4 Astakos is an identity management service, built by GRNET using Django (https://www.djangoproject.com/).
5 Learn more about Astakos at: http://code.grnet.gr/projects/astakos
7 Consult COPYRIGHT for licensing information.
9 About Astakos application
10 -------------------------
12 This package contains the Django application that implements all identity management functions.
17 Use snf-webproject to run Astakos automatically.
19 To use Astakos in a custom Django project, add ``astakos.im`` to ``INSTALLED_APPS``. Astakos requires South (http://south.aeracode.org/).
21 Also, add the following to your ``settings.py``::
23 TEMPLATE_CONTEXT_PROCESSORS = (
25 'astakos.im.context_processors.cloudbar',
26 'astakos.im.context_processors.im_modules',
27 'astakos.im.context_processors.next',
28 'astakos.im.context_processors.code',
29 'astakos.im.context_processors.invitations')
31 AUTHENTICATION_BACKENDS = ('astakos.im.auth_backends.EmailBackend',
32 'astakos.im.auth_backends.TokenBackend')
34 CUSTOM_USER_MODEL = 'astakos.im.AstakosUser'
41 Configure in ``settings.py`` or a ``.conf`` file in ``/etc/synnefo`` if using snf-webproject.
43 =========================================== ============================================================================= ===========================================================================================
44 Name Default value Description
45 =========================================== ============================================================================= ===========================================================================================
46 ASTAKOS_AUTH_TOKEN_DURATION one month Expiration time of newly created auth tokens
47 ASTAKOS_DEFAULT_USER_LEVEL 4 Default (not-invited) user level
48 ASTAKOS_INVITATIONS_PER_LEVEL {0:100, 1:2, 2:0, 3:0, 4:0} Number of user invitations per user level
49 ASTAKOS_DEFAULT_FROM_EMAIL GRNET Cloud <no-reply\@grnet.gr> ``from`` parameter passed in ``django.core.mail.send_mail``
50 ASTAKOS_DEFAULT_CONTACT_EMAIL support\@cloud.grnet.gr Contact email
51 ASTAKOS_DEFAULT_ADMIN_EMAIL support\@cloud.grnet.gr Administrator email to receive user creation notifications (if None disables notifications)
52 ASTAKOS_IM_MODULES ['local', 'shibboleth'] Signup modules
53 ASTAKOS_FORCE_PROFILE_UPDATE True Force user profile verification
54 ASTAKOS_INVITATIONS_ENABLED True Enable invitations
55 ASTAKOS_COOKIE_NAME _pithos2_a ``Key`` parameter passed in ``django.http.HttpResponse.set_cookie``
56 ASTAKOS_COOKIE_DOMAIN None ``Domain`` parameter passed in ``django.http.HttpResponse.set_cookie``
57 ASTAKOS_COOKIE_SECURE True ``Secure`` parameter passed in ``django.http.HttpResponse.set_cookie``
58 ASTAKOS_IM_STATIC_URL /static/im/ URL to use when referring to static files
59 ASTAKOS_MODERATION_ENABLED True If False and invitations are not enabled newly created user will be automatically accepted
60 ASTAKOS_BASEURL \http://pithos.dev.grnet.gr Astakos baseurl
61 ASTAKOS_SITENAME GRNET Cloud Service name that appears in emails
62 ASTAKOS_RECAPTCHA_ENABLED True Enable recaptcha
63 ASTAKOS_RECAPTCHA_PUBLIC_KEY Recaptcha public key obtained after registration here: http://recaptcha.net
64 ASTAKOS_RECAPTCHA_PRIVATE_KEY Recaptcha private key obtained after registration here: http://recaptcha.net
65 ASTAKOS_RECAPTCHA_OPTIONS {'theme': 'white'} Options for customizing reCAPTCHA look and feel
66 (see: http://code.google.com/intl/el-GR/apis/recaptcha/docs/customization.html)
67 ASTAKOS_LOGOUT_NEXT Where the user should be redirected after logout
68 (if not set and no next parameter is defined it renders login page with message)
69 ASTAKOS_BILLING_FIELDS ['id', 'is_active', 'provider', 'third_party_identifier'] AstakosUser fields to propagate in the billing system
70 ASTAKOS_QUEUE_CONNECTION The queue connection ex. 'rabbitmq://guest:guest@localhost:5672/astakos'
71 (if it is not set, it does not send messages)
72 ASTAKOS_RE_USER_EMAIL_PATTERNS [] Email patterns that are automatically activated ex. ['^[a-zA-Z0-9\._-]+@grnet\.gr$']
74 ASTAKOS_LOGIN_MESSAGES {} Notification messages to display on login page header
75 e.g. {'warning': 'Warning message (can contain html)'}
76 ASTAKOS_PROFILE_EXTRA_LINKS {} Messages to display as extra actions in account forms
77 e.g. {'https://cms.okeanos.grnet.gr/': 'Back to ~okeanos'}
78 ASTAKOS_RATELIMIT_RETRIES_ALLOWED 3 Number of unsuccessful login requests per minute allowed for a specific account.
79 When this number exceeds and ASTAKOS_RECAPTCHA_ENABLED is set the user has to solve a
81 ASTAKOS_EMAILCHANGE_ENABLED False Enable email change mechanism
82 ASTAKOS_EMAILCHANGE_ACTIVATION_DAYS 10 Number of days that email change requests remain active
83 ASTAKOS_LOGGING_LEVEL INFO Message logging severity
84 ASTAKOS_INVITATION_EMAIL_SUBJECT 'Invitation to %s alpha2 testing' % SITENAME Invitation email subject
85 ASTAKOS_GREETING_EMAIL_SUBJECT 'Welcome to %s alpha2 testing' % SITENAME Welcome email subject
86 ASTAKOS_FEEDBACK_EMAIL_SUBJECT 'Feedback from %s alpha2 testing' % SITENAME Feedback email subject
87 ASTAKOS_VERIFICATION_EMAIL_SUBJECT '%s alpha2 testing account activation is needed' % SITENAME Account activation email subject
88 ASTAKOS_ADMIN_NOTIFICATION_EMAIL_SUBJECT '%s alpha2 testing account created (%%(user)s)' % SITENAME Account creation admin notification email subject
89 ASTAKOS_HELPDESK_NOTIFICATION_EMAIL_SUBJECT '%s alpha2 testing account activated (%%(user)s)' % SITENAME Account activation helpdesk notification email subject
90 ASTAKOS_EMAIL_CHANGE_EMAIL_SUBJECT 'Email change on %s alpha2 testing' % SITENAME Email change subject
91 ASTAKOS_PASSWORD_RESET_EMAIL_SUBJECT 'Password reset on %s alpha2 testing' % SITENAME Password change email subject
92 ASTAKOS_NEWPASSWD_INVALIDATE_TOKEN True Enforce token renewal on password change/reset. If set to False, user can optionally decide
93 whether to renew the token or not.
94 =========================================== ============================================================================= ===========================================================================================
96 Administrator functions
97 -----------------------
99 Available as extensions to Django's command-line management utility:
101 =============== ===========================
103 =============== ===========================
104 addgroup Add new group
105 addterms Add new approval terms
106 createuser Create a user
107 inviteuser Invite a user
108 listgroups List groups
109 listinvitations List invitations
111 modifyuser Modify a user's attributes
112 sendactivation Send activation email
113 showinvitation Show invitation info
114 showuser Show user info
115 =============== ===========================
117 To update user credibility from the billing system (Aquarium), enable the queue, install snf-pithos-tools and use ``pithos-dispatcher``::
119 pithos-dispatcher --exchange=aquarium --callback=astakos.im.queue.listener.on_creditevent
124 To set the initial user groups load the followind fixture:
126 snf-manage loaddata groups