Dynamically enable modules based on config values
This commit is contained in:
		
							parent
							
								
									4063754e12
								
							
						
					
					
						commit
						04b5e04593
					
				
					 3 changed files with 75 additions and 68 deletions
				
			
		
							
								
								
									
										68
									
								
								README.md
									
										
									
									
									
								
							
							
						
						
									
										68
									
								
								README.md
									
										
									
									
									
								
							|  | @ -278,6 +278,10 @@ If your language is not supported, Realms will fall back to a simple text analyz | |||
| ### Local | ||||
| 
 | ||||
| Local default will be done using a backend database as defined in the config. | ||||
| To disable local authentication, put the following your config. | ||||
| 
 | ||||
|     "AUTH_LOCAL_ENABLE": false | ||||
| 
 | ||||
| 
 | ||||
| ### LDAP (beta) | ||||
| 
 | ||||
|  | @ -290,53 +294,47 @@ Use these examples as a guide and place it in your realms-wiki.json config. | |||
| 
 | ||||
| In this example, BIND_DN and BIND_AUTH are used to search and authenticate.  Leaving them blank implies anonymous authentication. | ||||
| 
 | ||||
| ``` | ||||
| "LDAP": { | ||||
|     "URI": "ldap://localhost:8389", | ||||
|     "BIND_DN": "", | ||||
|     "BIND_AUTH": "", | ||||
|     "USER_SEARCH": {"base": "dc=realms,dc=io", "filter": "uid=%(username)s"}, | ||||
|     "KEY_MAP": { | ||||
|         "username":"cn", | ||||
|         "email": "mail" | ||||
|     "LDAP": { | ||||
|         "URI": "ldap://localhost:8389", | ||||
|         "BIND_DN": "", | ||||
|         "BIND_AUTH": "", | ||||
|         "USER_SEARCH": {"base": "dc=realms,dc=io", "filter": "uid=%(username)s"}, | ||||
|         "KEY_MAP": { | ||||
|             "username":"cn", | ||||
|             "email": "mail" | ||||
|         } | ||||
|     } | ||||
| } | ||||
| ``` | ||||
| 
 | ||||
| #### Direct Bind Example | ||||
| 
 | ||||
| ``` | ||||
| "LDAP": { | ||||
|     "URI": "ldap://localhost:8389", | ||||
|     "BIND_DN": "uid=%(username)s,ou=People,dc=realms,dc=io", | ||||
|     "KEY_MAP": { | ||||
|         "username":"cn", | ||||
|         "email": "mail", | ||||
|     }, | ||||
|     "OPTIONS": { | ||||
|         "OPT_PROTOCOL_VERSION": 3, | ||||
|     "LDAP": { | ||||
|         "URI": "ldap://localhost:8389", | ||||
|         "BIND_DN": "uid=%(username)s,ou=People,dc=realms,dc=io", | ||||
|         "KEY_MAP": { | ||||
|             "username":"cn", | ||||
|             "email": "mail", | ||||
|         }, | ||||
|         "OPTIONS": { | ||||
|             "OPT_PROTOCOL_VERSION": 3, | ||||
|         } | ||||
|     } | ||||
| } | ||||
| ``` | ||||
| 
 | ||||
| 
 | ||||
| ### OAuth (beta) | ||||
| 
 | ||||
| Realms currently supports Github, Twitter, Facebook and Google.  Each provider requires a key and secret. | ||||
| Put them in your `realms-wiki.json` config file.  Use the example below. | ||||
| 
 | ||||
| ``` | ||||
| "OAUTH": { | ||||
|     "twitter": { | ||||
|         "key": "", | ||||
|         "secret": "" | ||||
|     }, | ||||
|     "github": { | ||||
|         "key": "", | ||||
|         "secret": "" | ||||
|     "OAUTH": { | ||||
|         "twitter": { | ||||
|             "key": "", | ||||
|             "secret": "" | ||||
|         }, | ||||
|         "github": { | ||||
|             "key": "", | ||||
|             "secret": "" | ||||
|         } | ||||
|     } | ||||
| } | ||||
| ``` | ||||
| 
 | ||||
| 
 | ||||
| ## Running | ||||
| 
 | ||||
|  |  | |||
|  | @ -83,37 +83,37 @@ DB_URI = 'sqlite:////tmp/wiki.db' | |||
| # DB_URI = 'oracle://scott:tiger@127.0.0.1:1521/sidname' | ||||
| # DB_URI = 'crate://' | ||||
| 
 | ||||
| LDAP = { | ||||
|     'URI': '', | ||||
| # LDAP = { | ||||
| #     'URI': '', | ||||
| # | ||||
| #     # This BIND_DN/BIND_PASSWORD default to '', this is shown here for demonstrative purposes | ||||
| #     # The values '' perform an anonymous bind so we may use search/bind method | ||||
| #     'BIND_DN': '', | ||||
| #     'BIND_AUTH': '', | ||||
| # | ||||
| #     # Adding the USER_SEARCH field tells the flask-ldap-login that we are using | ||||
| #     # the search/bind method | ||||
| #     'USER_SEARCH': {'base': 'dc=example,dc=com', 'filter': 'uid=%(username)s'}, | ||||
| # | ||||
| #     # Map ldap keys into application specific keys | ||||
| #     'KEY_MAP': { | ||||
| #         'name': 'cn', | ||||
| #         'company': 'o', | ||||
| #         'location': 'l', | ||||
| #         'email': 'mail', | ||||
| #     } | ||||
| # } | ||||
| 
 | ||||
|     # This BIND_DN/BIND_PASSWORD default to '', this is shown here for demonstrative purposes | ||||
|     # The values '' perform an anonymous bind so we may use search/bind method | ||||
|     'BIND_DN': '', | ||||
|     'BIND_AUTH': '', | ||||
| 
 | ||||
|     # Adding the USER_SEARCH field tells the flask-ldap-login that we are using | ||||
|     # the search/bind method | ||||
|     'USER_SEARCH': {'base': 'dc=example,dc=com', 'filter': 'uid=%(username)s'}, | ||||
| 
 | ||||
|     # Map ldap keys into application specific keys | ||||
|     'KEY_MAP': { | ||||
|         'name': 'cn', | ||||
|         'company': 'o', | ||||
|         'location': 'l', | ||||
|         'email': 'mail', | ||||
|     } | ||||
| } | ||||
| 
 | ||||
| OAUTH = { | ||||
|     'twitter': { | ||||
|         'key': '', | ||||
|         'secret': '' | ||||
|     }, | ||||
|     'github': { | ||||
|         'key': '', | ||||
|         'secret': '' | ||||
|     } | ||||
| } | ||||
| # OAUTH = { | ||||
| #     'twitter': { | ||||
| #         'key': '', | ||||
| #         'secret': '' | ||||
| #    }, | ||||
| #    'github': { | ||||
| #        'key': '', | ||||
| #        'secret': '' | ||||
| #    } | ||||
| # } | ||||
| 
 | ||||
| CACHE_TYPE = 'simple' | ||||
| 
 | ||||
|  | @ -153,6 +153,7 @@ WIKI_PATH = '/tmp/wiki' | |||
| # Name of page that will act as home | ||||
| WIKI_HOME = 'home' | ||||
| 
 | ||||
| AUTH_LOCAL_ENABLE = True | ||||
| ALLOW_ANON = True | ||||
| REGISTRATION_ENABLED = True | ||||
| PRIVATE_WIKI = False | ||||
|  | @ -193,4 +194,13 @@ if ENV != "DEV": | |||
|     ASSETS_DEBUG = False | ||||
|     SQLALCHEMY_ECHO = False | ||||
| 
 | ||||
| MODULES = ['wiki', 'search', 'auth', 'auth.local', 'auth.oauth', 'auth.ldap', 'auth.oauth'] | ||||
| MODULES = ['wiki', 'search', 'auth'] | ||||
| 
 | ||||
| if globals().get('AUTH_LOCAL_ENABLE'): | ||||
|     MODULES.append('auth.local') | ||||
| 
 | ||||
| if globals().get('OAUTH'): | ||||
|     MODULES.append('auth.oauth') | ||||
| 
 | ||||
| if globals().get('LDAP'): | ||||
|     MODULES.append('auth.ldap') | ||||
|  |  | |||
|  | @ -38,8 +38,7 @@ class User(BaseUser): | |||
| 
 | ||||
|     @staticmethod | ||||
|     def login_form(): | ||||
|         form = LDAPLoginForm() | ||||
|         return render_template('auth/ldap/login.html', form=form) | ||||
|         return render_template('auth/ldap/login.html', form=LDAPLoginForm()) | ||||
| 
 | ||||
|     @staticmethod | ||||
|     def auth(user, password): | ||||
|  |  | |||
		Loading…
	
	Add table
		Add a link
		
	
		Reference in a new issue