mirror/archivebox
1
0
Fork 0
mirror of https://github.com/pirate/ArchiveBox.git synced 2025-08-13 18:14:24 +02:00
Code Issues Releases Wiki Activity

move ldap_auth setup into LDAP plugin

Browse Source
This commit is contained in:
Nick Sweeting
2024-10-14 17:36:45 -07:00
parent 86380a1ef2
commit 8cff6ddfc6
3 changed files with 24 additions and 21 deletions
Download Patch File Download Diff File Expand all files Collapse all files

12
archivebox/core/auth.py
View File

@@ -1,12 +0,0 @@
__package__ = 'archivebox.core'
from archivebox.plugins_auth.ldap.apps import LDAP_CONFIG
def register_signals():
if LDAP_CONFIG.LDAP_ENABLED:
import django_auth_ldap.backend
from .auth_ldap import create_user
django_auth_ldap.backend.populate_user.connect(create_user)

8
archivebox/core/auth_ldap.py
View File

@@ -1,8 +0,0 @@
from archivebox.plugins_auth.ldap.apps import LDAP_CONFIG
def create_user(sender, user=None, ldap_user=None, **kwargs):
if not user.id and LDAP_CONFIG.LDAP_CREATE_SUPERUSER:
user.is_superuser = True
user.is_staff = True
print(f'[!] WARNING: Creating new user {user} based on LDAP user {ldap_user} (is_staff={user.is_staff}, is_superuser={user.is_superuser})')

25
archivebox/plugins_auth/ldap/apps.py
View File

@@ -9,6 +9,8 @@ from pydantic import InstanceOf
from pydantic_pkgr import BinaryOverrides, SemVer from pydantic_pkgr import BinaryOverrides, SemVer
import abx
from abx.archivebox.base_plugin import BasePlugin from abx.archivebox.base_plugin import BasePlugin
from abx.archivebox.base_hook import BaseHook from abx.archivebox.base_hook import BaseHook
from abx.archivebox.base_binary import BaseBinary, BaseBinProvider, apt from abx.archivebox.base_binary import BaseBinary, BaseBinProvider, apt
@@ -69,6 +71,19 @@ class LdapBinary(BaseBinary):
LDAP_BINARY = LdapBinary() LDAP_BINARY = LdapBinary()
def create_superuser_from_ldap_user(sender, user=None, ldap_user=None, **kwargs):
if user is None:
# not authenticated at all
return
if not user.id and LDAP_CONFIG.LDAP_CREATE_SUPERUSER:
# authenticated via LDAP, but user is not set up in DB yet
user.is_superuser = True
user.is_staff = True
print(f'[!] WARNING: Creating new user {user} based on LDAP user {ldap_user} (is_staff={user.is_staff}, is_superuser={user.is_superuser})')
class LdapAuthPlugin(BasePlugin): class LdapAuthPlugin(BasePlugin):
app_label: str = 'ldap' app_label: str = 'ldap'
verbose_name: str = 'LDAP Authentication' verbose_name: str = 'LDAP Authentication'
@@ -77,7 +92,15 @@ class LdapAuthPlugin(BasePlugin):
LDAP_CONFIG, LDAP_CONFIG,
*([LDAP_BINARY] if LDAP_CONFIG.LDAP_ENABLED else []), *([LDAP_BINARY] if LDAP_CONFIG.LDAP_ENABLED else []),
] ]
@abx.hookimpl
def ready(self):
super().ready()
if LDAP_CONFIG.LDAP_ENABLED:
import django_auth_ldap.backend
django_auth_ldap.backend.populate_user.connect(create_superuser_from_ldap_user)
PLUGIN = LdapAuthPlugin() PLUGIN = LdapAuthPlugin()
DJANGO_APP = PLUGIN.AppConfig DJANGO_APP = PLUGIN.AppConfig