root / snf-astakos-app / README @ 670de92a
History | View | Annotate | Download (9.6 kB)
| 1 |
README |
|---|---|
| 2 |
====== |
| 3 |
|
| 4 |
Astakos is an identity management service, built by GRNET using Django (https://www.djangoproject.com/). |
| 5 |
Learn more about Astakos at: http://code.grnet.gr/projects/astakos |
| 6 |
|
| 7 |
Consult COPYRIGHT for licensing information. |
| 8 |
|
| 9 |
About Astakos application |
| 10 |
------------------------- |
| 11 |
|
| 12 |
This package contains the Django application that implements all identity management functions. |
| 13 |
|
| 14 |
How to run |
| 15 |
---------- |
| 16 |
|
| 17 |
Use snf-webproject to run Astakos automatically. |
| 18 |
|
| 19 |
To use Astakos in a custom Django project, add ``astakos.im`` to ``INSTALLED_APPS``. Astakos requires South (http://south.aeracode.org/). |
| 20 |
|
| 21 |
Also, add the following to your ``settings.py``:: |
| 22 |
|
| 23 |
TEMPLATE_CONTEXT_PROCESSORS = ( |
| 24 |
... |
| 25 |
'astakos.im.context_processors.cloudbar', |
| 26 |
'astakos.im.context_processors.im_modules', |
| 27 |
'astakos.im.context_processors.next', |
| 28 |
'astakos.im.context_processors.code', |
| 29 |
'astakos.im.context_processors.invitations') |
| 30 |
|
| 31 |
AUTHENTICATION_BACKENDS = ('astakos.im.auth_backends.EmailBackend',
|
| 32 |
'astakos.im.auth_backends.TokenBackend') |
| 33 |
|
| 34 |
CUSTOM_USER_MODEL = 'astakos.im.AstakosUser' |
| 35 |
|
| 36 |
LOGIN_URL = '/im' |
| 37 |
|
| 38 |
Settings |
| 39 |
-------- |
| 40 |
|
| 41 |
Configure in ``settings.py`` or a ``.conf`` file in ``/etc/synnefo`` if using snf-webproject. |
| 42 |
|
| 43 |
=================================== ============================================================================= =========================================================================================== |
| 44 |
Name Default value Description |
| 45 |
=================================== ============================================================================= =========================================================================================== |
| 46 |
ASTAKOS_AUTH_TOKEN_DURATION one month Expiration time of newly created auth tokens |
| 47 |
ASTAKOS_DEFAULT_USER_LEVEL 4 Default (not-invited) user level |
| 48 |
ASTAKOS_INVITATIONS_PER_LEVEL {0:100, 1:2, 2:0, 3:0, 4:0} Number of user invitations per user level
|
| 49 |
ASTAKOS_DEFAULT_CONTACT_EMAIL support\@cloud.grnet.gr Contact email |
| 50 |
ASTAKOS_IM_MODULES ['local', 'shibboleth'] Signup modules |
| 51 |
ASTAKOS_FORCE_PROFILE_UPDATE True Force user profile verification |
| 52 |
ASTAKOS_INVITATIONS_ENABLED True Enable invitations |
| 53 |
ASTAKOS_COOKIE_NAME _pithos2_a ``Key`` parameter passed in ``django.http.HttpResponse.set_cookie`` |
| 54 |
ASTAKOS_COOKIE_DOMAIN None ``Domain`` parameter passed in ``django.http.HttpResponse.set_cookie`` |
| 55 |
ASTAKOS_COOKIE_SECURE True ``Secure`` parameter passed in ``django.http.HttpResponse.set_cookie`` |
| 56 |
ASTAKOS_IM_STATIC_URL /static/im/ URL to use when referring to static files |
| 57 |
ASTAKOS_MODERATION_ENABLED True If False and invitations are not enabled newly created user will be automatically accepted |
| 58 |
ASTAKOS_BASEURL \http://pithos.dev.grnet.gr Astakos baseurl |
| 59 |
ASTAKOS_SITENAME GRNET Cloud Service name that appears in emails |
| 60 |
ASTAKOS_RECAPTCHA_ENABLED True Enable recaptcha |
| 61 |
ASTAKOS_RECAPTCHA_PUBLIC_KEY Recaptcha public key obtained after registration here: http://recaptcha.net |
| 62 |
ASTAKOS_RECAPTCHA_PRIVATE_KEY Recaptcha private key obtained after registration here: http://recaptcha.net |
| 63 |
ASTAKOS_RECAPTCHA_OPTIONS {'theme': 'white'} Options for customizing reCAPTCHA look and feel
|
| 64 |
(see: http://code.google.com/intl/el-GR/apis/recaptcha/docs/customization.html) |
| 65 |
ASTAKOS_LOGOUT_NEXT Where the user should be redirected after logout |
| 66 |
(if not set and no next parameter is defined it renders login page with message) |
| 67 |
ASTAKOS_BILLING_FIELDS ['id', 'is_active', 'provider', 'third_party_identifier'] AstakosUser fields to propagate in the billing system |
| 68 |
ASTAKOS_QUEUE_CONNECTION The queue connection ex. 'rabbitmq://guest:guest@localhost:5672/astakos' |
| 69 |
(if it is not set, it does not send messages) |
| 70 |
ASTAKOS_RE_USER_EMAIL_PATTERNS [] Email patterns that are automatically activated ex. ['^[a-zA-Z0-9\._-]+@grnet\.gr$'] |
| 71 |
|
| 72 |
ASTAKOS_LOGIN_MESSAGES {} Notification messages to display on login page header
|
| 73 |
e.g. {'warning': 'Warning message (can contain html)'}
|
| 74 |
ASTAKOS_PROFILE_EXTRA_LINKS {} Messages to display as extra actions in account forms
|
| 75 |
e.g. {'https://cms.okeanos.grnet.gr/': 'Back to ~okeanos'}
|
| 76 |
ASTAKOS_RATELIMIT_RETRIES_ALLOWED 3 Number of unsuccessful login requests per minute allowed for a specific account. |
| 77 |
When this number exceeds and ASTAKOS_RECAPTCHA_ENABLED is set the user has to solve a |
| 78 |
captcha challenge. |
| 79 |
ASTAKOS_EMAILCHANGE_ENABLED False Enable email change mechanism |
| 80 |
ASTAKOS_EMAILCHANGE_ACTIVATION_DAYS 10 Number of days that email change requests remain active |
| 81 |
ASTAKOS_LOGGING_LEVEL INFO Message logging severity |
| 82 |
ASTAKOS_QUOTA_HOLDER_URL '' The quota holder URI |
| 83 |
e.g. ``http://localhost:8080/api/quotaholder/v`` |
| 84 |
ASTAKOS_SERVICES {'cyclades': {'url':'https://node1.example.com/ui/', 'quota': {'vm': 2}}, Cloud service default url and quota
|
| 85 |
'pithos+': {'url':'https://node2.example.com/ui/', 'quota': {
|
| 86 |
'diskspace': 50 * 1024 * 1024 * 1024}}}) |
| 87 |
AQUARIUM_URL '' The billing (aquarium) URI |
| 88 |
e.g. ``http://localhost:8888/user`` |
| 89 |
=================================== ============================================================================= =========================================================================================== |
| 90 |
|
| 91 |
Administrator functions |
| 92 |
----------------------- |
| 93 |
|
| 94 |
Available as extensions to Django's command-line management utility: |
| 95 |
|
| 96 |
=============== =========================== |
| 97 |
Name Description |
| 98 |
=============== =========================== |
| 99 |
addgroup Add new group |
| 100 |
addterms Add new approval terms |
| 101 |
createuser Create a user |
| 102 |
inviteuser Invite a user |
| 103 |
listgroups List groups |
| 104 |
listinvitations List invitations |
| 105 |
listusers List users |
| 106 |
modifyuser Modify a user's attributes |
| 107 |
sendactivation Send activation email |
| 108 |
showinvitation Show invitation info |
| 109 |
showuser Show user info |
| 110 |
=============== =========================== |
| 111 |
|
| 112 |
To update user credibility from the billing system (Aquarium), enable the queue, install snf-pithos-tools and use ``pithos-dispatcher``:: |
| 113 |
|
| 114 |
pithos-dispatcher --exchange=aquarium --callback=astakos.im.endpoints.aquarium.consumer.on_creditevent |