Skip to content
Snippets Groups Projects
Commit 182ad3e6 authored by Nico Vermaas's avatar Nico Vermaas
Browse files

add settings and incoming environment vars for astronauth

parent e6a927b0
No related branches found
No related tags found
1 merge request!276Astronauth integration
Pipeline #43716 failed
Stage: build
Stage: deploy_to_test
Stage: deploy_to_production
Hide whitespace changes
Inline Side-by-side
README.md
+ 21
0
View file @ 182ad3e6
...@@ -110,3 +110,24 @@ This is the procedure for that. ...@@ -110,3 +110,24 @@ This is the procedure for that.
#### Integrating Astronauth
See the integration instructions in the [astronauth repo](https://git.astron.nl/astron-sdc/astronauth)
After this the following considerations apply:
* Log into the Django admin interface
* Make sure the Sites contains an entry
In the Social Accounts section, click add on Social applications and use the following settings
Provider => Keycloak
Name => Keycloak (could be anything)
Client id => The Client ID configured in your Keycloak Realm.
Secret => The Secret key provided by the Keycloak Realm in the Credentials tab
Sites => Make sure the site is added, otherwise you will run into No providers available errors.
atdb/atdb/settings/base.py
+ 12
0
View file @ 182ad3e6
...@@ -215,6 +215,13 @@ SERVICES_LATE_WARNING_SECONDS = 1800 ...@@ -215,6 +215,13 @@ SERVICES_LATE_WARNING_SECONDS = 1800
# astronauth settings # astronauth settings
SITE_ID = 1 SITE_ID = 1
AUTHENTICATION_BACKENDS = [
# Needed to login by username in Django admin, regardless of `allauth`
"django.contrib.auth.backends.ModelBackend",
# `allauth` specific authentication methods, such as login by e-mail
"allauth.account.auth_backends.AuthenticationBackend",
]
SOCIALACCOUNT_PROVIDERS = { SOCIALACCOUNT_PROVIDERS = {
'keycloak': { 'keycloak': {
'KEYCLOAK_URL': 'https://sdc-dev.astron.nl/auth', # replace by https://keycloak.astron.nl/auth for production 'KEYCLOAK_URL': 'https://sdc-dev.astron.nl/auth', # replace by https://keycloak.astron.nl/auth for production
...@@ -223,5 +230,10 @@ SOCIALACCOUNT_PROVIDERS = { ...@@ -223,5 +230,10 @@ SOCIALACCOUNT_PROVIDERS = {
} }
} }
try:
LOGIN_REDIRECT_URL = os.environ['LOGIN_REDIRECT_URL']
except:
LOGIN_REDIRECT_URL = 'https://sdc-dev.astron.nl:5554/atdb/'
SESSION_COOKIE_NAME = 'my_service_name_session_id' SESSION_COOKIE_NAME = 'my_service_name_session_id'
CSRF_COOKIE_NAME = 'my_service_csrftoken' CSRF_COOKIE_NAME = 'my_service_csrftoken'
atdb/atdb/settings/dev.py
+ 1
0
View file @ 182ad3e6
...@@ -24,6 +24,7 @@ DATABASES = { ...@@ -24,6 +24,7 @@ DATABASES = {
AUTH_PASSWORD_VALIDATORS = [] AUTH_PASSWORD_VALIDATORS = []
# astronauth settings
SOCIALACCOUNT_PROVIDERS = { SOCIALACCOUNT_PROVIDERS = {
'keycloak': { 'keycloak': {
'KEYCLOAK_URL': 'https://sdc-dev.astron.nl/auth', # replace by https://keycloak.astron.nl/auth for production 'KEYCLOAK_URL': 'https://sdc-dev.astron.nl/auth', # replace by https://keycloak.astron.nl/auth for production
......
atdb/atdb/settings/docker_sdc.py
+ 1
0
View file @ 182ad3e6
...@@ -37,3 +37,4 @@ DATABASES = { ...@@ -37,3 +37,4 @@ DATABASES = {
AUTH_PASSWORD_VALIDATORS = [] AUTH_PASSWORD_VALIDATORS = []
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment