« Previous | Next » 

Revision 9d20fe23

ID9d20fe232af5c03cc3b89227260b66ec6cced8ce

Added by Kostas Papadimitriou over 8 years ago

Authentication providers improvements

Major authentication provider refactoring to support

- Modular and easily configurable messages with common context
- Fine grained provider policies to support appling specific policies to
users and/or groups

Key points:

- Use auth_providers.AuthProvider instances where auth provider logic is
needed. Instances get properly initialized with the available context
(with no user/signup view, with user/login view, with user and
identifier/profile view).

- All authentication provider messages are now accessed using the
get_*_msg AuthProvider attributes.

- Provider policies logic is handled from get_*_policy attributes.

- All provider messages may be overridden globally or per provider level from
settings::

  1. global change
    ASTAKOS_AUTH_PROVIDER_NOT_ACTIVE = 'Provider not active'
  1. change only applies to shibboleth provider
    ASTAKOS_AUTH_PROVIDER_SHIBBOLETH_NOT_ACTIVE = 'Shibboleth is not active'

- Provider policies may be overridden in settings::

  1. ALL users wont be able to add shibboleth login method from their
  2. profile
    AUTH_PROVIDER_SHIBBOLETH_ADD_POLICY = False

- New provider policies profile model added. Profiles can be assigned to
a group or/and a specific user.

- All tests updated to match the auth providers changes.

- New management commands included

  • user-auth-policy-{add, list, remove, set, show}
    Manage authentication provider policy profiles.
  • user-group-{add, list}
    User group management commands

- Updated user-list to optionally display auth provider information

Files

  • added
  • modified
  • copied
  • renamed
  • deleted

View differences