Statistics
| Branch: | Tag: | Revision:

root / snf-astakos-app / README @ 6bdf0aa3

History | View | Annotate | Download (11.7 kB)

1 e0bfcf77 Antony Chazapis
README
2 e0bfcf77 Antony Chazapis
======
3 e0bfcf77 Antony Chazapis
4 e0bfcf77 Antony Chazapis
Astakos is an identity management service, built by GRNET using Django (https://www.djangoproject.com/).
5 e0bfcf77 Antony Chazapis
Learn more about Astakos at: http://code.grnet.gr/projects/astakos
6 e0bfcf77 Antony Chazapis
7 e0bfcf77 Antony Chazapis
Consult COPYRIGHT for licensing information.
8 e0bfcf77 Antony Chazapis
9 e0bfcf77 Antony Chazapis
About Astakos application
10 e0bfcf77 Antony Chazapis
-------------------------
11 e0bfcf77 Antony Chazapis
12 e0bfcf77 Antony Chazapis
This package contains the Django application that implements all identity management functions.
13 e0bfcf77 Antony Chazapis
14 e0bfcf77 Antony Chazapis
How to run
15 e0bfcf77 Antony Chazapis
----------
16 e0bfcf77 Antony Chazapis
17 e0bfcf77 Antony Chazapis
Use snf-webproject to run Astakos automatically.
18 e0bfcf77 Antony Chazapis
19 e0bfcf77 Antony Chazapis
To use Astakos in a custom Django project, add ``astakos.im`` to ``INSTALLED_APPS``. Astakos requires South (http://south.aeracode.org/).
20 e0bfcf77 Antony Chazapis
21 e0bfcf77 Antony Chazapis
Also, add the following to your ``settings.py``::
22 e0bfcf77 Antony Chazapis
23 e0bfcf77 Antony Chazapis
    TEMPLATE_CONTEXT_PROCESSORS = (
24 e0bfcf77 Antony Chazapis
        ...
25 e0bfcf77 Antony Chazapis
        'astakos.im.context_processors.cloudbar',
26 e0bfcf77 Antony Chazapis
        'astakos.im.context_processors.im_modules',
27 e0bfcf77 Antony Chazapis
        'astakos.im.context_processors.next',
28 e0bfcf77 Antony Chazapis
        'astakos.im.context_processors.code',
29 e0bfcf77 Antony Chazapis
        'astakos.im.context_processors.invitations')
30 e0bfcf77 Antony Chazapis
    
31 e0bfcf77 Antony Chazapis
    AUTHENTICATION_BACKENDS = ('astakos.im.auth_backends.EmailBackend',
32 e0bfcf77 Antony Chazapis
                               'astakos.im.auth_backends.TokenBackend')
33 e0bfcf77 Antony Chazapis
    
34 e0bfcf77 Antony Chazapis
    CUSTOM_USER_MODEL = 'astakos.im.AstakosUser'
35 e0bfcf77 Antony Chazapis
    
36 e0bfcf77 Antony Chazapis
    LOGIN_URL = '/im'
37 e0bfcf77 Antony Chazapis
38 e0bfcf77 Antony Chazapis
Settings
39 e0bfcf77 Antony Chazapis
--------
40 e0bfcf77 Antony Chazapis
41 e0bfcf77 Antony Chazapis
Configure in ``settings.py`` or a ``.conf`` file in ``/etc/synnefo`` if using snf-webproject.
42 e0bfcf77 Antony Chazapis
43 b03877be Sofia Papagiannaki
=========================================== =============================================================================   ===========================================================================================
44 b03877be Sofia Papagiannaki
Name                                        Default value                                                                   Description
45 b03877be Sofia Papagiannaki
=========================================== =============================================================================   ===========================================================================================
46 b03877be Sofia Papagiannaki
ASTAKOS_AUTH_TOKEN_DURATION                 one month                                                                       Expiration time of newly created auth tokens
47 b03877be Sofia Papagiannaki
ASTAKOS_DEFAULT_USER_LEVEL                  4                                                                               Default (not-invited) user level
48 b03877be Sofia Papagiannaki
ASTAKOS_INVITATIONS_PER_LEVEL               {0:100, 1:2, 2:0, 3:0, 4:0}                                                     Number of user invitations per user level
49 b03877be Sofia Papagiannaki
ASTAKOS_DEFAULT_FROM_EMAIL                  GRNET Cloud <no-reply\@grnet.gr>                                                ``from`` parameter passed in ``django.core.mail.send_mail``
50 b03877be Sofia Papagiannaki
ASTAKOS_DEFAULT_CONTACT_EMAIL               support\@cloud.grnet.gr                                                         Contact email
51 b03877be Sofia Papagiannaki
ASTAKOS_DEFAULT_ADMIN_EMAIL                 support\@cloud.grnet.gr                                                         Administrator email to receive user creation notifications (if None disables notifications)
52 b03877be Sofia Papagiannaki
ASTAKOS_IM_MODULES                          ['local', 'shibboleth']                                                         Signup modules
53 b03877be Sofia Papagiannaki
ASTAKOS_FORCE_PROFILE_UPDATE                True                                                                            Force user profile verification
54 b03877be Sofia Papagiannaki
ASTAKOS_INVITATIONS_ENABLED                 True                                                                            Enable invitations
55 b03877be Sofia Papagiannaki
ASTAKOS_COOKIE_NAME                         _pithos2_a                                                                      ``Key`` parameter passed in ``django.http.HttpResponse.set_cookie``
56 b03877be Sofia Papagiannaki
ASTAKOS_COOKIE_DOMAIN                       None                                                                            ``Domain`` parameter passed in ``django.http.HttpResponse.set_cookie``
57 b03877be Sofia Papagiannaki
ASTAKOS_COOKIE_SECURE                       True                                                                            ``Secure`` parameter passed in ``django.http.HttpResponse.set_cookie``
58 b03877be Sofia Papagiannaki
ASTAKOS_IM_STATIC_URL                       /static/im/                                                                     URL to use when referring to static files
59 b03877be Sofia Papagiannaki
ASTAKOS_MODERATION_ENABLED                  True                                                                            If False and invitations are not enabled newly created user will be automatically accepted
60 b03877be Sofia Papagiannaki
ASTAKOS_BASEURL                             \http://pithos.dev.grnet.gr                                                     Astakos baseurl
61 b03877be Sofia Papagiannaki
ASTAKOS_SITENAME                            GRNET Cloud                                                                     Service name that appears in emails
62 b03877be Sofia Papagiannaki
ASTAKOS_RECAPTCHA_ENABLED                   True                                                                            Enable recaptcha
63 b03877be Sofia Papagiannaki
ASTAKOS_RECAPTCHA_PUBLIC_KEY                                                                                                Recaptcha public key obtained after registration here: http://recaptcha.net
64 b03877be Sofia Papagiannaki
ASTAKOS_RECAPTCHA_PRIVATE_KEY                                                                                               Recaptcha private key obtained after registration here: http://recaptcha.net
65 b03877be Sofia Papagiannaki
ASTAKOS_RECAPTCHA_OPTIONS                   {'theme': 'white'}                                                              Options for customizing reCAPTCHA look and feel
66 b03877be Sofia Papagiannaki
                                                                                                                            (see: http://code.google.com/intl/el-GR/apis/recaptcha/docs/customization.html)
67 b03877be Sofia Papagiannaki
ASTAKOS_LOGOUT_NEXT                                                                                                         Where the user should be redirected after logout
68 b03877be Sofia Papagiannaki
                                                                                                                            (if not set and no next parameter is defined it renders login page with message)
69 b03877be Sofia Papagiannaki
ASTAKOS_BILLING_FIELDS                      ['id', 'is_active', 'provider', 'third_party_identifier']                       AstakosUser fields to propagate in the billing system
70 b03877be Sofia Papagiannaki
ASTAKOS_QUEUE_CONNECTION                                                                                                    The queue connection ex. 'rabbitmq://guest:guest@localhost:5672/astakos'
71 b03877be Sofia Papagiannaki
                                                                                                                            (if it is not set, it does not send messages)
72 b03877be Sofia Papagiannaki
ASTAKOS_RE_USER_EMAIL_PATTERNS              []                                                                              Email patterns that are automatically activated ex. ['^[a-zA-Z0-9\._-]+@grnet\.gr$']
73 76776df1 Kostas Papadimitriou
74 b03877be Sofia Papagiannaki
ASTAKOS_LOGIN_MESSAGES                      {}                                                                              Notification messages to display on login page header
75 b03877be Sofia Papagiannaki
                                                                                                                            e.g. {'warning': 'Warning message (can contain html)'}
76 b03877be Sofia Papagiannaki
ASTAKOS_PROFILE_EXTRA_LINKS                 {}                                                                              Messages to display as extra actions in account forms
77 b03877be Sofia Papagiannaki
                                                                                                                            e.g. {'https://cms.okeanos.grnet.gr/': 'Back to ~okeanos'}
78 b03877be Sofia Papagiannaki
ASTAKOS_RATELIMIT_RETRIES_ALLOWED           3                                                                               Number of unsuccessful login requests per minute allowed for a specific account.
79 b03877be Sofia Papagiannaki
                                                                                                                            When this number exceeds and ASTAKOS_RECAPTCHA_ENABLED is set the user has to solve a
80 b03877be Sofia Papagiannaki
                                                                                                                            captcha challenge.
81 b03877be Sofia Papagiannaki
ASTAKOS_EMAILCHANGE_ENABLED                 False                                                                           Enable email change mechanism
82 b03877be Sofia Papagiannaki
ASTAKOS_EMAILCHANGE_ACTIVATION_DAYS         10                                                                              Number of days that email change requests remain active
83 b03877be Sofia Papagiannaki
ASTAKOS_LOGGING_LEVEL                       INFO                                                                            Message logging severity
84 b03877be Sofia Papagiannaki
ASTAKOS_INVITATION_EMAIL_SUBJECT            'Invitation to %s alpha2 testing' % SITENAME                                    Invitation email subject
85 b03877be Sofia Papagiannaki
ASTAKOS_GREETING_EMAIL_SUBJECT              'Welcome to %s alpha2 testing' % SITENAME                                       Welcome email subject
86 b03877be Sofia Papagiannaki
ASTAKOS_FEEDBACK_EMAIL_SUBJECT              'Feedback from %s alpha2 testing' % SITENAME                                    Feedback email subject
87 b03877be Sofia Papagiannaki
ASTAKOS_VERIFICATION_EMAIL_SUBJECT          '%s alpha2 testing account activation is needed' % SITENAME                     Account activation email subject
88 b03877be Sofia Papagiannaki
ASTAKOS_ADMIN_NOTIFICATION_EMAIL_SUBJECT    '%s alpha2 testing account created (%%(user)s)' % SITENAME                      Account creation admin notification email subject
89 b03877be Sofia Papagiannaki
ASTAKOS_HELPDESK_NOTIFICATION_EMAIL_SUBJECT '%s alpha2 testing account activated (%%(user)s)' % SITENAME                    Account activation helpdesk notification email subject
90 b03877be Sofia Papagiannaki
ASTAKOS_EMAIL_CHANGE_EMAIL_SUBJECT          'Email change on %s alpha2 testing' % SITENAME                                  Email change subject               
91 b03877be Sofia Papagiannaki
ASTAKOS_PASSWORD_RESET_EMAIL_SUBJECT        'Password reset on %s alpha2 testing' % SITENAME                                Password change email subject
92 8cc49f4d Sofia Papagiannaki
ASTAKOS_QUOTA_HOLDER_URL                    ''                                                                              The quota holder URI
93 6e029beb Sofia Papagiannaki
                                                                                                                    e.g. ``http://localhost:8080/api/quotaholder/v``
94 8cc49f4d Sofia Papagiannaki
ASTAKOS_SERVICES                            {'cyclades': {'url':'https://node1.example.com/ui/', 'quota': {'vm': 2}},       Cloud service default url and quota      
95 8cc49f4d Sofia Papagiannaki
                                            'pithos+':  {'url':'https://node2.example.com/ui/', 'quota': {                  
96 8cc49f4d Sofia Papagiannaki
                                            'diskspace': 50 * 1024 * 1024 * 1024}}})                                        
97 8cc49f4d Sofia Papagiannaki
ASTAKOS_AQUARIUM_URL                        ''                                                                              The billing (aquarium) URI
98 6e029beb Sofia Papagiannaki
                                                                                                                    e.g. ``http://localhost:8888/user``
99 8cc49f4d Sofia Papagiannaki
ASTAKOS_PAGINATE_BY                         10                                                                              Number of object to be displayed per page
100 b03877be Sofia Papagiannaki
=========================================== =============================================================================   ===========================================================================================
101 e0bfcf77 Antony Chazapis
102 e0bfcf77 Antony Chazapis
Administrator functions
103 e0bfcf77 Antony Chazapis
-----------------------
104 e0bfcf77 Antony Chazapis
105 e0bfcf77 Antony Chazapis
Available as extensions to Django's command-line management utility:
106 e0bfcf77 Antony Chazapis
107 d01e7b22 Antony Chazapis
===============  ===========================
108 d01e7b22 Antony Chazapis
Name             Description
109 d01e7b22 Antony Chazapis
===============  ===========================
110 18ffbee1 Sofia Papagiannaki
addgroup         Add new group
111 18ffbee1 Sofia Papagiannaki
addterms         Add new approval terms
112 d01e7b22 Antony Chazapis
createuser       Create a user
113 d01e7b22 Antony Chazapis
inviteuser       Invite a user
114 18ffbee1 Sofia Papagiannaki
listgroups       List groups
115 d01e7b22 Antony Chazapis
listinvitations  List invitations
116 d01e7b22 Antony Chazapis
listusers        List users
117 d01e7b22 Antony Chazapis
modifyuser       Modify a user's attributes
118 18ffbee1 Sofia Papagiannaki
sendactivation   Send activation email
119 d01e7b22 Antony Chazapis
showinvitation   Show invitation info
120 d01e7b22 Antony Chazapis
showuser         Show user info
121 d01e7b22 Antony Chazapis
===============  ===========================
122 18ffbee1 Sofia Papagiannaki
123 18ffbee1 Sofia Papagiannaki
To update user credibility from the billing system (Aquarium), enable the queue, install snf-pithos-tools and use ``pithos-dispatcher``::
124 18ffbee1 Sofia Papagiannaki
125 4f78c22c Sofia Papagiannaki
    pithos-dispatcher --exchange=aquarium --callback=astakos.im.endpoints.aquarium.consumer.on_creditevent