Skip to content
This repository has been archived by the owner on Aug 29, 2023. It is now read-only.

raprasad/Django-HU-Pin-Auth

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

41 Commits
 
 
 
 
 
 
 
 
 
 

Repository files navigation

Django Authentication Backend for Harvard Pin

By plugging the authentication backend into your django settings, the code will:

  1. authenticate a user via Harvard Pin -- uses Pin 2 authentication for constructing the PGP-signed message
  2. upon authentication, look up the person's info via HU LDAP
  3. create a Django User object based on the HU LDAP information (username, last name, first name, email)

Requirements / Packages

How to use

  • Install requirements/packages above.

  • Include "hu_ldap_basic" and "hu_pin_auth" modules on your PYTHON_PATH

    • hackish: sys.path.append('Django-HU-Pin_Auth/')
  • In settings.py add 'hu_pin_auth.auth_hu_pin_backend_ldap.HarvardPinWithLdapAuthBackend' to the AUTHENTICATION_BACKENDS

    • example with standard backend + HU PIN backend:
      • AUTHENTICATION_BACKENDS = ( 'django.contrib.auth.backends.ModelBackend', 'hu_pin_auth.auth_hu_pin_backend_ldap.HarvardPinWithLdapAuthBackend', )
  • In settings.py, add GNUPG_HOME variable. Used by python-gnupg as described here

For the settings.py file

  • Add "HU_PIN_LOGIN_APP_NAMES" tuple with your app name. This is the name given when you Register a Pin 2 Application

    • example: HU_PIN_LOGIN_APP_NAMES = ('FAS_MCB_AUTH_DEV',)
  • Define these variables for LDAP authentication

    • LDAP_CUSTOMER_NAME
      • e.g. LDAP_CUSTOMER_NAME = 'fas_dept'
    • LDAP_CUSTOMER_PASSWORD
      • e.g. LDAP_CUSTOMER_PASSWORD = 'MR-potato-head-123'
    • LDAP_SERVER
      • e.g. LDAP_SERVER = 'ldaps://hu-ldap-test.harvard.edu'

Pin callback url (urls.py + view + errors in template)

  • Include a "view_handle_pin_callback" url to match the url you specified in your Pin 2 Registration

  • An example callback url and view may be seen in:

    • hu_pin_auth/urls.py: view_handle_pin_callback

      • ex/ url(r'^hu_auth/callback/$', 'view_handle_pin_callback', name='view_handle_pin_callback' ),
    • hu_pin_auth/views.py: def view_handle_pin_callback(request):

  • For potential errors:

    • hu_pin_auth/templates/view_pin_login_failed.html
  • Log out

    • hu_pin_auth/templates/registration/logout.html (includes link to the HU Pin logout page)

Log in

  • Add a link to use PIN for admin (or other login.)

    • Example of link that was added to the django admin/login.html template. overriding-admin-templates
    • Include your app name where it reads 'FAS_MY_DEPT_AUTH_DEV': <a href="https://www.pin1.harvard.edu/pin/authenticate?__authen_application=FAS_MY_DEPT_AUTH_DEV&next={% url admin:index %}"><u>USE PIN LOGIN</u></a>
    • Example may be found in file: hu_pin_auth/templates/admin/login.html
  • In the example above, a successful log in redirects back to the admin index page, to redirect to another page:

    • (a) Define 'next' in the url query string.
    • (b) Rewrite your view to go to the appropriate page (see example in hu_pin_auth/views.py)

About

Django Authentication Backend for Harvard Pin

Resources

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published

Languages