# Set the expiration time of newly created auth tokens # to be this many hours after their creation time. #ASTAKOS_AUTH_TOKEN_DURATION = 30 * 24 # Authenticate via Twitter. #ASTAKOS_TWITTER_KEY = '' #ASTAKOS_TWITTER_SECRET = '' #ASTAKOS_DEFAULT_USER_LEVEL = 4 #ASTAKOS_INVITATIONS_PER_LEVEL = { # 0 : 100, # 1 : 2, # 2 : 0, # 3 : 0, # 4 : 0 #} # Address to use for outgoing emails #ASTAKOS_DEFAULT_FROM_EMAIL = 'GRNET Cloud ' #ASTAKOS_DEFAULT_CONTACT_EMAIL = 'support@cloud.grnet.gr' #ASTAKOS_DEFAULT_ADMIN_EMAIL = 'admin@cloud.grnet.gr' # Identity Management enabled modules #ASTAKOS_IM_MODULES = ['local', 'twitter', 'shibboleth'] # Force user profile verification #ASTAKOS_FORCE_PROFILE_UPDATE = True #Enable invitations #ASTAKOS_INVITATIONS_ENABLED = True #ASTAKOS_COOKIE_NAME = '_pithos2_a' #ASTAKOS_COOKIE_DOMAIN = None #ASTAKOS_COOKIE_SECURE = True #ASTAKOS_IM_STATIC_URL = '/static/im/' # If set to False and invitations not enabled newly created user will be # automatically accepted #ASTAKOS_MODERATION_ENABLED = True # Set baseurl #ASTAKOS_BASEURL = 'http://pithos.dev.grnet.gr' # Set service name #ASTAKOS_SITENAME = 'GRNET Cloud' # Set recaptcha keys # http://www.google.com/recaptcha/whyrecaptcha #ASTAKOS_RECAPTCHA_PUBLIC_KEY = '' #ASTAKOS_RECAPTCHA_PRIVATE_KEY = '' #ASTAKOS_RECAPTCHA_OPTIONS = {'theme':'white'} #ASTAKOS_RECAPTCHA_USE_SSL = True #ASTAKOS_RECAPTCHA_ENABLED = True # set AstakosUser fields to propagate in the billing system #ASTAKOS_BILLING_FIELDS = ['is_active'] # Queue for billing. #'rabbitmq://guest:guest@localhost:5672/astakos' #QUEUE_CONNECTION = None # Set where the user should be redirected after logout #ASTAKOS_LOGOUT_NEXT = '' # Set user email patterns that are automatically activated #ASTAKOS_RE_USER_EMAIL_PATTERNS = [] # Messages to display on login page header # e.g. [('warning', 'This warning message will be displayed on the top of login page')] #ASTAKOS_LOGIN_MESSAGES = [] # Messages to display on signup page header # e.g. [('warning', 'This warning message will be displayed on the top of signup page')] #ASTAKOS_SIGNUP_MESSAGES = [] # Messages to display on profile page header # e.g. [('warning', 'This warning message will be displayed on the top of profile pages')] #ASTAKOS_PROFILE_MESSAGES = [] # Messages to display on global page header # e.g. [('warning', 'This warning message will be displayed on the top of all pages')] #ASTAKOS_GLOBAL_MESSAGES = [] # messages to display as extra actions in account forms # e.g. {'https://cms.okeanos.grnet.gr/': 'Back to ~okeanos'} #ASTAKOS_PROFILE_EXTRA_LINKS = [] # The number of unsuccessful login requests per minute allowed for a specific email #ASTAKOS_RATELIMIT_RETRIES_ALLOWED = 3 # If False the email change mechanism is disabled #ASTAKOS_EMAILCHANGE_ENABLED = False # Set the expiration time (in days) of email change requests #ASTAKOS_EMAILCHANGE_ACTIVATION_DAYS = 10 # Set the astakos main functions logging severity (None to disable) #from logging import INFO #ASTAKOS_LOGGING_LEVEL = INFO # Email subjects configuration. For admin/helper notification emails %(user)s # maps to registered/activated user email. #ASTAKOS_INVITATION_EMAIL_SUBJECT = 'Invitation to %s alpha2 testing' % SITENAME #ASTAKOS_GREETING_EMAIL_SUBJECT = 'Welcome to %s alpha2 testing' % SITENAME #ASTAKOS_FEEDBACK_EMAIL_SUBJECT = 'Feedback from %s alpha2 testing' % SITENAME #ASTAKOS_VERIFICATION_EMAIL_SUBJECT = '%s alpha2 testing account activation is needed' % SITENAME #ASTAKOS_ADMIN_NOTIFICATION_EMAIL_SUBJECT = '%s alpha2 testing account created (%%(user)s)' % SITENAME #ASTAKOS_HELPDESK_NOTIFICATION_EMAIL_SUBJECT = '%s alpha2 testing account activated (%%(user)s)' % SITENAME #ASTAKOS_EMAIL_CHANGE_EMAIL_SUBJECT = 'Email change on %s alpha2 testing' % SITENAME #ASTAKOS_PASSWORD_RESET_EMAIL_SUBJECT = 'Password reset on %s alpha2 testing' % SITENAME # Enforce token renewal on password change/reset # NEWPASSWD_INVALIDATE_TOKEN = getattr(settings, 'ASTAKOS_NEWPASSWD_INVALIDATE_TOKEN', True) # Permit local account migration # ENABLE_LOCAL_ACCOUNT_MIGRATION = getattr(settings, 'ASTAKOS_ENABLE_LOCAL_ACCOUNT_MIGRATION', True) # A dictionary describing the additional user fields appearing during the second step of third party account creation # THIRDPARTY_ACC_ADDITIONAL_FIELDS = getattr(settings, 'ASTAKOS_THIRDPARTY_ACC_ADDITIONAL_FIELDS', { # 'first_name':None, # 'last_name':None, # }) ## Enable LDAP / AD authentication #AUTHENTICATION_BACKENDS = ['astakos.im.auth_ldap.backend.LDAPBackend'] + list(AUTHENTICATION_BACKENDS) ## LDAP authentication backend (django-auth-ldap) configuration ## For more information / documentation, see: ## http://packages.python.org/django-auth-ldap/ #import ldap #from astakos.im.auth_ldap.config import LDAPSearch #AUTH_LDAP_SERVER_URI = "ldap(s)://host:port" ## If anon search is disallowed, specify bind dn and password #AUTH_LDAP_BIND_DN = "" #AUTH_LDAP_BIND_PASSWORD = "" ## LDAP search conf ## Example search for AD: #AUTH_LDAP_USER_SEARCH = LDAPSearch(subtree_dn, ldap.SCOPE_SUBTREE, "(userPrincipalName=%(user)s)") ## Example search for LDAP ## NOTE: Use email instead of uid, since astakos requires a valid and unique ## email address for every user. See astakos docs for more information #AUTH_LDAP_USER_SEARCH = LDAPSearch(subtree_dn, ldap.SCOPE_SUBTREE, "(uid=%(mail)s)") ## LDAP group configuration #from astakos.im.auth_ldap.config import GroupOfNamesType ## LDAP group search conf #AUTH_LDAP_GROUP_SEARCH = LDAPSearch(subtree_dn, ldap.SCOPE_SUBTREE, "(objectClass=groupOfNames)") #AUTH_LDAP_GROUP_TYPE = GroupOfNamesType() ## Allow only users belonging to a specific group to login #AUTH_LDAP_REQUIRE_GROUP = group_dn ## Specify the map between ldap attrs and astakos user attrs #AUTH_LDAP_USER_ATTR_MAP = {"first_name": "givenName", "last_name": "sn", "email": "mail"} ## Automatically set users belonging to a specific group as active #AUTH_LDAP_USER_FLAGS_BY_GROUP = { # "is_active": group_dn, # "is_admin": admin_group_dn #} ## Update user information from LDAP on every login. ## Set it to False for the time being to prevent confusing astakos on email changes. #AUTH_LDAP_ALWAYS_UPDATE_USER = False