feat(auth): Use allauth and setup dev login

This commit is contained in:
Tom Hubrecht 2024-05-28 08:36:14 +02:00
parent 411a3664ec
commit f69c69e73e
15 changed files with 208 additions and 36 deletions

View file

@ -0,0 +1 @@
MpWq4pgWKhVZDFve1Acy4DvjBrCSBe1Q4y2VUfYUSFXBfP9G

View file

@ -60,6 +60,7 @@ in
CREDENTIALS_DIRECTORY = builtins.toString ./.credentials; CREDENTIALS_DIRECTORY = builtins.toString ./.credentials;
DGSI_DEBUG = "true"; DGSI_DEBUG = "true";
DGSI_STATIC_ROOT = builtins.toString ./.static; DGSI_STATIC_ROOT = builtins.toString ./.static;
DGSI_KANIDM_CLIENT = "dgsi_test";
}; };
shellHook = '' shellHook = ''

View file

@ -33,6 +33,12 @@ INSTALLED_APPS = [
"shared.staticfiles.StaticFilesApp", # Overrides the default staticfiles app to filter out the sccs sources "shared.staticfiles.StaticFilesApp", # Overrides the default staticfiles app to filter out the sccs sources
"sass_processor", "sass_processor",
"bulma", "bulma",
# Authentication
"allauth",
"allauth.account",
"allauth.socialaccount",
"allauth.socialaccount.providers.openid_connect",
# Main app
"dgsi", "dgsi",
] ]
@ -47,6 +53,7 @@ MIDDLEWARE = [
"django.contrib.auth.middleware.AuthenticationMiddleware", "django.contrib.auth.middleware.AuthenticationMiddleware",
"django.contrib.messages.middleware.MessageMiddleware", "django.contrib.messages.middleware.MessageMiddleware",
"django.middleware.clickjacking.XFrameOptionsMiddleware", "django.middleware.clickjacking.XFrameOptionsMiddleware",
"allauth.account.middleware.AccountMiddleware",
] ]
### ###
@ -96,8 +103,31 @@ DATABASES = {
### ###
# Authentication configuration
# Disable password validation, no authentication should use local passwords # Disable password validation, no authentication should use local passwords
AUTHENTICATION_BACKENDS = [
"allauth.account.auth_backends.AuthenticationBackend",
]
SOCIALACCOUNT_ONLY = True
SOCIALACCOUNT_PROVIDERS = {
"openid_connect": {
"OAUTH_PKCE_ENABLED": True,
"APPS": [
{
"provider_id": "kanidm",
"name": "DGNum",
"client_id": credentials["KANIDM_CLIENT"],
"secret": credentials["KANIDM_SECRET"],
"settings": {
"server_url": f"https://sso.dgnum.eu/oauth2/openid/{credentials['KANIDM_CLIENT']}",
},
}
],
},
}
AUTH_PASSWORD_VALIDATORS = [] AUTH_PASSWORD_VALIDATORS = []

View file

@ -22,7 +22,9 @@ from django.views.generic import TemplateView
urlpatterns = [ urlpatterns = [
path("", TemplateView.as_view(template_name="home.html"), name="index"), path("", TemplateView.as_view(template_name="home.html"), name="index"),
path("login", TemplateView.as_view(template_name="login.html"), name="login"),
path("", include("dgsi.urls")), path("", include("dgsi.urls")),
path("accounts/", include("allauth.urls")),
] ]
if settings.DEBUG: if settings.DEBUG:

View file

View file

@ -0,0 +1,6 @@
{% load django_browser_reload %}
<footer class="footer has-text-centered">
<b>Logiciel développé pour et par la <a href="https://dgnum.eu">DGNum</a>.</b>
{% django_browser_reload_script %}
</footer>

View file

@ -0,0 +1,26 @@
{% load i18n %}
<section class="hero is-dark is-primary">
<div class="hero-body">
<div class="container">
<div class="grid">
<div class="cell">
<h1 class="title">
<a href="{% url 'index' %}" class="has-text-dark">Dossier Général des Services Informagiques</a>
</h1>
<h2 class="subtitle">Système d'information de la DGNum</h2>
</div>
<div class="cell">
<a href="{% url 'login' %}" class="button is-light is-pulled-right">
<span>
<span>{% trans "Connexion" %}</span>
<span class="icon">
<i class="ti ti-login"></i>
</span>
</span>
</a>
</div>
</div>
</div>
</div>
</section>

View file

@ -0,0 +1,12 @@
{% load sass_tags static %}
<!-- Icons -->
<link href="{% static 'favicon.ico' %}" rel="icon" />
<link href="{% static 'apple-touch-icon.png' %}" rel="apple-touch-icon" />
<link rel="icon" type="image/png" href="{% static 'favicon-16x16.png' %}" sizes="16x16" />
<link rel="icon" type="image/png" href="{% static 'favicon-32x32.png' %}" sizes="32x32" />
<link rel="icon" type="image/png" href="{% static 'android-chrome-192x192.png' %}" sizes="192x192" />
<!-- CSS -->
<link href="{% sass_src 'bulma/bulma.scss' %}" rel="stylesheet" type="text/css" />
<link href="{% static 'tabler-icons/tabler-icons.min.css' %}" rel="stylesheet" type="text/css" />

View file

@ -0,0 +1,13 @@
{% load allauth %}
{% comment %} djlint:off {% endcomment %}
<{% if attrs.href %}a href="{{ attrs.href }}"{% else %}button{% endif %}
{% if attrs.form %}form="{{ attrs.form }}"{% endif %}
{% if attrs.id %}id="{{ attrs.id }}"{% endif %}
{% if attrs.name %}name="{{ attrs.name }}"{% endif %}
{% if attrs.value %}value="{{ attrs.value }}"{% endif %}
{% if attrs.type %}type="{{ attrs.type }}"{% endif %}
class="button is-fullwidth"
>
{% slot %}
{% endslot %}
</{% if attrs.href %}a{% else %}button{% endif %}>

View file

@ -0,0 +1 @@
{% include "bulma/form.html" with form=attrs.form %}

View file

@ -0,0 +1 @@
<a class="cell button is-primary is-light" title="{{ attrs.name }}" href="{{ attrs.href }}">{{ attrs.name }}</a>

View file

@ -0,0 +1,6 @@
{% load allauth %}
<div class="grid mt-5">
{% slot default %}
{% endslot %}
</div>

View file

@ -0,0 +1,77 @@
{% load django_browser_reload i18n sass_tags static %}
<!DOCTYPE html>
<html lang="fr">
<head>
<meta charset="UTF-8" />
<meta name="viewport" content="width=device-width, initial-scale=1.0" />
<meta name="keywords" content="dgnum,dgsi,ens" />
<meta name="description" content="Système d'information de la DGNum" />
<title>DGNum</title>
{% include "_links.html" %}
</head>
<body>
{% include "_hero.html" %}
<section class="section container">
<nav class="level">
{% if user.is_authenticated %}
{% url 'account_email' as email_url %}
{% if email_url %}
<li class="level-item button is-light">
<a href="{{ email_url }}">{% trans "Change Email" %}</a>
</li>
{% endif %}
{% url 'account_change_password' as change_password_url %}
{% if change_password_url %}
<li class="level-item button is-light">
<a href="{{ change_password_url }}">{% trans "Change Password" %}</a>
</li>
{% endif %}
{% url 'mfa_index' as mfa_url %}
{% if mfa_url %}
<li class="level-item button is-light">
<a href="{{ mfa_url }}">{% trans "Two-Factor Authentication" %}</a>
</li>
{% endif %}
{% url 'usersessions_list' as usersessions_list_url %}
{% if usersessions_list_url %}
<li class="level-item button is-light">
<a href="{{ usersessions_list_url }}">{% trans "Sessions" %}</a>
</li>
{% endif %}
{% url 'account_logout' as logout_url %}
{% if logout_url %}
<li class="level-item button is-light">
<a href="{{ logout_url }}">{% trans "Sign Out" %}</a>
</li>
{% endif %}
{% else %}
{% url 'account_login' as login_url %}
{% if login_url %}
<li class="level-item button is-light has-text-weight-bold">
<a href="{{ login_url }}">{% trans "Sign In" %}</a>
</li>
{% endif %}
{% url 'account_signup' as signup_url %}
{% if signup_url %}
<li class="level-item button is-light has-text-weight-bold">
<a href="{{ signup_url }}">{% trans "Sign Up" %}</a>
</li>
{% endif %}
{% endif %}
</nav>
<hr>
<div class="content">
{% block content %}
{% endblock content %}
</div>
</section>
{% include "_footer.html" %}
</body>
</html>

View file

@ -1,5 +1,3 @@
{% load django_browser_reload sass_tags static %}
<!DOCTYPE html> <!DOCTYPE html>
<html lang="fr"> <html lang="fr">
<head> <head>
@ -9,48 +7,17 @@
<meta name="description" content="Système d'information de la DGNum" /> <meta name="description" content="Système d'information de la DGNum" />
<title>DGNum</title> <title>DGNum</title>
<!-- Icons --> {% include "_links.html" %}
<link href="{% static 'favicon.ico' %}" rel="icon" />
<link href="{% static 'apple-touch-icon.png' %}" rel="apple-touch-icon" />
<link rel="icon"
type="image/png"
href="{% static 'favicon-16x16.png' %}"
sizes="16x16" />
<link rel="icon"
type="image/png"
href="{% static 'favicon-32x32.png' %}"
sizes="32x32" />
<link rel="icon"
type="image/png"
href="{% static 'android-chrome-192x192.png' %}"
sizes="192x192" />
<!-- CSS -->
<link href="{% sass_src 'bulma/bulma.scss' %}"
rel="stylesheet"
type="text/css" />
</head> </head>
<body> <body>
<section class="hero is-dark is-primary"> {% include "_hero.html" %}
<div class="hero-body">
<div class="container">
<h1 class="title">
<a href="{% url 'index' %}" class="has-text-dark">Dossier Général des Services Informagiques</a>
</h1>
<h2 class="subtitle">Système d'information de la DGNum</h2>
</div>
</div>
</section>
<section class="section"> <section class="section">
{% block content %} {% block content %}
{% endblock content %} {% endblock content %}
</section> </section>
<footer class="footer has-text-centered"> {% include "_footer.html" %}
<b>Logiciel développé pour et par la <a href="https://dgnum.eu">DGNum</a>.</b>
{% django_browser_reload_script %}
</footer>
</body> </body>
</html> </html>

View file

@ -0,0 +1,29 @@
{% extends "base.html" %}
{% load i18n socialaccount %}
{% block content %}
<div class="fixed-grid">
<div class="grid">
<a href="{% provider_login_url 'kanidm' %}"
class="cell has-background-primary-dark p-6 has-radius-normal has-text-centered has-text-white">
<span class="icon-text">
<span class="icon">
<i class="ti ti-login"></i>
</span>
<span><b>{% trans "Connexion via la DGNum" %}</b></span>
</span>
</a>
<a href="{% provider_login_url 'kanidm' %}"
class="cell has-background-primary p-6 has-radius-normal has-text-centered has-text-white">
<span class="icon-text">
<span class="icon">
<i class="ti ti-login"></i>
</span>
<span><b>{% trans "Connexion via l'ENS" %}</b></span>
</span>
</a>
</div>
</div>
{% endblock content %}