Reusable Django app to facilitate gov.uk Staff Single Sign On
Project description
Django-staff-sso-client
A Django client for staff-sso
Requirements
Installation
pip install django-staff-sso-client
Configuration
Add the following to your settings file:
INSTALLED_APPS=[
[...]
'authbroker_client',
]
# authbroker config
AUTHBROKER_URL = 'speak-to-webops-team-for-access'
AUTHBROKER_CLIENT_ID = 'speak-to-webops-team-for-access'
AUTHBROKER_CLIENT_SECRET = 'speak-to-webops-team-for-access'
Add the 'authbroker_client.backends.AuthbrokerBackend' authentication backend, e.g:
AUTHENTICATION_BACKENDS = [
'django.contrib.auth.backends.ModelBackend',
'authbroker_client.backends.AuthbrokerBackend',
]
Add the LOGIN_URL ( it must be '/auth/login' )
LOGIN_URL = reverse_lazy('authbroker:login')
Add the LOGIN_REDIRECT_URL for e.g.
LOGIN_REDIRECT_URL = reverse_lazy('home_page')
Then finally add this to your main urls.py file:
path('auth/', include('authbroker_client.urls'))
or, if you're using Django<2:
url('^auth/', include('authbroker_client.urls', namespace='authbroker', app_name='authbroker_client'))
You should now have an /auth/login/ URL which directs users through the staff-sso login flow. Once a user is
authenticated via staff-sso (and chosen identify provider), they will be redirected back to your application.
A local django user with a matching email address will then be logged in. The user entry will be created if it does
not already exist in the database.
Once authenticated, the user will be redirected to settings.LOGIN_REDIRECT_URL
Use the django @login_required decorator to protect individual views, or if you want to protect all views use this middleware:
MIDDLEWARE = [
[...]
'authbroker_client.middleware.ProtectAllViewsMiddleware',
]
if you do like to use admin interface in your app, when using this module, you will also need to install and configure the custom_usermodel.
TODO:
- ensure has_valid_token() checks with
staff-ssoafter grace period (e.g. 1 minute) - improve exception handling logic in
authbroker_client/views.py
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distributions
Built Distribution
Filter files by name, interpreter, ABI, and platform.
If you're not sure about the file name format, learn more about wheel file names.
Copy a direct link to the current filters
File details
Details for the file django_staff_sso_client-0.3.1-py3-none-any.whl.
File metadata
- Download URL: django_staff_sso_client-0.3.1-py3-none-any.whl
- Upload date:
- Size: 10.5 kB
- Tags: Python 3
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/1.13.0 pkginfo/1.5.0.1 requests/2.22.0 setuptools/40.6.2 requests-toolbelt/0.9.1 tqdm/4.32.2 CPython/3.6.8
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
e602d5873258d3a34287890a392416bef8515736c8069c2b5b1136261e81bb1f
|
|
| MD5 |
af460d51dcfce035e8c5e84de3e1fd46
|
|
| BLAKE2b-256 |
b7be3ded34bc30af868e1a421532ca65ea9012ea7407ade34a0cf1ddf7e64009
|
