Commit 1453a279 authored by Mirko Vucicevich's avatar Mirko Vucicevich

ADFS working

parent 91ea958d
db.sqlite3
.vscode/
*.pyc
env/
docs/
......@@ -13,3 +14,4 @@ lib/
pyvenv.cfg
.vscode
.DS_Store
staticfiles/
{
"python.pythonPath": "env/bin/python3.7"
}
\ No newline at end of file
from django.contrib.auth.models import User
from scinage.custom_logger import logger
from django.conf import settings
from django.contrib.auth import get_user_model
user_model = get_user_model()
username_field = user_model.USERNAME_FIELD
class UserMaskMiddleware(object):
def process_request(self, request):
if request.user.is_superuser and "__user_mask" in request.GET:
request.session['__user_mask'] = request.GET["__user_mask"]
logger.info(
"""request.user.username: %s,
request.user.is_superuser: %s,
request.session['__user_mask']: %s""" %
(
request.user.username,
request.user.is_superuser,
request.session['__user_mask']
)
def default_permission_fn(request):
return request.user.is_authenticated and request.user.is_superuser
permission_fn = getattr(
settings, 'USER_MASK_PERMISSION_FN', default_permission_fn
)
mask_keyword = getattr(
settings, 'USER_MASK_KEYWORD', '__user_mask'
)
unmask_keyword = getattr(
settings, 'USER_UNMASK_KEYWORD', '__unmask'
)
class UserMaskMiddleware:
def __init__(self, get_response):
self.get_response = get_response
def process_request(self, request):
if permission_fn(request) and mask_keyword in request.GET:
username = request.GET[mask_keyword]
if user_model.objects.filter(
**{username_field: username}
).exists():
request.session[mask_keyword] = username
elif unmask_keyword in request.GET:
_ = request.session.pop(mask_keyword, None)
if permission_fn(request) and mask_keyword in request.session:
request.user = user_model.objects.get(
**{username_field: request.session[mask_keyword]}
)
elif "__user_unmask" in request.GET:
del request.session['__user_mask']
if request.user.is_superuser and '__user_mask' in request.session:
mask = User.objects.filter(
username=request.session['__user_mask']
).first()
if mask is not None:
request.user = mask
else:
del request.session['__user_mask']
return request
def __call__(self, request):
request = self.process_request(request)
response = self.get_response(request)
return response
......@@ -34,7 +34,7 @@ MIDDLEWARE = [
TEMPLATES = [
{
'BACKEND': 'django.template.backends.django.DjangoTemplates',
'DIRS': [],
'DIRS': [os.path.join(BASE_DIR, 'templates')],
'APP_DIRS': True,
'OPTIONS': {
'context_processors': [
......@@ -64,6 +64,7 @@ AUTH_PASSWORD_VALIDATORS = [
},
]
STATICFILES_DIRS = [os.path.join(BASE_DIR, 'static')]
LANGUAGE_CODE = 'en-us'
TIME_ZONE = 'America/Toronto'
......
......@@ -54,6 +54,6 @@ EMAIL_HOST_PASSWORD = '<EMAIL PASSWORD>'
# Change these to handle alternate auth methoids
ROOT_URLCONF = 'scinage.default_urls'
LOGIN_URL = '/auth/login'
LOGOUT_URL = '/auth/logout'
\ No newline at end of file
ROOT_URLCONF = 'scinage.urls_default'
LOGIN_URL = '/login'
LOGOUT_URL = '/logout'
\ No newline at end of file
......@@ -15,13 +15,14 @@ Including another URLconf
"""
from django.conf.urls import include, url
from django.contrib import admin, auth
import django_cas_ng.views
import haystack.urls
import layers
from layers import views as views
from layers import dashboard as dashboard
from rest_framework import routers
from layers.api import *
from django.conf import settings
from django.conf.urls.static import static
#Register api paths
router = routers.SimpleRouter()
......@@ -131,7 +132,6 @@ urlpatterns = [
]
from django.conf import settings
# Handling authentication routes
......@@ -140,6 +140,7 @@ from django.conf import settings
# We check for the prescene of a CAS_SERVER_URL in settings
# If it is present we will authenticate through that CAS Server
# Likewise, if it's not then we will use our own authentication system
"""
if settings.CAS_SERVER_URL is not None:
urlpatterns.extend([
url(r'^accounts/login/$', django_cas_ng.views.LoginView.as_view(), name='login'),
......@@ -153,6 +154,6 @@ else:
url(r'^accounts/', include('django.contrib.auth.urls')),
])
from django.conf.urls.static import static
urlpatterns += static(settings.STATIC_URL, document_root=settings.STATIC_ROOT) + static('/media/', document_root=settings.MEDIA_ROOT)
"""
if settings.DEBUG:
urlpatterns += static(settings.STATIC_URL, document_root=settings.STATIC_ROOT) + static('/media/', document_root=settings.MEDIA_ROOT)
# The default URL settings for scinage. Uses local auth.
# Write a new setup to handle non-local auth if needed
from django.urls import path, include, reverse_lazy
urlpatterns = [
path('oauth2/', include('django_auth_adfs.urls')),
# Needed so logout url still works in templates
path(
'oauth2/logout',
lambda x, y: reverse_lazy('django_auth_adfs:logout'),
name='logout'
),
path('', include('scinage.urls'))
]
# The default URL settings for scinage. Uses local auth.
# Write a new setup to handle non-local auth if needed
from django.urls import path
from django.urls import path, include
from django.contrib.admin import site
urlpatterns = [
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment