Haynes 🙆
Browse files

Merge branch '124-drop-ldap-support' into '2.2-dev' 

Drop ldap support (Closes #124)

See merge request !75
parents 2ede09e0 40e057a4
Pipeline #925 passed with stage
in 1 minute and 6 seconds
Hide whitespace changes
Inline Side-by-side
Showing with 52 additions and 148 deletions
.gitlab-ci.yml
View file @ cd3fbef5
......@@ -10,7 +10,7 @@ variables:
before_script:
- apt-get update -qy
- apt-get install -y libldap2-dev libsasl2-dev mysql-client libmysqlclient-dev python-mysqldb
- apt-get install -y mysql-client libmysqlclient-dev python-mysqldb
- pip install -r requirements/ci.txt
- cd go/
- cp settings/settings.py.template settings/settings.py
......
Dockerfile
View file @ cd3fbef5
......@@ -2,8 +2,6 @@ FROM python:3.6
ENV PYTHONUNBUFFERED 1
RUN apt-get update
RUN apt-get install libsasl2-dev -y
RUN apt-get install libldap2-dev -y
RUN apt-get install netcat -y
RUN mkdir /go
......
go/settings/settings.docker.py.template
View file @ cd3fbef5
......@@ -2,8 +2,6 @@
from . import secret
import os
AUTH_MODE = "CAS"
BASE_DIR = os.path.dirname(os.path.dirname(__file__))
# DEBUG mode is used to view more details when errors occur
......@@ -137,52 +135,25 @@ AUTHENTICATION_BACKENDS = (
'django.contrib.auth.backends.ModelBackend',
)
CAS_SERVER_URL = os.environ['cas_url']
CAS_LOGOUT_COMPLETELY = True
CAS_PROVIDE_URL_TO_LOGOUT = True
if AUTH_MODE.lower() == 'ldap':
import ldap
AUTHENTICATION_BACKENDS += (
'django_auth_ldap.backend.LDAPBackend',
)
AUTH_LDAP_SERVER_URI = "ldaps://directory.gmu.edu:636" # server url
AUTH_LDAP_BIND_DN = "ou=people,o=gmu.edu" # bind DN
AUTH_LDAP_BIND_AS_AUTHENTICATING_USER = True # use the user
AUTH_LDAP_USER_DN_TEMPLATE = "uid=%(user)s,ou=people,o=gmu.edu"
AUTH_LDAP_GLOBAL_OPTIONS = { # ignore UAC cert.
ldap.OPT_X_TLS: ldap.OPT_X_TLS_DEMAND,
ldap.OPT_X_TLS_REQUIRE_CERT: ldap.OPT_X_TLS_NEVER,
}
AUTH_LDAP_USER_ATTR_MAP = {
"first_name": "givenName",
"last_name": "sn",
"email": "mail"
}
AUTH_LDAP_ALWAYS_UPDATE_USER = True
elif AUTH_MODE.lower() == 'cas':
CAS_SERVER_URL = os.environ['cas_url']
CAS_LOGOUT_COMPLETELY = True
CAS_PROVIDE_URL_TO_LOGOUT = True
AUTHENTICATION_BACKENDS += (
'cas.backends.CASBackend',
)
CAS_RESPONSE_CALLBACKS = (
'go.cas_callbacks.create_user',
)
AUTHENTICATION_BACKENDS += (
'cas.backends.CASBackend',
)
INSTALLED_APPS += (
'cas',
)
CAS_RESPONSE_CALLBACKS = (
'go.cas_callbacks.create_user',
)
MIDDLEWARE_CLASSES += (
'cas.middleware.CASMiddleware',
)
INSTALLED_APPS += (
'cas',
)
# PIWIK_SITE_ID = secret.PIWIK_SITE_ID
# PIWIK_URL = secret.PIWIK_URL
MIDDLEWARE_CLASSES += (
'cas.middleware.CASMiddleware',
)
CRISPY_TEMPLATE_PACK = 'bootstrap3'
......
go/settings/settings.py.template
View file @ cd3fbef5
......@@ -3,8 +3,6 @@ from . import secret
import os
import sys
AUTH_MODE = "CAS"
BASE_DIR = os.path.dirname(os.path.dirname(__file__))
# DEBUG mode is used to view more details when errors occur
......@@ -148,49 +146,25 @@ AUTHENTICATION_BACKENDS = (
'django.contrib.auth.backends.ModelBackend',
)
CAS_SERVER_URL = "https://login.gmu.edu"
CAS_LOGOUT_COMPLETELY = True
CAS_PROVIDE_URL_TO_LOGOUT = True
if AUTH_MODE.lower() == 'ldap':
import ldap
AUTHENTICATION_BACKENDS += (
'django_auth_ldap.backend.LDAPBackend',
)
AUTH_LDAP_SERVER_URI = "ldaps://directory.gmu.edu:636" # server url
AUTH_LDAP_BIND_DN = "ou=people,o=gmu.edu" # bind DN
AUTH_LDAP_BIND_AS_AUTHENTICATING_USER = True # use the user
AUTH_LDAP_USER_DN_TEMPLATE = "uid=%(user)s,ou=people,o=gmu.edu"
AUTH_LDAP_GLOBAL_OPTIONS = { # ignore UAC cert.
ldap.OPT_X_TLS: ldap.OPT_X_TLS_DEMAND,
ldap.OPT_X_TLS_REQUIRE_CERT: ldap.OPT_X_TLS_NEVER,
}
AUTH_LDAP_USER_ATTR_MAP = {
"first_name": "givenName",
"last_name": "sn",
"email": "mail"
}
AUTH_LDAP_ALWAYS_UPDATE_USER = True
elif AUTH_MODE.lower() == 'cas':
CAS_SERVER_URL = "https://login.gmu.edu"
CAS_LOGOUT_COMPLETELY = True
CAS_PROVIDE_URL_TO_LOGOUT = True
AUTHENTICATION_BACKENDS += (
'cas.backends.CASBackend',
)
AUTHENTICATION_BACKENDS += (
'cas.backends.CASBackend',
)
CAS_RESPONSE_CALLBACKS = (
'go.cas_callbacks.create_user',
)
CAS_RESPONSE_CALLBACKS = (
'go.cas_callbacks.create_user',
)
INSTALLED_APPS += (
'cas',
)
INSTALLED_APPS += (
'cas',
)
MIDDLEWARE_CLASSES += (
'cas.middleware.CASMiddleware',
)
MIDDLEWARE_CLASSES += (
'cas.middleware.CASMiddleware',
)
CRISPY_TEMPLATE_PACK = 'bootstrap3'
......
go/settings/urls.py
View file @ cd3fbef5
......@@ -48,21 +48,12 @@ urlpatterns = [
]
# Handle authentication pages
if settings.AUTH_MODE.lower() == "ldap":
urlpatterns += [
# Auth pages
url(r'^login$', django.contrib.auth.views.login, {'template_name' : 'core/login.html'},
name='go_login'),
url(r'^logout$', django.contrib.auth.views.logout, {'next_page': '/'},
name='go_logout'),
]
else:
urlpatterns += [
# Auth pages
url(r'^login$', django.contrib.auth.views.login, name='go_login'),
url(r'^logout$', django.contrib.auth.views.logout, {'next_page': '/'},
name='go_logout'),
]
urlpatterns += [
# Auth pages
url(r'^login$', django.contrib.auth.views.login, name='go_login'),
url(r'^logout$', django.contrib.auth.views.logout, {'next_page': '/'},
name='go_logout'),
]
urlpatterns += [
# Redirection regex.
......
provisioning/playbook.yml
View file @ cd3fbef5
......@@ -37,8 +37,6 @@
state: latest
update_cache: yes
with_items:
- libldap2-dev
- libsasl2-dev
- mysql-server
- mysql-client
- libmysqlclient-dev
......
provisioning/templates/settings.py.j2
View file @ cd3fbef5
......@@ -2,8 +2,6 @@
from . import secret
import os
AUTH_MODE = "CAS"
BASE_DIR = os.path.dirname(os.path.dirname(__file__))
# DEBUG mode is used to view more details when errors occur
......@@ -137,49 +135,25 @@ AUTHENTICATION_BACKENDS = (
'django.contrib.auth.backends.ModelBackend',
)
CAS_SERVER_URL = "{{ django['cas_url'] }}"
CAS_LOGOUT_COMPLETELY = True
CAS_PROVIDE_URL_TO_LOGOUT = True
if AUTH_MODE.lower() == 'ldap':
import ldap
AUTHENTICATION_BACKENDS += (
'django_auth_ldap.backend.LDAPBackend',
)
AUTH_LDAP_SERVER_URI = "ldaps://directory.gmu.edu:636" # server url
AUTH_LDAP_BIND_DN = "ou=people,o=gmu.edu" # bind DN
AUTH_LDAP_BIND_AS_AUTHENTICATING_USER = True # use the user
AUTH_LDAP_USER_DN_TEMPLATE = "uid=%(user)s,ou=people,o=gmu.edu"
AUTH_LDAP_GLOBAL_OPTIONS = { # ignore UAC cert.
ldap.OPT_X_TLS: ldap.OPT_X_TLS_DEMAND,
ldap.OPT_X_TLS_REQUIRE_CERT: ldap.OPT_X_TLS_NEVER,
}
AUTH_LDAP_USER_ATTR_MAP = {
"first_name": "givenName",
"last_name": "sn",
"email": "mail"
}
AUTH_LDAP_ALWAYS_UPDATE_USER = True
elif AUTH_MODE.lower() == 'cas':
CAS_SERVER_URL = "{{ django['cas_url'] }}"
CAS_LOGOUT_COMPLETELY = True
CAS_PROVIDE_URL_TO_LOGOUT = True
AUTHENTICATION_BACKENDS += (
'cas.backends.CASBackend',
)
AUTHENTICATION_BACKENDS += (
'cas.backends.CASBackend',
)
CAS_RESPONSE_CALLBACKS = (
'go.cas_callbacks.create_user',
)
CAS_RESPONSE_CALLBACKS = (
'go.cas_callbacks.create_user',
)
INSTALLED_APPS += (
'cas',
)
INSTALLED_APPS += (
'cas',
)
MIDDLEWARE_CLASSES += (
'cas.middleware.CASMiddleware',
)
MIDDLEWARE_CLASSES += (
'cas.middleware.CASMiddleware',
)
CRISPY_TEMPLATE_PACK = 'bootstrap3'
......
requirements/base.txt
View file @ cd3fbef5
Django==1.10
django-auth-ldap==1.2.8
django-crispy-forms==1.6.0
django-ratelimit==1.0.1
git+https://github.com/bruno207/django-qrcode.git
......@@ -7,6 +6,5 @@ git+https://github.com/kstateome/django-cas.git
git+https://github.com/bruno207/django-bootstrap3-datetimepicker.git
hashids==1.1.0
mysqlclient
pyldap
requests==2.11.0
simplejson==3.8.2
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment