Dynamically enable modules based on config values
This commit is contained in:
parent
4063754e12
commit
04b5e04593
68
README.md
68
README.md
|
@ -278,6 +278,10 @@ If your language is not supported, Realms will fall back to a simple text analyz
|
||||||
### Local
|
### Local
|
||||||
|
|
||||||
Local default will be done using a backend database as defined in the config.
|
Local default will be done using a backend database as defined in the config.
|
||||||
|
To disable local authentication, put the following your config.
|
||||||
|
|
||||||
|
"AUTH_LOCAL_ENABLE": false
|
||||||
|
|
||||||
|
|
||||||
### LDAP (beta)
|
### LDAP (beta)
|
||||||
|
|
||||||
|
@ -290,53 +294,47 @@ Use these examples as a guide and place it in your realms-wiki.json config.
|
||||||
|
|
||||||
In this example, BIND_DN and BIND_AUTH are used to search and authenticate. Leaving them blank implies anonymous authentication.
|
In this example, BIND_DN and BIND_AUTH are used to search and authenticate. Leaving them blank implies anonymous authentication.
|
||||||
|
|
||||||
```
|
"LDAP": {
|
||||||
"LDAP": {
|
"URI": "ldap://localhost:8389",
|
||||||
"URI": "ldap://localhost:8389",
|
"BIND_DN": "",
|
||||||
"BIND_DN": "",
|
"BIND_AUTH": "",
|
||||||
"BIND_AUTH": "",
|
"USER_SEARCH": {"base": "dc=realms,dc=io", "filter": "uid=%(username)s"},
|
||||||
"USER_SEARCH": {"base": "dc=realms,dc=io", "filter": "uid=%(username)s"},
|
"KEY_MAP": {
|
||||||
"KEY_MAP": {
|
"username":"cn",
|
||||||
"username":"cn",
|
"email": "mail"
|
||||||
"email": "mail"
|
}
|
||||||
}
|
}
|
||||||
}
|
|
||||||
```
|
|
||||||
|
|
||||||
#### Direct Bind Example
|
#### Direct Bind Example
|
||||||
|
|
||||||
```
|
"LDAP": {
|
||||||
"LDAP": {
|
"URI": "ldap://localhost:8389",
|
||||||
"URI": "ldap://localhost:8389",
|
"BIND_DN": "uid=%(username)s,ou=People,dc=realms,dc=io",
|
||||||
"BIND_DN": "uid=%(username)s,ou=People,dc=realms,dc=io",
|
"KEY_MAP": {
|
||||||
"KEY_MAP": {
|
"username":"cn",
|
||||||
"username":"cn",
|
"email": "mail",
|
||||||
"email": "mail",
|
},
|
||||||
},
|
"OPTIONS": {
|
||||||
"OPTIONS": {
|
"OPT_PROTOCOL_VERSION": 3,
|
||||||
"OPT_PROTOCOL_VERSION": 3,
|
}
|
||||||
}
|
}
|
||||||
}
|
|
||||||
```
|
|
||||||
|
|
||||||
### OAuth (beta)
|
### OAuth (beta)
|
||||||
|
|
||||||
Realms currently supports Github, Twitter, Facebook and Google. Each provider requires a key and secret.
|
Realms currently supports Github, Twitter, Facebook and Google. Each provider requires a key and secret.
|
||||||
Put them in your `realms-wiki.json` config file. Use the example below.
|
Put them in your `realms-wiki.json` config file. Use the example below.
|
||||||
|
|
||||||
```
|
"OAUTH": {
|
||||||
"OAUTH": {
|
"twitter": {
|
||||||
"twitter": {
|
"key": "",
|
||||||
"key": "",
|
"secret": ""
|
||||||
"secret": ""
|
},
|
||||||
},
|
"github": {
|
||||||
"github": {
|
"key": "",
|
||||||
"key": "",
|
"secret": ""
|
||||||
"secret": ""
|
}
|
||||||
}
|
}
|
||||||
}
|
|
||||||
```
|
|
||||||
|
|
||||||
|
|
||||||
## Running
|
## Running
|
||||||
|
|
||||||
|
|
|
@ -83,37 +83,37 @@ DB_URI = 'sqlite:////tmp/wiki.db'
|
||||||
# DB_URI = 'oracle://scott:tiger@127.0.0.1:1521/sidname'
|
# DB_URI = 'oracle://scott:tiger@127.0.0.1:1521/sidname'
|
||||||
# DB_URI = 'crate://'
|
# DB_URI = 'crate://'
|
||||||
|
|
||||||
LDAP = {
|
# LDAP = {
|
||||||
'URI': '',
|
# 'URI': '',
|
||||||
|
#
|
||||||
|
# # This BIND_DN/BIND_PASSWORD default to '', this is shown here for demonstrative purposes
|
||||||
|
# # The values '' perform an anonymous bind so we may use search/bind method
|
||||||
|
# 'BIND_DN': '',
|
||||||
|
# 'BIND_AUTH': '',
|
||||||
|
#
|
||||||
|
# # Adding the USER_SEARCH field tells the flask-ldap-login that we are using
|
||||||
|
# # the search/bind method
|
||||||
|
# 'USER_SEARCH': {'base': 'dc=example,dc=com', 'filter': 'uid=%(username)s'},
|
||||||
|
#
|
||||||
|
# # Map ldap keys into application specific keys
|
||||||
|
# 'KEY_MAP': {
|
||||||
|
# 'name': 'cn',
|
||||||
|
# 'company': 'o',
|
||||||
|
# 'location': 'l',
|
||||||
|
# 'email': 'mail',
|
||||||
|
# }
|
||||||
|
# }
|
||||||
|
|
||||||
# This BIND_DN/BIND_PASSWORD default to '', this is shown here for demonstrative purposes
|
# OAUTH = {
|
||||||
# The values '' perform an anonymous bind so we may use search/bind method
|
# 'twitter': {
|
||||||
'BIND_DN': '',
|
# 'key': '',
|
||||||
'BIND_AUTH': '',
|
# 'secret': ''
|
||||||
|
# },
|
||||||
# Adding the USER_SEARCH field tells the flask-ldap-login that we are using
|
# 'github': {
|
||||||
# the search/bind method
|
# 'key': '',
|
||||||
'USER_SEARCH': {'base': 'dc=example,dc=com', 'filter': 'uid=%(username)s'},
|
# 'secret': ''
|
||||||
|
# }
|
||||||
# Map ldap keys into application specific keys
|
# }
|
||||||
'KEY_MAP': {
|
|
||||||
'name': 'cn',
|
|
||||||
'company': 'o',
|
|
||||||
'location': 'l',
|
|
||||||
'email': 'mail',
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
OAUTH = {
|
|
||||||
'twitter': {
|
|
||||||
'key': '',
|
|
||||||
'secret': ''
|
|
||||||
},
|
|
||||||
'github': {
|
|
||||||
'key': '',
|
|
||||||
'secret': ''
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
CACHE_TYPE = 'simple'
|
CACHE_TYPE = 'simple'
|
||||||
|
|
||||||
|
@ -153,6 +153,7 @@ WIKI_PATH = '/tmp/wiki'
|
||||||
# Name of page that will act as home
|
# Name of page that will act as home
|
||||||
WIKI_HOME = 'home'
|
WIKI_HOME = 'home'
|
||||||
|
|
||||||
|
AUTH_LOCAL_ENABLE = True
|
||||||
ALLOW_ANON = True
|
ALLOW_ANON = True
|
||||||
REGISTRATION_ENABLED = True
|
REGISTRATION_ENABLED = True
|
||||||
PRIVATE_WIKI = False
|
PRIVATE_WIKI = False
|
||||||
|
@ -193,4 +194,13 @@ if ENV != "DEV":
|
||||||
ASSETS_DEBUG = False
|
ASSETS_DEBUG = False
|
||||||
SQLALCHEMY_ECHO = False
|
SQLALCHEMY_ECHO = False
|
||||||
|
|
||||||
MODULES = ['wiki', 'search', 'auth', 'auth.local', 'auth.oauth', 'auth.ldap', 'auth.oauth']
|
MODULES = ['wiki', 'search', 'auth']
|
||||||
|
|
||||||
|
if globals().get('AUTH_LOCAL_ENABLE'):
|
||||||
|
MODULES.append('auth.local')
|
||||||
|
|
||||||
|
if globals().get('OAUTH'):
|
||||||
|
MODULES.append('auth.oauth')
|
||||||
|
|
||||||
|
if globals().get('LDAP'):
|
||||||
|
MODULES.append('auth.ldap')
|
||||||
|
|
|
@ -38,8 +38,7 @@ class User(BaseUser):
|
||||||
|
|
||||||
@staticmethod
|
@staticmethod
|
||||||
def login_form():
|
def login_form():
|
||||||
form = LDAPLoginForm()
|
return render_template('auth/ldap/login.html', form=LDAPLoginForm())
|
||||||
return render_template('auth/ldap/login.html', form=form)
|
|
||||||
|
|
||||||
@staticmethod
|
@staticmethod
|
||||||
def auth(user, password):
|
def auth(user, password):
|
||||||
|
|
Loading…
Reference in a new issue