| Branch: | Tag: | Revision:

root / snf-astakos-app / README @ 7ee456f7

History | View | Annotate | Download (9 kB)

1 e0bfcf77 Antony Chazapis
2 e0bfcf77 Antony Chazapis
3 e0bfcf77 Antony Chazapis
4 e0bfcf77 Antony Chazapis
Astakos is an identity management service, built by GRNET using Django (
5 e0bfcf77 Antony Chazapis
Learn more about Astakos at:
6 e0bfcf77 Antony Chazapis
7 e0bfcf77 Antony Chazapis
Consult COPYRIGHT for licensing information.
8 e0bfcf77 Antony Chazapis
9 e0bfcf77 Antony Chazapis
About Astakos application
10 e0bfcf77 Antony Chazapis
11 e0bfcf77 Antony Chazapis
12 e0bfcf77 Antony Chazapis
This package contains the Django application that implements all identity management functions.
13 e0bfcf77 Antony Chazapis
14 e0bfcf77 Antony Chazapis
How to run
15 e0bfcf77 Antony Chazapis
16 e0bfcf77 Antony Chazapis
17 e0bfcf77 Antony Chazapis
Use snf-webproject to run Astakos automatically.
18 e0bfcf77 Antony Chazapis
19 e0bfcf77 Antony Chazapis
To use Astakos in a custom Django project, add ```` to ``INSTALLED_APPS``. Astakos requires South (
20 e0bfcf77 Antony Chazapis
21 e0bfcf77 Antony Chazapis
Also, add the following to your ````::
22 e0bfcf77 Antony Chazapis
23 e0bfcf77 Antony Chazapis
24 e0bfcf77 Antony Chazapis
25 e0bfcf77 Antony Chazapis
26 e0bfcf77 Antony Chazapis
27 e0bfcf77 Antony Chazapis
28 e0bfcf77 Antony Chazapis
29 e0bfcf77 Antony Chazapis
30 e0bfcf77 Antony Chazapis
31 e0bfcf77 Antony Chazapis
32 e0bfcf77 Antony Chazapis
33 e0bfcf77 Antony Chazapis
34 e0bfcf77 Antony Chazapis
35 e0bfcf77 Antony Chazapis
36 e0bfcf77 Antony Chazapis
    LOGIN_URL = '/im'
37 e0bfcf77 Antony Chazapis
38 e0bfcf77 Antony Chazapis
39 e0bfcf77 Antony Chazapis
40 e0bfcf77 Antony Chazapis
41 e0bfcf77 Antony Chazapis
Configure in ```` or a ``.conf`` file in ``/etc/synnefo`` if using snf-webproject.
42 e0bfcf77 Antony Chazapis
43 672d445a Sofia Papagiannaki
=================================   =============================================================================   ===========================================================================================
44 a9281516 Sofia Papagiannaki
Name                                Default value                                                                   Description
45 672d445a Sofia Papagiannaki
=================================   =============================================================================   ===========================================================================================
46 a9281516 Sofia Papagiannaki
ASTAKOS_AUTH_TOKEN_DURATION         one month                                                                       Expiration time of newly created auth tokens
47 a9281516 Sofia Papagiannaki
ASTAKOS_DEFAULT_USER_LEVEL          4                                                                               Default (not-invited) user level
48 a9281516 Sofia Papagiannaki
ASTAKOS_INVITATIONS_PER_LEVEL       {0:100, 1:2, 2:0, 3:0, 4:0}                                                     Number of user invitations per user level
49 a9281516 Sofia Papagiannaki
ASTAKOS_DEFAULT_FROM_EMAIL          GRNET Cloud <no-reply\>                                                ``from`` parameter passed in ``django.core.mail.send_mail``
50 a9281516 Sofia Papagiannaki
ASTAKOS_DEFAULT_CONTACT_EMAIL       support\                                                         Contact email
51 b38e85ae Sofia Papagiannaki
ASTAKOS_DEFAULT_ADMIN_EMAIL         support\                                                         Administrator email to receive user creation notifications (if None disables notifications)
52 8f5a3a06 Sofia Papagiannaki
ASTAKOS_IM_MODULES                  ['local', 'shibboleth']                                              Signup modules
53 a9281516 Sofia Papagiannaki
ASTAKOS_FORCE_PROFILE_UPDATE        True                                                                            Force user profile verification
54 a9281516 Sofia Papagiannaki
ASTAKOS_INVITATIONS_ENABLED         True                                                                            Enable invitations
55 a9281516 Sofia Papagiannaki
ASTAKOS_COOKIE_NAME                 _pithos2_a                                                                      ``Key`` parameter passed in ``django.http.HttpResponse.set_cookie``
56 a9281516 Sofia Papagiannaki
ASTAKOS_COOKIE_DOMAIN               None                                                                            ``Domain`` parameter passed in ``django.http.HttpResponse.set_cookie``
57 a9281516 Sofia Papagiannaki
ASTAKOS_COOKIE_SECURE               True                                                                            ``Secure`` parameter passed in ``django.http.HttpResponse.set_cookie``
58 a9281516 Sofia Papagiannaki
ASTAKOS_IM_STATIC_URL               /static/im/                                                                     URL to use when referring to static files
59 a9281516 Sofia Papagiannaki
ASTAKOS_MODERATION_ENABLED          True                                                                            If False and invitations are not enabled newly created user will be automatically accepted
60 a9281516 Sofia Papagiannaki
ASTAKOS_BASEURL                     \                                                     Astakos baseurl
61 a9281516 Sofia Papagiannaki
ASTAKOS_SITENAME                    GRNET Cloud                                                                     Service name that appears in emails
62 a9281516 Sofia Papagiannaki
ASTAKOS_CLOUD_SERVICES              ({'icon': 'home-icon.png', 'id': 'cloud', 'name': 'grnet cloud', 'url': '/'},   Cloud services appear in the horizontal bar
63 3a9f4931 Sofia Papagiannaki
                                    {'id': 'okeanos', 'name': 'cyclades', 'url': '/okeanos.html'},                  
64 a9281516 Sofia Papagiannaki
                                    {'id': 'pithos', 'name': 'pithos+', 'url': '/ui/'})                             
65 53bf2659 Sofia Papagiannaki
ASTAKOS_RECAPTCHA_ENABLED           True                                                                            Enable recaptcha
66 f2cee255 Sofia Papagiannaki
ASTAKOS_RECAPTCHA_PUBLIC_KEY                                                                                        Recaptcha public key obtained after registration here:
67 f2cee255 Sofia Papagiannaki
ASTAKOS_RECAPTCHA_PRIVATE_KEY                                                                                       Recaptcha private key obtained after registration here:
68 3a9f4931 Sofia Papagiannaki
ASTAKOS_RECAPTCHA_OPTIONS           {'theme': 'white'}                                                              Options for customizing reCAPTCHA look and feel
69 3a9f4931 Sofia Papagiannaki
70 3a9f4931 Sofia Papagiannaki
ASTAKOS_LOGOUT_NEXT                                                                                                 Where the user should be redirected after logout
71 3a9f4931 Sofia Papagiannaki
                                                                                                                    (if not set and no next parameter is defined it renders login page with message)
72 3a9f4931 Sofia Papagiannaki
ASTAKOS_BILLING_FIELDS              ['id', 'is_active', 'provider', 'third_party_identifier']                       AstakosUser fields to propagate in the billing system
73 809b6d11 Sofia Papagiannaki
ASTAKOS_QUEUE_CONNECTION                                                                                            The queue connection ex. 'rabbitmq://guest:guest@localhost:5672/astakos'
74 3a9f4931 Sofia Papagiannaki
                                                                                                                    (if it is not set, it does not send messages)
75 ebd369d0 Sofia Papagiannaki
ASTAKOS_RE_USER_EMAIL_PATTERNS      []                                                                              Email patterns that are automatically activated ex. ['^[a-zA-Z0-9\._-]+@grnet\.gr$']
76 76776df1 Kostas Papadimitriou
77 76776df1 Kostas Papadimitriou
ASTAKOS_LOGIN_MESSAGES              {}                                                                              Notification messages to display on login page header
78 76776df1 Kostas Papadimitriou
                                                                                                                    e.g. {'warning': 'Warning message (can contain html)'}
79 76776df1 Kostas Papadimitriou
ASTAKOS_PROFILE_EXTRA_LINKS         {}                                                                               messages to display as extra actions in account forms
80 76776df1 Kostas Papadimitriou
                                                                                                                    e.g. {'': 'Back to ~okeanos'}
81 672d445a Sofia Papagiannaki
ASTAKOS_RATELIMIT_RETRIES_ALLOWED   3                                                                               Number of unsuccessful login requests allowed for a specific account.
82 672d445a Sofia Papagiannaki
                                                                                                                    When this number exceeds and ASTAKOS_RECAPTCHA_ENABLED is set the user has to solve a
83 672d445a Sofia Papagiannaki
                                                                                                                    captcha challenge.
84 672d445a Sofia Papagiannaki
=================================   =============================================================================   ===========================================================================================
85 e0bfcf77 Antony Chazapis
86 e0bfcf77 Antony Chazapis
Administrator functions
87 e0bfcf77 Antony Chazapis
88 e0bfcf77 Antony Chazapis
89 e0bfcf77 Antony Chazapis
Available as extensions to Django's command-line management utility:
90 e0bfcf77 Antony Chazapis
91 d01e7b22 Antony Chazapis
===============  ===========================
92 d01e7b22 Antony Chazapis
Name             Description
93 d01e7b22 Antony Chazapis
===============  ===========================
94 18ffbee1 Sofia Papagiannaki
addgroup         Add new group
95 18ffbee1 Sofia Papagiannaki
addterms         Add new approval terms
96 d01e7b22 Antony Chazapis
createuser       Create a user
97 d01e7b22 Antony Chazapis
inviteuser       Invite a user
98 18ffbee1 Sofia Papagiannaki
listgroups       List groups
99 d01e7b22 Antony Chazapis
listinvitations  List invitations
100 d01e7b22 Antony Chazapis
listusers        List users
101 d01e7b22 Antony Chazapis
modifyuser       Modify a user's attributes
102 18ffbee1 Sofia Papagiannaki
sendactivation   Send activation email
103 d01e7b22 Antony Chazapis
showinvitation   Show invitation info
104 d01e7b22 Antony Chazapis
showuser         Show user info
105 d01e7b22 Antony Chazapis
===============  ===========================
106 18ffbee1 Sofia Papagiannaki
107 18ffbee1 Sofia Papagiannaki
To update user credibility from the billing system (Aquarium), enable the queue, install snf-pithos-tools and use ``pithos-dispatcher``::
108 18ffbee1 Sofia Papagiannaki
109 18ffbee1 Sofia Papagiannaki
    pithos-dispatcher --exchange=aquarium
110 18ffbee1 Sofia Papagiannaki
111 18ffbee1 Sofia Papagiannaki
Load groups:
112 18ffbee1 Sofia Papagiannaki
113 18ffbee1 Sofia Papagiannaki
114 18ffbee1 Sofia Papagiannaki
To set the initial user groups load the followind fixture:
115 18ffbee1 Sofia Papagiannaki
116 18ffbee1 Sofia Papagiannaki
    snf-manage loaddata groups