Skip to content
GitLab

Authentification via django-allauth

Open Aurélien Delobelle requested to merge aureplop/install-authens into master

Important : Avant d'appliquer les nouvelles migrations à une BDD déjà existante, il faut s'assurer de l'unicité des CofProfile.login_clipper, et éventuellement fusionner les comptes problématiques.

Todos

  • Utiliser l'adapter LongTermClipper de authens.

Remarques

Déploiement

  • manage.py ... pour adapter la db

Description

Modes de connexion disponibles

  • En utilisant le mot de passe d'un User.
  • Par clipper (https://cas.eleves.ens.fr). Un compte est créé automatiquement si l'identifiant n'est pas déjà associé à un utilisateur, l'id est alors utilisé comme username (ou un dérivé s'il est déjà utilisé), <clipper_id>@clipper.ens.fr est utilisé comme email.

Refer to allauth doc for an accurate features list: http://django-allauth.readthedocs.io/en/latest/

  • Users can now change their password, ask for a password reset, or set one if they don't have one. Fixes #177 (closed).
  • In particular, it allows users whose account has been created via a clipper authentication to configure a password before losing their clipper. Even if they have already lost it, they are able to get one using the "Reset password" functionality.
  • Allauth multiple emails management is deactivated. Requests to the related url redirect to the home page.
  • All the login and logout views are replaced by the allauth' ones. It also concerns the Django and Wagtail admin sites.
  • Note that users are no longer logged out of the clipper CAS server when they authenticated via this server. Instead a message suggests the user to disconnect.

Clipper connections and login_clipper

  • Non-empty login_clipper are now unique among CofProfile instances.
  • They are created once for users with a non-empty 'login_clipper' (with the data migration 0014_create_clipper_connections).
  • The login_clipper of CofProfile instances are sync with their clipper connections:
    • CofProfile.sync_clipper_connections method updates the connections based on login_clipper.
    • Signals receivers sync_clipper… update login_clipper based on connections creations/updates/deletions.

Misc

  • Add NullCharField (model field) which allows to use unique=True on CharField (even with empty strings).
  • Parts of kfet mixins for TestCase are now in shared.tests.testcase, as they are used elsewhere than in the kfet app.
  • La vue de connexion de l'utilisateur générique K-Fêt déconnecte l'utilisateur sans passer par une redirection vers la vue de déconnexion.
  • Les utilisateurs non-COF peuvent modifier les informations de leur compte. Fixes #178 (closed).
Edited by Aurélien Delobelle