add settings and login link, update backend to oidc (#1367)

bihealth · Apr 17, 2024 · 4db65fd · 4db65fd
1 parent d39881c
commit 4db65fd
Show file tree

Hide file tree

Showing 5 changed files with 39 additions and 7 deletions.
diff --git a/config/settings/base.py b/config/settings/base.py
@@ -431,13 +431,13 @@
 # OpenID configuration
 # ------------------------------------------------------------------------------
 
-ENABLE_OPENID = env.bool('ENABLE_OPENID', False)
+ENABLE_OPENIDC = env.bool('ENABLE_OPENIDC', False)
 
-if ENABLE_OPENID:
+if ENABLE_OPENIDC:
     INSTALLED_APPS.append('social_django')
     AUTHENTICATION_BACKENDS = tuple(
         itertools.chain(
-            ('social_core.backends.open_id.OpenIdAuth',),
+            ('social_core.backends.open_id_connect.OpenIdConnectAuth',),
             AUTHENTICATION_BACKENDS,
         )
     )
@@ -446,7 +446,21 @@
         'social_django.context_processors.login_redirect',
     ]
     SOCIAL_AUTH_JSONFIELD_ENABLED = True
-    # TODO: OpenID settings here
+    SOCIAL_AUTH_JSONFIELD_CUSTOM = 'django.db.models.JSONField'
+    SOCIAL_AUTH_USER_MODEL = AUTH_USER_MODEL
+    SOCIAL_AUTH_ADMIN_USER_SEARCH_FIELDS = [
+        'username',
+        'name',
+        'first_name',
+        'last_name',
+        'email',
+    ]
+    SOCIAL_AUTH_OIDC_OIDC_ENDPOINT = env.str(
+        'SOCIAL_AUTH_OIDC_OIDC_ENDPOINT', None
+    )
+    SOCIAL_AUTH_OIDC_KEY = env.str('SOCIAL_AUTH_OIDC_KEY', 'CHANGEME')
+    SOCIAL_AUTH_OIDC_SECRET = env.str('SOCIAL_AUTH_OIDC_KEY', 'CHANGEME')
+
 
 # Logging
 # ------------------------------------------------------------------------------

diff --git a/config/urls.py b/config/urls.py
@@ -55,7 +55,7 @@
     path('examples/site/', include('example_site_app.urls')),
 ] + static(settings.MEDIA_URL, document_root=settings.MEDIA_ROOT)
 
-if settings.ENABLE_OPENID:
+if settings.ENABLE_OPENIDC:
     urlpatterns.append(path('social/', include('social_django.urls')))
 
 if settings.DEBUG:

diff --git a/example_site/templates/include/_login_extend.html b/example_site/templates/include/_login_extend.html
@@ -1,5 +1,5 @@
 {# Place extended login view content into this template #}
-<div class="col-md-4 mx-auto mt-5">
+<div class="col-md-4 mx-auto mt-4">
   <div class="alert alert-info">
     Extended login view content goes here. Add the template
     <code>include/_login_extend.html</code> to define extended content on your

diff --git a/example_site/templates/include/_login_openidc.html b/example_site/templates/include/_login_openidc.html
@@ -0,0 +1,9 @@
+{# Place custom OpenIDC login link and/or info into this template #}
+
+<div class="col-md-4 mx-auto mt-4">
+  <a role="button" class="btn btn-md btn-info btn-block"
+     id="sodar-login-openid-submit"
+     href="{% url 'social:begin' 'oidc' %}">
+    <i class="iconify" data-icon="mdi:login-variant"></i> OpenIDC Login
+  </a>
+</div>
diff --git a/projectroles/templates/projectroles/login.html b/projectroles/templates/projectroles/login.html
@@ -48,8 +48,17 @@ <h2 class="sodar-pr-content-title">Login</h2>
     </form>
   </div>
 
-  {# Optional template for additional login page HTML #}
+  {# Path for template includes #}
   {% get_django_setting 'PROJECTROLES_TEMPLATE_INCLUDE_PATH' as template_include_path %}
+
+  {# OpenIDC auth #}
+  {% get_django_setting 'ENABLE_OPENIDC' as enable_openidc %}
+  {% template_exists template_include_path|add:'/_login_openidc.html' as tpl_openidc %}
+  {% if enable_openidc and tpl_openidc %}
+    {% include template_include_path|add:'/_login_openidc.html' %}
+  {% endif %}
+
+  {# Optional template for additional login page HTML #}
   {% template_exists template_include_path|add:'/_login_extend.html' as login_extend %}
   {% if login_extend %}
     {% include template_include_path|add:'/_login_extend.html' %}