• Kostas Papadimitriou's avatar
    Authentication providers improvements · 518bbefd
    Kostas Papadimitriou authored
    Major authentication provider refactoring to support
    
    - Modular and easily configurable messages with common context
    - Fine grained provider policies to support appling specific policies to
      users and/or groups
    
    Key points:
    
    - Use auth_providers.AuthProvider instances where auth provider logic is
      needed. Instances get properly initialized with the available context
      (with no user/signup view, with user/login view, with user and
      identifier/profile view).
    
    - All authentication provider messages are now accessed using the
      get_*_msg AuthProvider attributes.
    
    - Provider policies logic is handled from  get_*_policy attributes.
    
    - All provider messages may be overridden globally or per provider level from
      settings::
    
      # global change
      ASTAKOS_AUTH_PROVIDER_NOT_ACTIVE = 'Provider not active'
    
      # change only applies to shibboleth provider
      ASTAKOS_AUTH_PROVIDER_SHIBBOLETH_NOT_ACTIVE = 'Shibboleth is not  active'
    
    - Provider policies may be overridden in settings::
    
      # ALL users wont be able to add shibboleth login method from their
      # profile
      AUTH_PROVIDER_SHIBBOLETH_ADD_POLICY = False
    
    - New provider policies profile model added. Profiles can be assigned to
      a group or/and a specific user.
    
    - All tests updated to match the auth providers changes.
    
    - New management commands included
    
      * user-auth-policy-{add, list, remove, set, show}
        Manage authentication provider policy profiles.
    
      * user-group-{add, list}
        User group management commands
    
    - Updated user-list to optionally display auth provider information
    518bbefd
settings.py 15.6 KB