add OIDC library, configurations and login details

Teknologforeningen · Nov 21, 2020 · 28304e0 · 28304e0
1 parent 7b7ec48
commit 28304e0
Show file tree

Hide file tree

Showing 4 changed files with 18 additions and 9 deletions.
diff --git a/fars/booking/templates/base.html b/fars/booking/templates/base.html
@@ -35,19 +35,17 @@
       {% if user.is_authenticated %}
         <span class="nav-item">
           <span class="navbar-text" id="toolbar-user-name"><a href="{% url 'profile' %}">{{user.get_full_name}}</a></span>
-          <a class="btn btn-outline-danger" id="toolbar-btn" href="{% url 'logout' %}?next={{ request.build_absolute_uri }}">{% trans "Logout" %}</a>
+          <form action="{% url 'oidc_logout' %}" method="post">
+            {% csrf_token %}
+            <input class="btn btn-outline-danger" id="toolbar-btn" type="submit" value="logout">
+          </form>
         </span>
       {% else %}
         <button class="navbar-toggler" type="button" data-toggle="collapse" data-target="#collapseContent" aria-controls="collapseContent" aria-expanded="false" aria-label="Toggle navigation">
           <span class="navbar-toggler-icon"></span>
         </button>
         <div id="collapseContent" class="collapse navbar-collapse">
-          <form class="form-inline ml-auto my-3 my-md-0" method="post" action="{% url 'login' %}?next={{ request.build_absolute_uri }}">
-            {% csrf_token %}
-            <input class="form-control mr-sm-2" id="id_username" name="username" type="text" required placeholder="Username" maxlength="254"/>
-            <input class="form-control mr-sm-2" id="id_password" name="password" type="password" required placeholder="Password"/>
-            <button type="submit" class="btn btn-outline-success my-2 my-sm-0">{% trans "Login" %}</button>
-          </form>
+          <a class="btn btn-outline-success ml-auto my-2 my-sm-0" href="{% url 'oidc_authentication_init' %}">{% trans "Login" %}</a>
         </div>
       {% endif %}
     </nav>

diff --git a/fars/fars/settings.py b/fars/fars/settings.py
@@ -42,6 +42,7 @@
     'django.contrib.sessions',
     'django.contrib.messages',
     'django.contrib.staticfiles',
+    'mozilla_django_oidc',
     'booking',
     'tabletpage',
     'rest_framework',
@@ -198,11 +199,19 @@
 # Keep ModelBackend around for per-user permissions and maybe a local
 # superuser.
 AUTHENTICATION_BACKENDS = (
-    'django_auth_ldap.backend.LDAPBackend',
-    'django.contrib.auth.backends.ModelBackend',
+    'mozilla_django_oidc.auth.OIDCAuthenticationBackend',
+    #'django.contrib.auth.backends.ModelBackend',
 )
 
 # Never require cert
 AUTH_LDAP_GLOBAL_OPTIONS = {
     ldap.OPT_X_TLS_REQUIRE_CERT: ldap.OPT_X_TLS_NEVER
 }
+
+# OIDC settings
+OIDC_RP_CLIENT_ID = env('OIDC_RP_CLIENT_ID')
+OIDC_RP_CLIENT_SECRET = env('OIDC_RP_CLIENT_SECRET')
+
+OIDC_OP_AUTHORIZATION_ENDPOINT = env('OIDC_OP_AUTHORIZATION_ENDPOINT')
+OIDC_OP_TOKEN_ENDPOINT = env('OIDC_OP_TOKEN_ENDPOINT')
+OIDC_OP_USER_ENDPOINT = env('OIDC_OP_USER_ENDPOINT')
diff --git a/fars/fars/urls.py b/fars/fars/urls.py
@@ -28,4 +28,5 @@
     path('booking/', include('booking.urls')),
     path('tablet/', include('tabletpage.urls')),
     path('', RedirectView.as_view(url='booking/')),
+    path('oidc/', include('mozilla_django_oidc.urls')),
 ]
diff --git a/requirements.txt b/requirements.txt
@@ -12,3 +12,4 @@ django-auth-ldap~=2.1
 psycopg2-binary~=2.8
 requests~=2.22
 requests-futures~=1.0
+mozilla-django-oidc~=1.2.4