Dynamically enable modules based on config values

This commit is contained in:
Matthew Scragg 2015-11-22 17:12:26 -06:00
parent 4063754e12
commit 04b5e04593
3 changed files with 75 additions and 68 deletions

View file

@ -278,6 +278,10 @@ If your language is not supported, Realms will fall back to a simple text analyz
### Local
Local default will be done using a backend database as defined in the config.
To disable local authentication, put the following your config.
"AUTH_LOCAL_ENABLE": false
### LDAP (beta)
@ -290,53 +294,47 @@ Use these examples as a guide and place it in your realms-wiki.json config.
In this example, BIND_DN and BIND_AUTH are used to search and authenticate. Leaving them blank implies anonymous authentication.
```
"LDAP": {
"URI": "ldap://localhost:8389",
"BIND_DN": "",
"BIND_AUTH": "",
"USER_SEARCH": {"base": "dc=realms,dc=io", "filter": "uid=%(username)s"},
"KEY_MAP": {
"username":"cn",
"email": "mail"
"LDAP": {
"URI": "ldap://localhost:8389",
"BIND_DN": "",
"BIND_AUTH": "",
"USER_SEARCH": {"base": "dc=realms,dc=io", "filter": "uid=%(username)s"},
"KEY_MAP": {
"username":"cn",
"email": "mail"
}
}
}
```
#### Direct Bind Example
```
"LDAP": {
"URI": "ldap://localhost:8389",
"BIND_DN": "uid=%(username)s,ou=People,dc=realms,dc=io",
"KEY_MAP": {
"username":"cn",
"email": "mail",
},
"OPTIONS": {
"OPT_PROTOCOL_VERSION": 3,
"LDAP": {
"URI": "ldap://localhost:8389",
"BIND_DN": "uid=%(username)s,ou=People,dc=realms,dc=io",
"KEY_MAP": {
"username":"cn",
"email": "mail",
},
"OPTIONS": {
"OPT_PROTOCOL_VERSION": 3,
}
}
}
```
### OAuth (beta)
Realms currently supports Github, Twitter, Facebook and Google. Each provider requires a key and secret.
Put them in your `realms-wiki.json` config file. Use the example below.
```
"OAUTH": {
"twitter": {
"key": "",
"secret": ""
},
"github": {
"key": "",
"secret": ""
"OAUTH": {
"twitter": {
"key": "",
"secret": ""
},
"github": {
"key": "",
"secret": ""
}
}
}
```
## Running

View file

@ -83,37 +83,37 @@ DB_URI = 'sqlite:////tmp/wiki.db'
# DB_URI = 'oracle://scott:tiger@127.0.0.1:1521/sidname'
# DB_URI = 'crate://'
LDAP = {
'URI': '',
# LDAP = {
# 'URI': '',
#
# # This BIND_DN/BIND_PASSWORD default to '', this is shown here for demonstrative purposes
# # The values '' perform an anonymous bind so we may use search/bind method
# 'BIND_DN': '',
# 'BIND_AUTH': '',
#
# # Adding the USER_SEARCH field tells the flask-ldap-login that we are using
# # the search/bind method
# 'USER_SEARCH': {'base': 'dc=example,dc=com', 'filter': 'uid=%(username)s'},
#
# # Map ldap keys into application specific keys
# 'KEY_MAP': {
# 'name': 'cn',
# 'company': 'o',
# 'location': 'l',
# 'email': 'mail',
# }
# }
# This BIND_DN/BIND_PASSWORD default to '', this is shown here for demonstrative purposes
# The values '' perform an anonymous bind so we may use search/bind method
'BIND_DN': '',
'BIND_AUTH': '',
# Adding the USER_SEARCH field tells the flask-ldap-login that we are using
# the search/bind method
'USER_SEARCH': {'base': 'dc=example,dc=com', 'filter': 'uid=%(username)s'},
# Map ldap keys into application specific keys
'KEY_MAP': {
'name': 'cn',
'company': 'o',
'location': 'l',
'email': 'mail',
}
}
OAUTH = {
'twitter': {
'key': '',
'secret': ''
},
'github': {
'key': '',
'secret': ''
}
}
# OAUTH = {
# 'twitter': {
# 'key': '',
# 'secret': ''
# },
# 'github': {
# 'key': '',
# 'secret': ''
# }
# }
CACHE_TYPE = 'simple'
@ -153,6 +153,7 @@ WIKI_PATH = '/tmp/wiki'
# Name of page that will act as home
WIKI_HOME = 'home'
AUTH_LOCAL_ENABLE = True
ALLOW_ANON = True
REGISTRATION_ENABLED = True
PRIVATE_WIKI = False
@ -193,4 +194,13 @@ if ENV != "DEV":
ASSETS_DEBUG = False
SQLALCHEMY_ECHO = False
MODULES = ['wiki', 'search', 'auth', 'auth.local', 'auth.oauth', 'auth.ldap', 'auth.oauth']
MODULES = ['wiki', 'search', 'auth']
if globals().get('AUTH_LOCAL_ENABLE'):
MODULES.append('auth.local')
if globals().get('OAUTH'):
MODULES.append('auth.oauth')
if globals().get('LDAP'):
MODULES.append('auth.ldap')

View file

@ -38,8 +38,7 @@ class User(BaseUser):
@staticmethod
def login_form():
form = LDAPLoginForm()
return render_template('auth/ldap/login.html', form=form)
return render_template('auth/ldap/login.html', form=LDAPLoginForm())
@staticmethod
def auth(user, password):