Skip to main content

Django app to login with CAS and populate user accounts with LDAP.

Project description

Build status Code Coverage Code Health Requirements Status

django-pucas is a reusable Django application to simplify logging into a Django application with CAS using django-cas-ng. Login and creation of user accounts is handled by django-cas-ng; pucas adds support for prepopulating user account data based on an LDAP search.

pucas should be pronounced like pookas for the Celtic spirit creature.

Installation

Use pip to install:

pip install pucas

You can also install from Github. Use @master or @0.5 to install a specific tagged release or branch (e.g., for the lastest code on develop):

pip install git+https://github.com/Princeton-CDH/django-pucas.git@develop#egg=pucas

Configuration

Add both django-cas-ng and pucas to installed apps; enable authentication middleware and django-cas-ng authentication backend:

INSTALLED_APPS = (
    ...
    'django_cas_ng',
    'pucas',
    ...
)

MIDDLEWARE_CLASSES = (
    'django.middleware.common.CommonMiddleware',
    'django.contrib.sessions.middleware.SessionMiddleware',
    'django.contrib.auth.middleware.AuthenticationMiddleware',
    ...
)

AUTHENTICATION_BACKENDS = (
    'django.contrib.auth.backends.ModelBackend',
    'django_cas_ng.backends.CASBackend',
)

Include the default django-cas-ng login and logout urls provided with pucas, or configure them as needed based on the documentation:

urlpatterns = [
    ...
    url(r'^accounts/', include('pucas.cas_urls')),
    ...
]

Add required configurations to settings.py:

  • CAS_SERVER_URL - Base URL of your CAS source

  • Configure LDAP settings as needed to populate user attributes:

    PUCAS_LDAP = {
        'SERVERS': ['ldap1', 'ldap2'],
        'SEARCH_BASE': 'ou=users,dc=example,dc=com',
        'SEARCH_FILTER': "(uid=%(user)s)",
        # attributes to request from the LDAP server
        'ATTRIBUTES': ['givenName', 'sn', 'mail'],
        # mapping of User attributes to LDAP attributes
        'ATTRIBUTE_MAP': {
            'first_name': 'givenName',
            'last_name': 'sn',
            'email': 'mail'
        },
        # Optional local method to do additional user initialization
        # not handled by attribute map.  Method should take a user
        # object and ldap search result.
        'EXTRA_USER_INIT': 'myproj.myapp.models.init_profile_from_ldap'
        'BASE_DN': 'uid=username,o=your org,c=country_code',
        'BASE_PASSWORD': 'secreupasswordforyourldap',
    }
  • Note: BASE_DN and BASE_PASSWORD are optional if you want

    to bind anonymously. Add them if they are required by your LDAP. This supports user/pass authentication.

Run migrations to create database tables required by django-cas-ng:

python manage.py migrate

To make CAS login available on the Django admin login form, extend the default admin login form and include or adapt the provided CAS login template snippet. An example admin login form is included at pucas/templates/pucas/sample-admin-login.html; copy this to admin/login.html within a valid template directory and modify as needed.

An example of a login template with local branding is provided at pucas/templates/pucas/sample-pu-login.html using re-usable template snippets that can be adapted or re-used as appropriate.

For Django 1.8, you will need to override admin/login.html as a whole, as extending the login template with itself causes a recursion error.

Usage

Users can login with CAS and have a Django user account automatically created and populated with LDAP data based on the settings.

Two manage commands are provided, for convenience.

  • Use python manage.py ldapsearch netid1 netid2 netid3 for testing your LDAP configuration and attributes.

  • Use python manage.py createcasuser netid to initialize a new CAS account and populate data from LDAP without requiring the user to login first, as an aid to managing accounts and permissions. The optional flag --admin will give the new account superuser permissions

Development instructions

This git repository uses git flow branching conventions.

Initial setup and installation:

  • recommended: create and activate a python 3.5 virtualenv:

    virtualenv pucas -p python3.5
    source pucas/bin/activate
  • pip install the package with its python dependencies:

    pip install -e .

Unit Testing

Unit tests are written with [py.test](http://doc.pytest.org/) but use some Django test classes for compatibility with django test suites. Running the tests requires a minimal settings file for Django required configurations.

  • Copy sample test settings and add a secret key:

    cp ci/testsettings.py.sample testsettings.py
  • To run the tests, either use the configured setup.py test command:

    python setup.py test
  • Or install test requirements and use py.test directly:

    pip install -e '.[test]'
    py.test

Project details


Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

pucas-0.5.1.tar.gz (17.1 kB view details)

Uploaded Source

Built Distribution

pucas-0.5.1-py2.py3-none-any.whl (17.2 kB view details)

Uploaded Python 2 Python 3

File details

Details for the file pucas-0.5.1.tar.gz.

File metadata

  • Download URL: pucas-0.5.1.tar.gz
  • Upload date:
  • Size: 17.1 kB
  • Tags: Source
  • Uploaded using Trusted Publishing? No

File hashes

Hashes for pucas-0.5.1.tar.gz
Algorithm Hash digest
SHA256 c792857bf3a3e318d04bd947911d70522d6198c2ed043c6d49ef468e671d4c3d
MD5 bc5775d57a677298c2f148f3dc841b28
BLAKE2b-256 382241ec4c20943cf2a6594afe90f2d75a9acf52f026370a09071d63e01feb78

See more details on using hashes here.

File details

Details for the file pucas-0.5.1-py2.py3-none-any.whl.

File metadata

File hashes

Hashes for pucas-0.5.1-py2.py3-none-any.whl
Algorithm Hash digest
SHA256 c5ccec24c0d8070b84be2dd4664363f70def14d9872a908626d672fc504f6a5e
MD5 9427cf87fd2fc0a2b6fe1803b49674ae
BLAKE2b-256 9c014234ca69b17e8425c05f6d386bdd7f199da13f1775f45f699c270943406a

See more details on using hashes here.

Supported by

AWS AWS Cloud computing and Security Sponsor Datadog Datadog Monitoring Fastly Fastly CDN Google Google Download Analytics Microsoft Microsoft PSF Sponsor Pingdom Pingdom Monitoring Sentry Sentry Error logging StatusPage StatusPage Status page