Dynamically enable modules based on config values

2015-11-22 17:12:26 -06:00 · 2015-11-22 17:12:26 -06:00 · 04b5e04593
--- a/README.md
+++ b/README.md
@ -278,6 +278,10 @@ If your language is not supported, Realms will fall back to a simple text analyz
 ### Local

 Local default will be done using a backend database as defined in the config.
+To disable local authentication, put the following your config.
+
+    "AUTH_LOCAL_ENABLE": false
+

 ### LDAP (beta)

@ -290,53 +294,47 @@ Use these examples as a guide and place it in your realms-wiki.json config.

 In this example, BIND_DN and BIND_AUTH are used to search and authenticate.  Leaving them blank implies anonymous authentication.

-```
-"LDAP": {
-    "URI": "ldap://localhost:8389",
-    "BIND_DN": "",
-    "BIND_AUTH": "",
-    "USER_SEARCH": {"base": "dc=realms,dc=io", "filter": "uid=%(username)s"},
-    "KEY_MAP": {
-        "username":"cn",
-        "email": "mail"
+    "LDAP": {
+        "URI": "ldap://localhost:8389",
+        "BIND_DN": "",
+        "BIND_AUTH": "",
+        "USER_SEARCH": {"base": "dc=realms,dc=io", "filter": "uid=%(username)s"},
+        "KEY_MAP": {
+            "username":"cn",
+            "email": "mail"
+        }
    }
-}
-```

 #### Direct Bind Example

-```
-"LDAP": {
-    "URI": "ldap://localhost:8389",
-    "BIND_DN": "uid=%(username)s,ou=People,dc=realms,dc=io",
-    "KEY_MAP": {
-        "username":"cn",
-        "email": "mail",
-    },
-    "OPTIONS": {
-        "OPT_PROTOCOL_VERSION": 3,
+    "LDAP": {
+        "URI": "ldap://localhost:8389",
+        "BIND_DN": "uid=%(username)s,ou=People,dc=realms,dc=io",
+        "KEY_MAP": {
+            "username":"cn",
+            "email": "mail",
+        },
+        "OPTIONS": {
+            "OPT_PROTOCOL_VERSION": 3,
+        }
    }
-}
-```
+

 ### OAuth (beta)

 Realms currently supports Github, Twitter, Facebook and Google.  Each provider requires a key and secret.
 Put them in your `realms-wiki.json` config file.  Use the example below.

-```
-"OAUTH": {
-    "twitter": {
-        "key": "",
-        "secret": ""
-    },
-    "github": {
-        "key": "",
-        "secret": ""
+    "OAUTH": {
+        "twitter": {
+            "key": "",
+            "secret": ""
+        },
+        "github": {
+            "key": "",
+            "secret": ""
+        }
    }
-}
-```
-

 ## Running

--- a/realms/config/init.py
+++ b/realms/config/init.py
@ -83,37 +83,37 @@ DB_URI = 'sqlite:////tmp/wiki.db'
 # DB_URI = 'oracle://scott:tiger@127.0.0.1:1521/sidname'
 # DB_URI = 'crate://'

-LDAP = {
-    'URI': '',
+# LDAP = {
+#     'URI': '',
+#
+#     # This BIND_DN/BIND_PASSWORD default to '', this is shown here for demonstrative purposes
+#     # The values '' perform an anonymous bind so we may use search/bind method
+#     'BIND_DN': '',
+#     'BIND_AUTH': '',
+#
+#     # Adding the USER_SEARCH field tells the flask-ldap-login that we are using
+#     # the search/bind method
+#     'USER_SEARCH': {'base': 'dc=example,dc=com', 'filter': 'uid=%(username)s'},
+#
+#     # Map ldap keys into application specific keys
+#     'KEY_MAP': {
+#         'name': 'cn',
+#         'company': 'o',
+#         'location': 'l',
+#         'email': 'mail',
+#     }
+# }

-    # This BIND_DN/BIND_PASSWORD default to '', this is shown here for demonstrative purposes
-    # The values '' perform an anonymous bind so we may use search/bind method
-    'BIND_DN': '',
-    'BIND_AUTH': '',
-
-    # Adding the USER_SEARCH field tells the flask-ldap-login that we are using
-    # the search/bind method
-    'USER_SEARCH': {'base': 'dc=example,dc=com', 'filter': 'uid=%(username)s'},
-
-    # Map ldap keys into application specific keys
-    'KEY_MAP': {
-        'name': 'cn',
-        'company': 'o',
-        'location': 'l',
-        'email': 'mail',
-    }
-}
-
-OAUTH = {
-    'twitter': {
-        'key': '',
-        'secret': ''
-    },
-    'github': {
-        'key': '',
-        'secret': ''
-    }
-}
+# OAUTH = {
+#     'twitter': {
+#         'key': '',
+#         'secret': ''
+#    },
+#    'github': {
+#        'key': '',
+#        'secret': ''
+#    }
+# }

 CACHE_TYPE = 'simple'

@ -153,6 +153,7 @@ WIKI_PATH = '/tmp/wiki'
 # Name of page that will act as home
 WIKI_HOME = 'home'

+AUTH_LOCAL_ENABLE = True
 ALLOW_ANON = True
 REGISTRATION_ENABLED = True
 PRIVATE_WIKI = False
@ -193,4 +194,13 @@ if ENV != "DEV":
    ASSETS_DEBUG = False
    SQLALCHEMY_ECHO = False

-MODULES = ['wiki', 'search', 'auth', 'auth.local', 'auth.oauth', 'auth.ldap', 'auth.oauth']
+MODULES = ['wiki', 'search', 'auth']
+
+if globals().get('AUTH_LOCAL_ENABLE'):
+    MODULES.append('auth.local')
+
+if globals().get('OAUTH'):
+    MODULES.append('auth.oauth')
+
+if globals().get('LDAP'):
+    MODULES.append('auth.ldap')
--- a/realms/modules/auth/ldap/models.py
+++ b/realms/modules/auth/ldap/models.py
@ -38,8 +38,7 @@ class User(BaseUser):

    @staticmethod
    def login_form():
-        form = LDAPLoginForm()
-        return render_template('auth/ldap/login.html', form=form)
+        return render_template('auth/ldap/login.html', form=LDAPLoginForm())

    @staticmethod
    def auth(user, password):