A Django sso login based on django-mozilla-oidc that creates an inactive user upon SSO login.
Project description
Django OIDC Addmin
django-oidc-admin is a Django app that adds a custom login button to the Django admin login page using django-mozilla-oidc.
It does not allow direct authentication on the first SSO login but instead creates an inactive user.
The administrator must activate the user in the Django admin interface.
After activation, the user can log in using the SSO login button.
Quick Start
-
Add
django_oidc_admin"to yourINSTALLED_APPSsetting.
It must be before"django.contrib.admin".INSTALLED_APPS = [ ..., "django_oidc_admin", "django.contrib.admin", ..., ]
-
Add the following settings to your
settings.pyfile:# Required settings AUTHENTICATION_BACKENDS = ( "django_oidc_admin.authentication.DjangoOIDCAdminBackend", # Authentication OIDC "django.contrib.auth.backends.ModelBackend", # Classic authentication ) # Add the admin_navbar context processor to templates settings TEMPLATES = [ { "DIRS": [], "APP_DIRS": True, "OPTIONS": { "context_processors": [ "django_oidc_admin.context_processors.admin_navbar", ], }, }, ] # Mozilla Django OIDC mandatory settings OIDC_RP_CLIENT_ID = os.environ["OIDC_RP_CLIENT_ID"] OIDC_RP_CLIENT_SECRET = os.environ["OIDC_RP_CLIENT_SECRET"] OIDC_RP_SCOPES = "openid email profile" OIDC_OP_AUTHORIZATION_ENDPOINT = os.environ["OIDC_OP_AUTHORIZATION_ENDPOINT"] OIDC_OP_TOKEN_ENDPOINT = os.environ["OIDC_OP_TOKEN_ENDPOINT"] OIDC_OP_USER_ENDPOINT = os.environ["OIDC_OP_USER_ENDPOINT"] OIDC_OP_JWKS_ENDPOINT = os.environ["OIDC_OP_JWKS_ENDPOINT"] OIDC_RP_SIGN_ALGO = os.environ.get("OIDC_RP_SIGN_ALGO", "RS256") # Not mandatory, but if needed, to add the user in a group (group will be created if not existing) DOIDCADMIN_NEW_USER_GROUP_NAME = "users" # Custom settings LOGIN_REDIRECT_URL = "admin:index" # The login will fail as the user is not automatically set to active, we need to redirect to the admin. LOGIN_REDIRECT_URL_FAILURE = "admin:index" # Override the OIDC callback class to use the custom one OIDC_CALLBACK_CLASS = "django_oidc_admin.authentication.DjangoOIDCAdminCallbackView"
-
Include the app's URL configuration in
urls.py:from django.urls import path, include urlpatterns = [ path("oidc/", include("django_oidc_admin.urls")), ]
-
Start the development server and visit the admin login page to test the SSO login button.
License
See the LICENSE file for license rights and limitations (MIT).
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
Built Distribution
Filter files by name, interpreter, ABI, and platform.
If you're not sure about the file name format, learn more about wheel file names.
Copy a direct link to the current filters
File details
Details for the file django_oidc_admin-0.1.2.tar.gz.
File metadata
- Download URL: django_oidc_admin-0.1.2.tar.gz
- Upload date:
- Size: 9.5 kB
- Tags: Source
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/6.1.0 CPython/3.11.4
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
c8fd99e404541013d9e12de54ccfc2d6baf1ca25178743587a5548e595358df8
|
|
| MD5 |
b108125076838209ce51944f5610a827
|
|
| BLAKE2b-256 |
e9d410b8aa7a48b9e3dd244c1308e349ffbefd90db79984a339f037af56d2878
|
File details
Details for the file django_oidc_admin-0.1.2-py3-none-any.whl.
File metadata
- Download URL: django_oidc_admin-0.1.2-py3-none-any.whl
- Upload date:
- Size: 7.6 kB
- Tags: Python 3
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/6.1.0 CPython/3.11.4
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
302b5d890f86a54769e5b4707a0bb829f3e03424284b932a2f2fd6cad9b7cb64
|
|
| MD5 |
64172f9061642c44f50ededd1dff6cce
|
|
| BLAKE2b-256 |
afc7ae1c35be312c778bcf08b7a108e00b9b54aa2797db87c9fd409721d65c16
|
