initial auth0 support for db
parent
2aa1e7149f
commit
704bc18e76
|
@ -0,0 +1,6 @@
|
||||||
|
# -*- coding: utf-8 -*-
|
||||||
|
from __future__ import unicode_literals
|
||||||
|
|
||||||
|
# from django.contrib import admin
|
||||||
|
|
||||||
|
# Register your models here.
|
|
@ -0,0 +1,8 @@
|
||||||
|
# -*- coding: utf-8 -*-
|
||||||
|
from __future__ import unicode_literals
|
||||||
|
|
||||||
|
from django.apps import AppConfig
|
||||||
|
|
||||||
|
|
||||||
|
class Auth0LoginConfig(AppConfig):
|
||||||
|
name = 'auth0login'
|
|
@ -0,0 +1,35 @@
|
||||||
|
import requests
|
||||||
|
from social_core.backends.oauth import BaseOAuth2
|
||||||
|
|
||||||
|
|
||||||
|
class Auth0(BaseOAuth2):
|
||||||
|
"""Auth0 OAuth authentication backend"""
|
||||||
|
name = 'auth0'
|
||||||
|
SCOPE_SEPARATOR = ' '
|
||||||
|
ACCESS_TOKEN_METHOD = 'POST'
|
||||||
|
EXTRA_DATA = [
|
||||||
|
('email', 'email')
|
||||||
|
]
|
||||||
|
|
||||||
|
def authorization_url(self):
|
||||||
|
"""Return the authorization endpoint."""
|
||||||
|
return "https://" + self.setting('DOMAIN') + "/authorize"
|
||||||
|
|
||||||
|
def access_token_url(self):
|
||||||
|
"""Return the token endpoint."""
|
||||||
|
return "https://" + self.setting('DOMAIN') + "/oauth/token"
|
||||||
|
|
||||||
|
def get_user_id(self, details, response):
|
||||||
|
"""Return current user id."""
|
||||||
|
return details['user_id']
|
||||||
|
|
||||||
|
def get_user_details(self, response):
|
||||||
|
url = 'https://' + self.setting('DOMAIN') + '/userinfo'
|
||||||
|
headers = {'authorization': 'Bearer ' + response['access_token']}
|
||||||
|
resp = requests.get(url, headers=headers)
|
||||||
|
userinfo = resp.json()
|
||||||
|
|
||||||
|
return {'username': userinfo['nickname'],
|
||||||
|
'email': userinfo['email'],
|
||||||
|
# 'first_name': userinfo['name'],
|
||||||
|
'user_id': userinfo['sub']}
|
|
@ -0,0 +1,6 @@
|
||||||
|
# -*- coding: utf-8 -*-
|
||||||
|
from __future__ import unicode_literals
|
||||||
|
|
||||||
|
# from django.db import models
|
||||||
|
|
||||||
|
# Create your models here.
|
|
@ -0,0 +1,6 @@
|
||||||
|
# -*- coding: utf-8 -*-
|
||||||
|
from __future__ import unicode_literals
|
||||||
|
|
||||||
|
# from django.test import TestCase
|
||||||
|
|
||||||
|
# Create your tests here.
|
|
@ -0,0 +1,8 @@
|
||||||
|
from django.conf.urls import url, include
|
||||||
|
from . import views
|
||||||
|
|
||||||
|
urlpatterns = [
|
||||||
|
url('^$', views.index),
|
||||||
|
url(r'^', include('django.contrib.auth.urls', namespace='auth')),
|
||||||
|
url(r'^', include('social_django.urls', namespace='social')),
|
||||||
|
]
|
|
@ -0,0 +1,7 @@
|
||||||
|
from __future__ import unicode_literals
|
||||||
|
|
||||||
|
from django.shortcuts import render
|
||||||
|
|
||||||
|
|
||||||
|
def index(request):
|
||||||
|
return render(request, 'index.html')
|
|
@ -16,3 +16,11 @@ def stage_notice(request):
|
||||||
return {'stage_notice': render_to_string('includes/stage_notice.html')}
|
return {'stage_notice': render_to_string('includes/stage_notice.html')}
|
||||||
else:
|
else:
|
||||||
return {'stage_notice': ''}
|
return {'stage_notice': ''}
|
||||||
|
|
||||||
|
|
||||||
|
def auth_block(request):
|
||||||
|
"""Displays auth links local vs auth0."""
|
||||||
|
if settings.AUTH0:
|
||||||
|
return {'auth_block': render_to_string('includes/auth_auth0.html')}
|
||||||
|
else:
|
||||||
|
return {'auth_block': render_to_string('includes/auth_local.html')}
|
||||||
|
|
|
@ -7,6 +7,7 @@ ROOT = Path(__file__).parent
|
||||||
|
|
||||||
ENVIRONMENT = config('ENVIRONMENT', default='production')
|
ENVIRONMENT = config('ENVIRONMENT', default='production')
|
||||||
DEBUG = config('DEBUG', default=False, cast=bool)
|
DEBUG = config('DEBUG', default=False, cast=bool)
|
||||||
|
AUTH0 = config('AUTH0', default=False, cast=bool)
|
||||||
|
|
||||||
# Apps
|
# Apps
|
||||||
DJANGO_APPS = (
|
DJANGO_APPS = (
|
||||||
|
@ -33,6 +34,11 @@ LOCAL_APPS = (
|
||||||
'db.base',
|
'db.base',
|
||||||
'db.api',
|
'db.api',
|
||||||
)
|
)
|
||||||
|
|
||||||
|
if AUTH0:
|
||||||
|
THIRD_PARTY_APPS += ('social_django',)
|
||||||
|
LOCAL_APPS += ('auth0login',)
|
||||||
|
|
||||||
INSTALLED_APPS = DJANGO_APPS + THIRD_PARTY_APPS + LOCAL_APPS
|
INSTALLED_APPS = DJANGO_APPS + THIRD_PARTY_APPS + LOCAL_APPS
|
||||||
|
|
||||||
# Middlware
|
# Middlware
|
||||||
|
@ -101,6 +107,7 @@ TEMPLATES = [
|
||||||
'django.template.context_processors.request',
|
'django.template.context_processors.request',
|
||||||
'db.base.context_processors.analytics',
|
'db.base.context_processors.analytics',
|
||||||
'db.base.context_processors.stage_notice',
|
'db.base.context_processors.stage_notice',
|
||||||
|
'db.base.context_processors.auth_block',
|
||||||
],
|
],
|
||||||
'loaders': [
|
'loaders': [
|
||||||
('django.template.loaders.cached.Loader', [
|
('django.template.loaders.cached.Loader', [
|
||||||
|
@ -143,12 +150,16 @@ WSGI_APPLICATION = 'db.wsgi.application'
|
||||||
# Auth
|
# Auth
|
||||||
AUTHENTICATION_BACKENDS = (
|
AUTHENTICATION_BACKENDS = (
|
||||||
'django.contrib.auth.backends.ModelBackend',
|
'django.contrib.auth.backends.ModelBackend',
|
||||||
'allauth.account.auth_backends.AuthenticationBackend',
|
|
||||||
)
|
)
|
||||||
|
if AUTH0:
|
||||||
|
AUTHENTICATION_BACKENDS += ('auth0login.auth0backend.Auth0',)
|
||||||
|
|
||||||
ACCOUNT_AUTHENTICATION_METHOD = 'username'
|
ACCOUNT_AUTHENTICATION_METHOD = 'username'
|
||||||
ACCOUNT_EMAIL_REQUIRED = True
|
ACCOUNT_EMAIL_REQUIRED = True
|
||||||
ACCOUNT_EMAIL_VERIFICATION = 'mandatory'
|
ACCOUNT_EMAIL_VERIFICATION = 'mandatory'
|
||||||
LOGIN_REDIRECT_URL = 'home'
|
LOGIN_REDIRECT_URL = 'home'
|
||||||
|
LOGIN_URL = "/login/auth0"
|
||||||
|
LOGOUT_REDIRECT_URL = "/"
|
||||||
|
|
||||||
# Logging
|
# Logging
|
||||||
LOGGING = {
|
LOGGING = {
|
||||||
|
@ -269,6 +280,33 @@ INFLUX_USER = config('INFLUX_USER', default='db')
|
||||||
INFLUX_PASS = config('INFLUX_PASS', default='db')
|
INFLUX_PASS = config('INFLUX_PASS', default='db')
|
||||||
INFLUX_DB = config('INFLUX_DB', default='db')
|
INFLUX_DB = config('INFLUX_DB', default='db')
|
||||||
|
|
||||||
|
if AUTH0:
|
||||||
|
SOCIAL_AUTH_TRAILING_SLASH = False # Remove end slash from routes
|
||||||
|
SOCIAL_AUTH_AUTH0_DOMAIN = config('SOCIAL_AUTH_AUTH0_DOMAIN', default='YOUR_AUTH0_DOMAIN')
|
||||||
|
SOCIAL_AUTH_AUTH0_KEY = config('SOCIAL_AUTH_AUTH0_KEY', default='YOUR_CLIENT_ID')
|
||||||
|
SOCIAL_AUTH_AUTH0_SECRET = config('SOCIAL_AUTH_AUTH0_SECRET', default='YOUR_CLIENT_SECRET')
|
||||||
|
SOCIAL_AUTH_REDIRECT_IS_HTTPS = True
|
||||||
|
SOCIAL_AUTH_PROTECTED_USER_FIELDS = ['email', 'first_name', 'last_name']
|
||||||
|
|
||||||
|
SOCIAL_AUTH_PIPELINE = (
|
||||||
|
'social_core.pipeline.social_auth.social_details',
|
||||||
|
'social_core.pipeline.social_auth.social_uid',
|
||||||
|
'social_core.pipeline.social_auth.auth_allowed',
|
||||||
|
'social_core.pipeline.social_auth.social_user',
|
||||||
|
'social_core.pipeline.social_auth.associate_by_email',
|
||||||
|
'social_core.pipeline.user.get_username',
|
||||||
|
'social_core.pipeline.user.create_user',
|
||||||
|
'social_core.pipeline.social_auth.associate_user',
|
||||||
|
'social_core.pipeline.social_auth.load_extra_data',
|
||||||
|
'social_core.pipeline.user.user_details',
|
||||||
|
)
|
||||||
|
|
||||||
|
SOCIAL_AUTH_AUTH0_SCOPE = [
|
||||||
|
'openid',
|
||||||
|
'email',
|
||||||
|
'profile',
|
||||||
|
]
|
||||||
|
|
||||||
if ENVIRONMENT == 'dev':
|
if ENVIRONMENT == 'dev':
|
||||||
# Disable template caching
|
# Disable template caching
|
||||||
for backend in TEMPLATES:
|
for backend in TEMPLATES:
|
||||||
|
|
|
@ -59,8 +59,7 @@
|
||||||
</ul>
|
</ul>
|
||||||
</li>
|
</li>
|
||||||
{% else %}
|
{% else %}
|
||||||
<li><a href="{% url 'account_signup' %}">Sign Up</a></li>
|
{{ auth_block }}
|
||||||
<li><a href="{% url 'account_login' %}">Log In</a></li>
|
|
||||||
{% endif %}
|
{% endif %}
|
||||||
</ul>
|
</ul>
|
||||||
</div>
|
</div>
|
||||||
|
|
|
@ -0,0 +1 @@
|
||||||
|
<li><a href="/login/auth0">Sign Up / Log In</a></li>
|
|
@ -0,0 +1,2 @@
|
||||||
|
<li><a href="{% url 'account_signup' %}">Sign Up</a></li>
|
||||||
|
<li><a href="{% url 'account_login' %}">Log In</a></li>
|
|
@ -25,6 +25,12 @@ urlpatterns = [
|
||||||
url(r'^admin/', admin.site.urls),
|
url(r'^admin/', admin.site.urls),
|
||||||
]
|
]
|
||||||
|
|
||||||
|
# Auth0
|
||||||
|
if settings.AUTH0:
|
||||||
|
urlpatterns += [
|
||||||
|
url(r'^', include('auth0login.urls'))
|
||||||
|
]
|
||||||
|
|
||||||
if settings.DEBUG:
|
if settings.DEBUG:
|
||||||
urlpatterns += [
|
urlpatterns += [
|
||||||
url(r'^media/(?P<path>.*)$', serve,
|
url(r'^media/(?P<path>.*)$', serve,
|
||||||
|
|
|
@ -35,6 +35,7 @@ Pillow==5.0.0
|
||||||
pyephem==3.7.6.0
|
pyephem==3.7.6.0
|
||||||
python-dateutil==2.7.3
|
python-dateutil==2.7.3
|
||||||
python-decouple==3.1
|
python-decouple==3.1
|
||||||
|
python-dotenv==0.6.5
|
||||||
python-openid==2.2.5
|
python-openid==2.2.5
|
||||||
pytool==3.10.0
|
pytool==3.10.0
|
||||||
pytz==2018.3
|
pytz==2018.3
|
||||||
|
@ -48,6 +49,7 @@ satnogsdecoders==0.1
|
||||||
shortuuid==0.5.0
|
shortuuid==0.5.0
|
||||||
simplejson==3.16.0
|
simplejson==3.16.0
|
||||||
six==1.11.0
|
six==1.11.0
|
||||||
|
social-auth-app-django==1.2.0
|
||||||
Unipath==1.1
|
Unipath==1.1
|
||||||
urllib3==1.22
|
urllib3==1.22
|
||||||
vine==1.1.4
|
vine==1.1.4
|
||||||
|
|
Loading…
Reference in New Issue