Statistics
| Branch: | Tag: | Revision:

root / snf-astakos-app / README @ 672d445a

History | View | Annotate | Download (9 kB)

1
README
2
======
3

    
4
Astakos is an identity management service, built by GRNET using Django (https://www.djangoproject.com/).
5
Learn more about Astakos at: http://code.grnet.gr/projects/astakos
6

    
7
Consult COPYRIGHT for licensing information.
8

    
9
About Astakos application
10
-------------------------
11

    
12
This package contains the Django application that implements all identity management functions.
13

    
14
How to run
15
----------
16

    
17
Use snf-webproject to run Astakos automatically.
18

    
19
To use Astakos in a custom Django project, add ``astakos.im`` to ``INSTALLED_APPS``. Astakos requires South (http://south.aeracode.org/).
20

    
21
Also, add the following to your ``settings.py``::
22

    
23
    TEMPLATE_CONTEXT_PROCESSORS = (
24
        ...
25
        'astakos.im.context_processors.cloudbar',
26
        'astakos.im.context_processors.im_modules',
27
        'astakos.im.context_processors.next',
28
        'astakos.im.context_processors.code',
29
        'astakos.im.context_processors.invitations')
30
    
31
    AUTHENTICATION_BACKENDS = ('astakos.im.auth_backends.EmailBackend',
32
                               'astakos.im.auth_backends.TokenBackend')
33
    
34
    CUSTOM_USER_MODEL = 'astakos.im.AstakosUser'
35
    
36
    LOGIN_URL = '/im'
37

    
38
Settings
39
--------
40

    
41
Configure in ``settings.py`` or a ``.conf`` file in ``/etc/synnefo`` if using snf-webproject.
42

    
43
=================================   =============================================================================   ===========================================================================================
44
Name                                Default value                                                                   Description
45
=================================   =============================================================================   ===========================================================================================
46
ASTAKOS_AUTH_TOKEN_DURATION         one month                                                                       Expiration time of newly created auth tokens
47
ASTAKOS_DEFAULT_USER_LEVEL          4                                                                               Default (not-invited) user level
48
ASTAKOS_INVITATIONS_PER_LEVEL       {0:100, 1:2, 2:0, 3:0, 4:0}                                                     Number of user invitations per user level
49
ASTAKOS_DEFAULT_FROM_EMAIL          GRNET Cloud <no-reply\@grnet.gr>                                                ``from`` parameter passed in ``django.core.mail.send_mail``
50
ASTAKOS_DEFAULT_CONTACT_EMAIL       support\@cloud.grnet.gr                                                         Contact email
51
ASTAKOS_DEFAULT_ADMIN_EMAIL         support\@cloud.grnet.gr                                                         Administrator email to receive user creation notifications (if None disables notifications)
52
ASTAKOS_IM_MODULES                  ['local', 'shibboleth']                                              Signup modules
53
ASTAKOS_FORCE_PROFILE_UPDATE        True                                                                            Force user profile verification
54
ASTAKOS_INVITATIONS_ENABLED         True                                                                            Enable invitations
55
ASTAKOS_COOKIE_NAME                 _pithos2_a                                                                      ``Key`` parameter passed in ``django.http.HttpResponse.set_cookie``
56
ASTAKOS_COOKIE_DOMAIN               None                                                                            ``Domain`` parameter passed in ``django.http.HttpResponse.set_cookie``
57
ASTAKOS_COOKIE_SECURE               True                                                                            ``Secure`` parameter passed in ``django.http.HttpResponse.set_cookie``
58
ASTAKOS_IM_STATIC_URL               /static/im/                                                                     URL to use when referring to static files
59
ASTAKOS_MODERATION_ENABLED          True                                                                            If False and invitations are not enabled newly created user will be automatically accepted
60
ASTAKOS_BASEURL                     \http://pithos.dev.grnet.gr                                                     Astakos baseurl
61
ASTAKOS_SITENAME                    GRNET Cloud                                                                     Service name that appears in emails
62
ASTAKOS_CLOUD_SERVICES              ({'icon': 'home-icon.png', 'id': 'cloud', 'name': 'grnet cloud', 'url': '/'},   Cloud services appear in the horizontal bar
63
                                    {'id': 'okeanos', 'name': 'cyclades', 'url': '/okeanos.html'},                  
64
                                    {'id': 'pithos', 'name': 'pithos+', 'url': '/ui/'})                             
65
ASTAKOS_RECAPTCHA_ENABLED           True                                                                            Enable recaptcha
66
ASTAKOS_RECAPTCHA_PUBLIC_KEY                                                                                        Recaptcha public key obtained after registration here: http://recaptcha.net
67
ASTAKOS_RECAPTCHA_PRIVATE_KEY                                                                                       Recaptcha private key obtained after registration here: http://recaptcha.net
68
ASTAKOS_RECAPTCHA_OPTIONS           {'theme': 'white'}                                                              Options for customizing reCAPTCHA look and feel
69
                                                                                                                    (see: http://code.google.com/intl/el-GR/apis/recaptcha/docs/customization.html)
70
ASTAKOS_LOGOUT_NEXT                                                                                                 Where the user should be redirected after logout
71
                                                                                                                    (if not set and no next parameter is defined it renders login page with message)
72
ASTAKOS_BILLING_FIELDS              ['id', 'is_active', 'provider', 'third_party_identifier']                       AstakosUser fields to propagate in the billing system
73
ASTAKOS_QUEUE_CONNECTION                                                                                            The queue connection ex. 'rabbitmq://guest:guest@localhost:5672/astakos'
74
                                                                                                                    (if it is not set, it does not send messages)
75
ASTAKOS_RE_USER_EMAIL_PATTERNS      []                                                                              Email patterns that are automatically activated ex. ['^[a-zA-Z0-9\._-]+@grnet\.gr$']
76

    
77
ASTAKOS_LOGIN_MESSAGES              {}                                                                              Notification messages to display on login page header
78
                                                                                                                    e.g. {'warning': 'Warning message (can contain html)'}
79
ASTAKOS_PROFILE_EXTRA_LINKS         {}                                                                               messages to display as extra actions in account forms
80
                                                                                                                    e.g. {'https://cms.okeanos.grnet.gr/': 'Back to ~okeanos'}
81
ASTAKOS_RATELIMIT_RETRIES_ALLOWED   3                                                                               Number of unsuccessful login requests allowed for a specific account.
82
                                                                                                                    When this number exceeds and ASTAKOS_RECAPTCHA_ENABLED is set the user has to solve a
83
                                                                                                                    captcha challenge.
84
=================================   =============================================================================   ===========================================================================================
85

    
86
Administrator functions
87
-----------------------
88

    
89
Available as extensions to Django's command-line management utility:
90

    
91
===============  ===========================
92
Name             Description
93
===============  ===========================
94
addgroup         Add new group
95
addterms         Add new approval terms
96
createuser       Create a user
97
inviteuser       Invite a user
98
listgroups       List groups
99
listinvitations  List invitations
100
listusers        List users
101
modifyuser       Modify a user's attributes
102
sendactivation   Send activation email
103
showinvitation   Show invitation info
104
showuser         Show user info
105
===============  ===========================
106

    
107
To update user credibility from the billing system (Aquarium), enable the queue, install snf-pithos-tools and use ``pithos-dispatcher``::
108

    
109
    pithos-dispatcher --exchange=aquarium --callback=astakos.im.queue.listener.on_creditevent
110

    
111
Load groups:
112
------------
113

    
114
To set the initial user groups load the followind fixture:
115

    
116
    snf-manage loaddata groups