Django-ucamwebauth: Difference between revisions
(Created page with "pyroven is a library which provides raven authentication for django, the python web framework ([https://www.djangoproject.com/]). It provides a django authentication backend whi...") |
(add download link) |
||
Line 1: | Line 1: | ||
pyroven is a library which provides raven authentication for django, the python web framework ([https://www.djangoproject.com/]). It provides a django authentication backend which can be added to AUTHENTICATION_BACKENDS in the django settings module: | pyroven ([[File:Pyroven.tar.bz2]]) is a library which provides raven authentication for django, the python web framework ([https://www.djangoproject.com/]). It provides a django authentication backend which can be added to AUTHENTICATION_BACKENDS in the django settings module: | ||
AUTHENTICATION_BACKENDS = ('pyroven.pyroven_django.RavenAuthBackend', | AUTHENTICATION_BACKENDS = ('pyroven.pyroven_django.RavenAuthBackend', |
Revision as of 07:59, 5 August 2011
pyroven (File:Pyroven.tar.bz2) is a library which provides raven authentication for django, the python web framework ([1]). It provides a django authentication backend which can be added to AUTHENTICATION_BACKENDS in the django settings module:
AUTHENTICATION_BACKENDS = ('pyroven.pyroven_django.RavenAuthBackend', 'django.contrib.auth.backends.ModelBackend')
This allows both normal django login and raven login.
Anything using pyroven should make sure that the configuration is loaded; this is done by setting the config variable in the Raven singleton class:
from pyroven import RavenConfig from pyroven.pyroven_django import Raven
def configure(): r = Raven() if r.config is None: r.config = RavenConfig("raven.ini")
The login page should redirect users to raven:
def raven_login(request):
# Ensure we're properly configured configure()
# Get the raven object and return a redirect to the raven server r = Raven() return r.get_login_redirect()
When the user has authenticated with raven, the raven server will redirect them back to your site (the exact URL is specified in the .ini file above). The return page should call the django authenticate and login functions with a token received from the raven server via HTTP GET:
from django.contrib.auth import authenticate, login def raven_return(request):
# Ensure we're properly configured configure() # Get the token which the raven server sent us - this should really # have a try/except around it to catch KeyError token = request.GET['WLS-Response']
# See if this is a valid token user = authenticate(response_str=token) if user is None: # Some sort of err else: login(request, user)
# Redirect somewhere sensible return HttpResponseRedirect('/')
The .ini file which the raven settings are loaded from has the following format:
[raven] login_url = "http://raven.cam.ac.uk/auth/authenticate.html" logout_url = "http://raven.cam.ac.uk/auth/logout.html" return_url = "http://your.server.cam.ac.uk/ravenreturn/" pubkeys = {'2':'/path/to/pubkey2.crt'}