Skip to content
Snippets Groups Projects
Commit 5c2354b0 authored by Daniel Palomar's avatar Daniel Palomar
Browse files

WIP

parent 1edcdf4a
No related branches found
No related tags found
No related merge requests found
# SomOffice Demo App
Features:
* Login with Keycloak
## Setup
1. Install pyenv:
......@@ -46,6 +50,13 @@ pyenv exec python manage.py migrate
```
## Run AppServer
In one shell start a Keycloak server:
```bash
docker run -p 8080:8080 -e KEYCLOAK_ADMIN=admin -e KEYCLOAK_ADMIN_PASSWORD=admin quay.io/keycloak/keycloak:18.0.1 start-dev
```
```bash
pyenv exec python manage.py runserver 0.0.0.0:8000
......@@ -53,6 +64,21 @@ pyenv exec python manage.py runserver 0.0.0.0:8000
```
## Usage
### Create user
```sh
curl -X POST \
-H 'Accept: application/json' \
-H 'Content-Type: application/json;charset=utf-8' \
--data-raw '
{
"username": "demo5",
"password": "demo",
"locale": "ca"
}' \
localhost:8000/api/admin/import_user/
```
### Login
curl -X GET \
......
......@@ -18,7 +18,6 @@ class FakeAuthenticationRemoteBackend(RemoteUserBackend):
authenticate() (which passes it on to the backend).
"""
user = super().authenticate(request, username)
user.profile = object
return user
def clean_username(self, username):
......
......@@ -15,6 +15,9 @@ import os
from django.utils.translation import gettext_lazy as _
from datetime import timedelta
# Import from keycloak_oidc settings and use the defaults
from keycloak_oidc.default_settings import *
BASE_DIR = os.path.dirname(os.path.dirname(__file__))
......@@ -27,7 +30,7 @@ SECRET_KEY = 'e12261a4e417683eafd18d9da9e89b978fb9e663'
# SECURITY WARNING: don't run with debug turned on in production!
DEBUG = True
ALLOWED_HOSTS = []
ALLOWED_HOSTS = ['*']
# Application definition
......@@ -40,6 +43,7 @@ INSTALLED_APPS = (
'django.contrib.staticfiles',
'rest_framework',
"django_rest_passwordreset",
'keycloak_oidc', # load after auth!
'django_somoffice',
'demo',
)
......@@ -53,10 +57,12 @@ MIDDLEWARE = (
"django.contrib.messages.middleware.MessageMiddleware",
"django.middleware.clickjacking.XFrameOptionsMiddleware",
"django_somoffice.core.http.locale_middleware",
"mozilla_django_oidc.middleware.SessionRefresh",
)
# For backwards compatibility for Django 1.8
MIDDLEWARE_CLASSES = MIDDLEWARE
AUTHENTICATION_BACKENDS = [
'keycloak_oidc.auth.OIDCAuthenticationBackend',
]
ROOT_URLCONF = 'demo.urls'
......@@ -108,10 +114,6 @@ AUTH_PASSWORD_VALIDATORS = [
},
]
AUTHENTICATION_BACKENDS = [
"demo.domain.auth.FakeAuthenticationRemoteBackend",
]
# Static files (CSS, JavaScript, Images)
# https://docs.djangoproject.com/en/1.7/howto/static-files/
......@@ -170,3 +172,26 @@ SOMOFFICE_RESOURCE_PROVIDERS = {
"discovery_channels": "demo.providers.discovery_channels.DiscoveryChannelsProvider", # noqa
"profile": "demo.providers.profile.ProfileProvider",
}
REST_FRAMEWORK = dict(
DEFAULT_AUTHENTICATION_CLASSES=(
'mozilla_django_oidc.contrib.drf.OIDCAuthentication',
'rest_framework.authentication.SessionAuthentication'
)
)
KEYCLOAK_SERVER_URL = "http://localhost:8080"
KEYCLOAK_CLIENT_ID = "django-somoffice"
KEYCLOAK_CLIENT_SECRET = "6CulK9DvVpGxxjxxlyjX2BElif4vjxQv"
KEYCLOAK_REALM = "somoffice-demo"
KEYCLOAK_ADMIN_USER = "admin"
KEYCLOAK_ADMIN_PASSWORD = "admin"
OIDC_RP_CLIENT_ID = "django-somoffice"
OIDC_RP_CLIENT_SECRET = "6CulK9DvVpGxxjxxlyjX2BElif4vjxQv"
OIDC_OP_AUTHORIZATION_ENDPOINT = 'http://localhost:8080/auth/realms/somoffice-demo/protocol/openid-connect/auth'
OIDC_OP_TOKEN_ENDPOINT = 'http://localhost:8080/auth/realms/somoffice-demo/protocol/openid-connect/token'
OIDC_OP_USER_ENDPOINT = 'http://localhost:8080/auth/realms/somoffice-demo/protocol/openid-connect/userinfo'
OIDC_OP_JWKS_ENDPOINT = 'http://localhost:8080/auth/realms/somoffice-demo/protocol/openid-connect/certs'
OIDC_OP_LOGOUT_ENDPOINT = 'http://localhost:8080/auth/realms/somoffice-demo/protocol/openid-connect/logout'
\ No newline at end of file
......@@ -8,5 +8,11 @@ urlpatterns = [
path(base_path + "import_user/", views.import_user),
path(base_path + "user/", views.get_user),
path(base_path + "change_user_email", views.change_user_email),
path(base_path + "oidc/callback/", views.keycloak_authenticate_response),
path("", include("django_somoffice.urls")),
path(base_path + 'oidc/', include('keycloak_oidc.urls')),
]
# URL login
# https://staging-opencell.coopdevs.org/auth/realms/somoffice-demo/protocol/openid-connect/auth?response_type=code&client_id=django-somoffice&redirect_uri=http%3A%2F%2Flocalhost:8000%2Fapi%2Fadmin%2Fkeycloak/&state=f0eb39af-1abe-4b75-b093-9bd0211c66d3&login=true&scope=openid
\ No newline at end of file
import json
from django.views.decorators.http import require_POST, require_GET
from django.http import JsonResponse
from django.views.decorators.csrf import csrf_exempt
from basicauth.decorators import basic_auth_required
from demo.serializers.user import UserSerializer
from django_somoffice.models import User
from django.contrib.auth.decorators import login_required
@csrf_exempt
@basic_auth_required
@require_POST
def import_user(request):
data = json.loads(request.body)
user = User(
username=data["username"],
password=data["password"]
)
user.save()
user.profile.preferredLocale = data["locale"]
user.profile.save()
return JsonResponse({"msg": "ok"})
@require_GET
@basic_auth_required
@csrf_exempt
def get_user(request):
return JsonResponse(
UserSerializer(user).data
UserSerializer(None).data
)
@require_POST
@basic_auth_required
@csrf_exempt
def change_user_email(request):
return JsonResponse({"msg": "ok"})
@require_GET
@csrf_exempt
def keycloak_authenticate_response_old(request):
print(request)
return JsonResponse({"msg": "ok"})
@require_GET
@login_required
def keycloak_authenticate_response(request):
return JsonResponse({"msg": "ok"})
\ No newline at end of file
version: '3'
volumes:
postgres_data:
driver: local
services:
postgres:
image: postgres
volumes:
- postgres_data:/var/lib/postgresql/data
environment:
POSTGRES_DB: keycloak
POSTGRES_USER: postgres
POSTGRES_PASSWORD: postgres
keycloak:
image: jboss/keycloak:16.1.1
environment:
DB_VENDOR: POSTGRES
DB_ADDR: postgres
DB_DATABASE: keycloak
DB_USER: postgres
DB_SCHEMA: public
DB_PASSWORD: postgres
KEYCLOAK_USER: admin
KEYCLOAK_PASSWORD: admin
ports:
- 8080:8080
depends_on:
- postgres
......@@ -3,3 +3,6 @@ djangorestframework==3.9.2
django-basicauth==0.5.2
-e ../../django-somoffice-app
# django-somoffice @ git+https://git.coopdevs.org/coopdevs/comunitats-energetiques/somoffice/django-somoffice-app.git@master
python-keycloak==0.18.0
datapunt_keycloak_oidc
\ No newline at end of file
0% Loading or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment