add LDAP support
This commit is contained in:
root
DanielBatteryStapler
parent
00ecf57b0f
commit
23f086aa40
4 changed files with 67 additions and 6 deletions
|
|
@ -87,12 +87,12 @@ ADD "./setup.py" "$CODE_DIR/"
|
||||||
ADD "./package.json" "$CODE_DIR/archivebox/"
|
ADD "./package.json" "$CODE_DIR/archivebox/"
|
||||||
RUN apt-get update -qq \
|
RUN apt-get update -qq \
|
||||||
&& apt-get install -qq -y --no-install-recommends \
|
&& apt-get install -qq -y --no-install-recommends \
|
||||||
build-essential python-dev python3-dev \
|
build-essential python-dev python3-dev libldap2-dev libsasl2-dev \
|
||||||
&& echo 'empty placeholder for setup.py to use' > "$CODE_DIR/archivebox/README.md" \
|
&& echo 'empty placeholder for setup.py to use' > "$CODE_DIR/archivebox/README.md" \
|
||||||
&& python3 -c 'from distutils.core import run_setup; result = run_setup("./setup.py", stop_after="init"); print("\n".join(result.install_requires + result.extras_require["sonic"]))' > /tmp/requirements.txt \
|
&& python3 -c 'from distutils.core import run_setup; result = run_setup("./setup.py", stop_after="init"); print("\n".join(result.install_requires + result.extras_require["sonic"]))' > /tmp/requirements.txt \
|
||||||
&& pip install -r /tmp/requirements.txt \
|
&& pip install -r /tmp/requirements.txt \
|
||||||
&& pip install --upgrade youtube-dl yt-dlp \
|
&& pip install --upgrade youtube-dl yt-dlp \
|
||||||
&& apt-get purge -y build-essential python-dev python3-dev \
|
&& apt-get purge -y build-essential python-dev python3-dev libldap2-dev libsasl2-dev \
|
||||||
&& apt-get autoremove -y \
|
&& apt-get autoremove -y \
|
||||||
&& rm -rf /var/lib/apt/lists/*
|
&& rm -rf /var/lib/apt/lists/*
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -100,12 +100,22 @@ CONFIG_SCHEMA: Dict[str, ConfigDefaultDict] = {
|
||||||
'SNAPSHOTS_PER_PAGE': {'type': int, 'default': 40},
|
'SNAPSHOTS_PER_PAGE': {'type': int, 'default': 40},
|
||||||
'CUSTOM_TEMPLATES_DIR': {'type': str, 'default': None},
|
'CUSTOM_TEMPLATES_DIR': {'type': str, 'default': None},
|
||||||
'TIME_ZONE': {'type': str, 'default': 'UTC'},
|
'TIME_ZONE': {'type': str, 'default': 'UTC'},
|
||||||
'TIMEZONE': {'type': str, 'default': 'UTC'},
|
'TIMEZONE': {'type': str, 'default': 'UTC'},
|
||||||
'REVERSE_PROXY_USER_HEADER': {'type': str, 'default': 'Remote-User'},
|
'REVERSE_PROXY_USER_HEADER': {'type': str, 'default': 'Remote-User'},
|
||||||
'REVERSE_PROXY_WHITELIST': {'type': str, 'default': ''},
|
'REVERSE_PROXY_WHITELIST': {'type': str, 'default': ''},
|
||||||
'LOGOUT_REDIRECT_URL': {'type': str, 'default': '/'},
|
'LOGOUT_REDIRECT_URL': {'type': str, 'default': '/'},
|
||||||
'PREVIEW_ORIGINALS': {'type': bool, 'default': True},
|
'PREVIEW_ORIGINALS': {'type': bool, 'default': True},
|
||||||
'LOGOUT_REDIRECT_URL': {'type': str, 'default': '/'},
|
|
||||||
|
'LDAP': {'type': bool, 'default': False},
|
||||||
|
'LDAP_SERVER_URI': {'type': str, 'default': None},
|
||||||
|
'LDAP_BIND_DN': {'type': str, 'default': None},
|
||||||
|
'LDAP_BIND_PASSWORD': {'type': str, 'default': None},
|
||||||
|
'LDAP_USER_BASE': {'type': str, 'default': None},
|
||||||
|
'LDAP_USER_FILTER': {'type': str, 'default': None},
|
||||||
|
'LDAP_USERNAME_ATTR': {'type': str, 'default': None},
|
||||||
|
'LDAP_FIRSTNAME_ATTR': {'type': str, 'default': None},
|
||||||
|
'LDAP_LASTNAME_ATTR': {'type': str, 'default': None},
|
||||||
|
'LDAP_EMAIL_ATTR': {'type': str, 'default': None},
|
||||||
},
|
},
|
||||||
|
|
||||||
'ARCHIVE_METHOD_TOGGLES': {
|
'ARCHIVE_METHOD_TOGGLES': {
|
||||||
|
|
|
||||||
|
|
@ -6,6 +6,9 @@ import re
|
||||||
import logging
|
import logging
|
||||||
import tempfile
|
import tempfile
|
||||||
|
|
||||||
|
import ldap
|
||||||
|
from django_auth_ldap.config import LDAPSearch
|
||||||
|
|
||||||
from pathlib import Path
|
from pathlib import Path
|
||||||
from django.utils.crypto import get_random_string
|
from django.utils.crypto import get_random_string
|
||||||
|
|
||||||
|
|
@ -20,6 +23,17 @@ from ..config import (
|
||||||
OUTPUT_DIR,
|
OUTPUT_DIR,
|
||||||
LOGS_DIR,
|
LOGS_DIR,
|
||||||
TIMEZONE,
|
TIMEZONE,
|
||||||
|
|
||||||
|
LDAP,
|
||||||
|
LDAP_SERVER_URI,
|
||||||
|
LDAP_BIND_DN,
|
||||||
|
LDAP_BIND_PASSWORD,
|
||||||
|
LDAP_USER_BASE,
|
||||||
|
LDAP_USER_FILTER,
|
||||||
|
LDAP_USERNAME_ATTR,
|
||||||
|
LDAP_FIRSTNAME_ATTR,
|
||||||
|
LDAP_LASTNAME_ATTR,
|
||||||
|
LDAP_EMAIL_ATTR,
|
||||||
)
|
)
|
||||||
|
|
||||||
IS_MIGRATING = 'makemigrations' in sys.argv[:3] or 'migrate' in sys.argv[:3]
|
IS_MIGRATING = 'makemigrations' in sys.argv[:3] or 'migrate' in sys.argv[:3]
|
||||||
|
|
@ -54,7 +68,6 @@ INSTALLED_APPS = [
|
||||||
'django_extensions',
|
'django_extensions',
|
||||||
]
|
]
|
||||||
|
|
||||||
|
|
||||||
MIDDLEWARE = [
|
MIDDLEWARE = [
|
||||||
'core.middleware.TimezoneMiddleware',
|
'core.middleware.TimezoneMiddleware',
|
||||||
'django.middleware.security.SecurityMiddleware',
|
'django.middleware.security.SecurityMiddleware',
|
||||||
|
|
@ -67,11 +80,48 @@ MIDDLEWARE = [
|
||||||
'core.middleware.CacheControlMiddleware',
|
'core.middleware.CacheControlMiddleware',
|
||||||
]
|
]
|
||||||
|
|
||||||
|
################################################################################
|
||||||
|
### Authentication Settings
|
||||||
|
################################################################################
|
||||||
|
|
||||||
AUTHENTICATION_BACKENDS = [
|
AUTHENTICATION_BACKENDS = [
|
||||||
'django.contrib.auth.backends.RemoteUserBackend',
|
'django.contrib.auth.backends.RemoteUserBackend',
|
||||||
'django.contrib.auth.backends.ModelBackend',
|
'django.contrib.auth.backends.ModelBackend',
|
||||||
]
|
]
|
||||||
|
|
||||||
|
if LDAP:
|
||||||
|
global AUTH_LDAP_SERVER_URI
|
||||||
|
AUTH_LDAP_SERVER_URI = LDAP_SERVER_URI
|
||||||
|
|
||||||
|
global AUTH_LDAP_BIND_DN
|
||||||
|
AUTH_LDAP_BIND_DN = LDAP_BIND_DN
|
||||||
|
|
||||||
|
global AUTH_LDAP_BIND_PASSWORD
|
||||||
|
AUTH_LDAP_BIND_PASSWORD = LDAP_BIND_PASSWORD
|
||||||
|
|
||||||
|
global AUTH_LDAP_USER_SEARCH
|
||||||
|
AUTH_LDAP_USER_SEARCH = LDAPSearch(
|
||||||
|
LDAP_USER_BASE,
|
||||||
|
ldap.SCOPE_SUBTREE,
|
||||||
|
'(&(' + LDAP_USERNAME_ATTR + '=%(user)s)' + LDAP_USER_FILTER + ')',
|
||||||
|
)
|
||||||
|
|
||||||
|
global AUTH_LDAP_USER_ATTR_MAP
|
||||||
|
AUTH_LDAP_USER_ATTR_MAP = {
|
||||||
|
'username': LDAP_USERNAME_ATTR,
|
||||||
|
'first_name': LDAP_FIRSTNAME_ATTR,
|
||||||
|
'last_name': LDAP_LASTNAME_ATTR,
|
||||||
|
'email': LDAP_EMAIL_ATTR,
|
||||||
|
}
|
||||||
|
|
||||||
|
AUTHENTICATION_BACKENDS = [
|
||||||
|
'django_auth_ldap.backend.LDAPBackend',
|
||||||
|
]
|
||||||
|
|
||||||
|
################################################################################
|
||||||
|
### Debug Settings
|
||||||
|
################################################################################
|
||||||
|
|
||||||
# only enable debug toolbar when in DEBUG mode with --nothreading (it doesnt work in multithreaded mode)
|
# only enable debug toolbar when in DEBUG mode with --nothreading (it doesnt work in multithreaded mode)
|
||||||
DEBUG_TOOLBAR = DEBUG and ('--nothreading' in sys.argv) and ('--reload' not in sys.argv)
|
DEBUG_TOOLBAR = DEBUG and ('--nothreading' in sys.argv) and ('--reload' not in sys.argv)
|
||||||
if DEBUG_TOOLBAR:
|
if DEBUG_TOOLBAR:
|
||||||
|
|
|
||||||
1
setup.py
1
setup.py
|
|
@ -47,6 +47,7 @@ INSTALL_REQUIRES = [
|
||||||
"croniter>=0.3.34",
|
"croniter>=0.3.34",
|
||||||
"w3lib>=1.22.0",
|
"w3lib>=1.22.0",
|
||||||
"ipython>5.0.0",
|
"ipython>5.0.0",
|
||||||
|
"django-auth-ldap>=4.1.0"
|
||||||
]
|
]
|
||||||
EXTRAS_REQUIRE = {
|
EXTRAS_REQUIRE = {
|
||||||
'sonic': [
|
'sonic': [
|
||||||
|
|
|
||||||
Loading…
Reference in a new issue