root / snf-astakos-app / README @ 670de92a
History | View | Annotate | Download (9.6 kB)
1 |
README |
---|---|
2 |
====== |
3 |
|
4 |
Astakos is an identity management service, built by GRNET using Django (https://www.djangoproject.com/). |
5 |
Learn more about Astakos at: http://code.grnet.gr/projects/astakos |
6 |
|
7 |
Consult COPYRIGHT for licensing information. |
8 |
|
9 |
About Astakos application |
10 |
------------------------- |
11 |
|
12 |
This package contains the Django application that implements all identity management functions. |
13 |
|
14 |
How to run |
15 |
---------- |
16 |
|
17 |
Use snf-webproject to run Astakos automatically. |
18 |
|
19 |
To use Astakos in a custom Django project, add ``astakos.im`` to ``INSTALLED_APPS``. Astakos requires South (http://south.aeracode.org/). |
20 |
|
21 |
Also, add the following to your ``settings.py``:: |
22 |
|
23 |
TEMPLATE_CONTEXT_PROCESSORS = ( |
24 |
... |
25 |
'astakos.im.context_processors.cloudbar', |
26 |
'astakos.im.context_processors.im_modules', |
27 |
'astakos.im.context_processors.next', |
28 |
'astakos.im.context_processors.code', |
29 |
'astakos.im.context_processors.invitations') |
30 |
|
31 |
AUTHENTICATION_BACKENDS = ('astakos.im.auth_backends.EmailBackend', |
32 |
'astakos.im.auth_backends.TokenBackend') |
33 |
|
34 |
CUSTOM_USER_MODEL = 'astakos.im.AstakosUser' |
35 |
|
36 |
LOGIN_URL = '/im' |
37 |
|
38 |
Settings |
39 |
-------- |
40 |
|
41 |
Configure in ``settings.py`` or a ``.conf`` file in ``/etc/synnefo`` if using snf-webproject. |
42 |
|
43 |
=================================== ============================================================================= =========================================================================================== |
44 |
Name Default value Description |
45 |
=================================== ============================================================================= =========================================================================================== |
46 |
ASTAKOS_AUTH_TOKEN_DURATION one month Expiration time of newly created auth tokens |
47 |
ASTAKOS_DEFAULT_USER_LEVEL 4 Default (not-invited) user level |
48 |
ASTAKOS_INVITATIONS_PER_LEVEL {0:100, 1:2, 2:0, 3:0, 4:0} Number of user invitations per user level |
49 |
ASTAKOS_DEFAULT_CONTACT_EMAIL support\@cloud.grnet.gr Contact email |
50 |
ASTAKOS_IM_MODULES ['local', 'shibboleth'] Signup modules |
51 |
ASTAKOS_FORCE_PROFILE_UPDATE True Force user profile verification |
52 |
ASTAKOS_INVITATIONS_ENABLED True Enable invitations |
53 |
ASTAKOS_COOKIE_NAME _pithos2_a ``Key`` parameter passed in ``django.http.HttpResponse.set_cookie`` |
54 |
ASTAKOS_COOKIE_DOMAIN None ``Domain`` parameter passed in ``django.http.HttpResponse.set_cookie`` |
55 |
ASTAKOS_COOKIE_SECURE True ``Secure`` parameter passed in ``django.http.HttpResponse.set_cookie`` |
56 |
ASTAKOS_IM_STATIC_URL /static/im/ URL to use when referring to static files |
57 |
ASTAKOS_MODERATION_ENABLED True If False and invitations are not enabled newly created user will be automatically accepted |
58 |
ASTAKOS_BASEURL \http://pithos.dev.grnet.gr Astakos baseurl |
59 |
ASTAKOS_SITENAME GRNET Cloud Service name that appears in emails |
60 |
ASTAKOS_RECAPTCHA_ENABLED True Enable recaptcha |
61 |
ASTAKOS_RECAPTCHA_PUBLIC_KEY Recaptcha public key obtained after registration here: http://recaptcha.net |
62 |
ASTAKOS_RECAPTCHA_PRIVATE_KEY Recaptcha private key obtained after registration here: http://recaptcha.net |
63 |
ASTAKOS_RECAPTCHA_OPTIONS {'theme': 'white'} Options for customizing reCAPTCHA look and feel |
64 |
(see: http://code.google.com/intl/el-GR/apis/recaptcha/docs/customization.html) |
65 |
ASTAKOS_LOGOUT_NEXT Where the user should be redirected after logout |
66 |
(if not set and no next parameter is defined it renders login page with message) |
67 |
ASTAKOS_BILLING_FIELDS ['id', 'is_active', 'provider', 'third_party_identifier'] AstakosUser fields to propagate in the billing system |
68 |
ASTAKOS_QUEUE_CONNECTION The queue connection ex. 'rabbitmq://guest:guest@localhost:5672/astakos' |
69 |
(if it is not set, it does not send messages) |
70 |
ASTAKOS_RE_USER_EMAIL_PATTERNS [] Email patterns that are automatically activated ex. ['^[a-zA-Z0-9\._-]+@grnet\.gr$'] |
71 |
|
72 |
ASTAKOS_LOGIN_MESSAGES {} Notification messages to display on login page header |
73 |
e.g. {'warning': 'Warning message (can contain html)'} |
74 |
ASTAKOS_PROFILE_EXTRA_LINKS {} Messages to display as extra actions in account forms |
75 |
e.g. {'https://cms.okeanos.grnet.gr/': 'Back to ~okeanos'} |
76 |
ASTAKOS_RATELIMIT_RETRIES_ALLOWED 3 Number of unsuccessful login requests per minute allowed for a specific account. |
77 |
When this number exceeds and ASTAKOS_RECAPTCHA_ENABLED is set the user has to solve a |
78 |
captcha challenge. |
79 |
ASTAKOS_EMAILCHANGE_ENABLED False Enable email change mechanism |
80 |
ASTAKOS_EMAILCHANGE_ACTIVATION_DAYS 10 Number of days that email change requests remain active |
81 |
ASTAKOS_LOGGING_LEVEL INFO Message logging severity |
82 |
ASTAKOS_QUOTA_HOLDER_URL '' The quota holder URI |
83 |
e.g. ``http://localhost:8080/api/quotaholder/v`` |
84 |
ASTAKOS_SERVICES {'cyclades': {'url':'https://node1.example.com/ui/', 'quota': {'vm': 2}}, Cloud service default url and quota |
85 |
'pithos+': {'url':'https://node2.example.com/ui/', 'quota': { |
86 |
'diskspace': 50 * 1024 * 1024 * 1024}}}) |
87 |
AQUARIUM_URL '' The billing (aquarium) URI |
88 |
e.g. ``http://localhost:8888/user`` |
89 |
=================================== ============================================================================= =========================================================================================== |
90 |
|
91 |
Administrator functions |
92 |
----------------------- |
93 |
|
94 |
Available as extensions to Django's command-line management utility: |
95 |
|
96 |
=============== =========================== |
97 |
Name Description |
98 |
=============== =========================== |
99 |
addgroup Add new group |
100 |
addterms Add new approval terms |
101 |
createuser Create a user |
102 |
inviteuser Invite a user |
103 |
listgroups List groups |
104 |
listinvitations List invitations |
105 |
listusers List users |
106 |
modifyuser Modify a user's attributes |
107 |
sendactivation Send activation email |
108 |
showinvitation Show invitation info |
109 |
showuser Show user info |
110 |
=============== =========================== |
111 |
|
112 |
To update user credibility from the billing system (Aquarium), enable the queue, install snf-pithos-tools and use ``pithos-dispatcher``:: |
113 |
|
114 |
pithos-dispatcher --exchange=aquarium --callback=astakos.im.endpoints.aquarium.consumer.on_creditevent |