Dynamically enable modules based on config values

This commit is contained in:
Matthew Scragg 2015-11-22 17:12:26 -06:00
parent 4063754e12
commit 04b5e04593
3 changed files with 75 additions and 68 deletions

View file

@ -278,6 +278,10 @@ If your language is not supported, Realms will fall back to a simple text analyz
### Local ### Local
Local default will be done using a backend database as defined in the config. Local default will be done using a backend database as defined in the config.
To disable local authentication, put the following your config.
"AUTH_LOCAL_ENABLE": false
### LDAP (beta) ### LDAP (beta)
@ -290,53 +294,47 @@ Use these examples as a guide and place it in your realms-wiki.json config.
In this example, BIND_DN and BIND_AUTH are used to search and authenticate. Leaving them blank implies anonymous authentication. In this example, BIND_DN and BIND_AUTH are used to search and authenticate. Leaving them blank implies anonymous authentication.
``` "LDAP": {
"LDAP": { "URI": "ldap://localhost:8389",
"URI": "ldap://localhost:8389", "BIND_DN": "",
"BIND_DN": "", "BIND_AUTH": "",
"BIND_AUTH": "", "USER_SEARCH": {"base": "dc=realms,dc=io", "filter": "uid=%(username)s"},
"USER_SEARCH": {"base": "dc=realms,dc=io", "filter": "uid=%(username)s"}, "KEY_MAP": {
"KEY_MAP": { "username":"cn",
"username":"cn", "email": "mail"
"email": "mail" }
} }
}
```
#### Direct Bind Example #### Direct Bind Example
``` "LDAP": {
"LDAP": { "URI": "ldap://localhost:8389",
"URI": "ldap://localhost:8389", "BIND_DN": "uid=%(username)s,ou=People,dc=realms,dc=io",
"BIND_DN": "uid=%(username)s,ou=People,dc=realms,dc=io", "KEY_MAP": {
"KEY_MAP": { "username":"cn",
"username":"cn", "email": "mail",
"email": "mail", },
}, "OPTIONS": {
"OPTIONS": { "OPT_PROTOCOL_VERSION": 3,
"OPT_PROTOCOL_VERSION": 3, }
} }
}
```
### OAuth (beta) ### OAuth (beta)
Realms currently supports Github, Twitter, Facebook and Google. Each provider requires a key and secret. Realms currently supports Github, Twitter, Facebook and Google. Each provider requires a key and secret.
Put them in your `realms-wiki.json` config file. Use the example below. Put them in your `realms-wiki.json` config file. Use the example below.
``` "OAUTH": {
"OAUTH": { "twitter": {
"twitter": { "key": "",
"key": "", "secret": ""
"secret": "" },
}, "github": {
"github": { "key": "",
"key": "", "secret": ""
"secret": "" }
} }
}
```
## Running ## Running

View file

@ -83,37 +83,37 @@ DB_URI = 'sqlite:////tmp/wiki.db'
# DB_URI = 'oracle://scott:tiger@127.0.0.1:1521/sidname' # DB_URI = 'oracle://scott:tiger@127.0.0.1:1521/sidname'
# DB_URI = 'crate://' # DB_URI = 'crate://'
LDAP = { # LDAP = {
'URI': '', # 'URI': '',
#
# # This BIND_DN/BIND_PASSWORD default to '', this is shown here for demonstrative purposes
# # The values '' perform an anonymous bind so we may use search/bind method
# 'BIND_DN': '',
# 'BIND_AUTH': '',
#
# # Adding the USER_SEARCH field tells the flask-ldap-login that we are using
# # the search/bind method
# 'USER_SEARCH': {'base': 'dc=example,dc=com', 'filter': 'uid=%(username)s'},
#
# # Map ldap keys into application specific keys
# 'KEY_MAP': {
# 'name': 'cn',
# 'company': 'o',
# 'location': 'l',
# 'email': 'mail',
# }
# }
# This BIND_DN/BIND_PASSWORD default to '', this is shown here for demonstrative purposes # OAUTH = {
# The values '' perform an anonymous bind so we may use search/bind method # 'twitter': {
'BIND_DN': '', # 'key': '',
'BIND_AUTH': '', # 'secret': ''
# },
# Adding the USER_SEARCH field tells the flask-ldap-login that we are using # 'github': {
# the search/bind method # 'key': '',
'USER_SEARCH': {'base': 'dc=example,dc=com', 'filter': 'uid=%(username)s'}, # 'secret': ''
# }
# Map ldap keys into application specific keys # }
'KEY_MAP': {
'name': 'cn',
'company': 'o',
'location': 'l',
'email': 'mail',
}
}
OAUTH = {
'twitter': {
'key': '',
'secret': ''
},
'github': {
'key': '',
'secret': ''
}
}
CACHE_TYPE = 'simple' CACHE_TYPE = 'simple'
@ -153,6 +153,7 @@ WIKI_PATH = '/tmp/wiki'
# Name of page that will act as home # Name of page that will act as home
WIKI_HOME = 'home' WIKI_HOME = 'home'
AUTH_LOCAL_ENABLE = True
ALLOW_ANON = True ALLOW_ANON = True
REGISTRATION_ENABLED = True REGISTRATION_ENABLED = True
PRIVATE_WIKI = False PRIVATE_WIKI = False
@ -193,4 +194,13 @@ if ENV != "DEV":
ASSETS_DEBUG = False ASSETS_DEBUG = False
SQLALCHEMY_ECHO = False SQLALCHEMY_ECHO = False
MODULES = ['wiki', 'search', 'auth', 'auth.local', 'auth.oauth', 'auth.ldap', 'auth.oauth'] MODULES = ['wiki', 'search', 'auth']
if globals().get('AUTH_LOCAL_ENABLE'):
MODULES.append('auth.local')
if globals().get('OAUTH'):
MODULES.append('auth.oauth')
if globals().get('LDAP'):
MODULES.append('auth.ldap')

View file

@ -38,8 +38,7 @@ class User(BaseUser):
@staticmethod @staticmethod
def login_form(): def login_form():
form = LDAPLoginForm() return render_template('auth/ldap/login.html', form=LDAPLoginForm())
return render_template('auth/ldap/login.html', form=form)
@staticmethod @staticmethod
def auth(user, password): def auth(user, password):