add ldap support + tutorial example

2020-02-20 18:58:07 +01:00 · 2020-02-20 18:58:07 +01:00 · 9fd445e947
parent 254429db55
commit 9fd445e947
4 changed files with 75 additions and 2 deletions
--- a/nicohack202002/uncloud/api/serializers.py
+++ b/nicohack202002/uncloud/api/serializers.py
@ -0,0 +1,14 @@
+from django.contrib.auth.models import User, Group
+from rest_framework import serializers
+
+
+class UserSerializer(serializers.HyperlinkedModelSerializer):
+    class Meta:
+        model = User
+        fields = ['url', 'username', 'email', 'groups']
+
+
+class GroupSerializer(serializers.HyperlinkedModelSerializer):
+    class Meta:
+        model = Group
+        fields = ['url', 'name']
--- a/nicohack202002/uncloud/api/views.py
+++ b/nicohack202002/uncloud/api/views.py
@ -1,3 +1,23 @@
 from django.shortcuts import render

 # Create your views here.
+
+from django.contrib.auth.models import User, Group
+from rest_framework import viewsets
+from api.serializers import UserSerializer, GroupSerializer
+
+
+class UserViewSet(viewsets.ModelViewSet):
+    """
+    API endpoint that allows users to be viewed or edited.
+    """
+    queryset = User.objects.all().order_by('-date_joined')
+    serializer_class = UserSerializer
+
+
+class GroupViewSet(viewsets.ModelViewSet):
+    """
+    API endpoint that allows groups to be viewed or edited.
+    """
+    queryset = Group.objects.all()
+    serializer_class = GroupSerializer
--- a/nicohack202002/uncloud/uncloud/settings.py
+++ b/nicohack202002/uncloud/uncloud/settings.py
@ -37,6 +37,7 @@ INSTALLED_APPS = [
    'django.contrib.sessions',
    'django.contrib.messages',
    'django.contrib.staticfiles',
+    'rest_framework'
 ]

 MIDDLEWARE = [
@ -99,6 +100,29 @@ AUTH_PASSWORD_VALIDATORS = [
    },
 ]

+# LDAP
+import ldap
+from django_auth_ldap.config import LDAPSearch, LDAPSearchUnion
+
+AUTHENTICATION_BACKENDS = ["django_auth_ldap.backend.LDAPBackend"]
+AUTH_LDAP_SERVER_URI = "ldaps://ldap1.ungleich.ch,ldaps://ldap2.ungleich.ch"
+
+AUTH_LDAP_USER_DN_TEMPLATE = "uid=%(user)s,ou=customer,dc=ungleich,dc=ch"
+
+AUTH_LDAP_USER_SEARCH = LDAPSearch(
+    "ou=customer,dc=ungleich,dc=ch", ldap.SCOPE_SUBTREE, "(uid=%(user)s)"
+)
+
+################################################################################
+# AUTH/REST
+REST_FRAMEWORK = {
+    'DEFAULT_AUTHENTICATION_CLASSES': [
+        'rest_framework.authentication.BasicAuthentication',
+        'rest_framework.authentication.SessionAuthentication',
+    ]
+}
+
+

 # Internationalization
 # https://docs.djangoproject.com/en/3.0/topics/i18n/
--- a/nicohack202002/uncloud/uncloud/urls.py
+++ b/nicohack202002/uncloud/uncloud/urls.py
@ -14,8 +14,23 @@ Including another URLconf
    2. Add a URL to urlpatterns:  path('blog/', include('blog.urls'))
 """
 from django.contrib import admin
-from django.urls import path
+from django.urls import path, include

+from rest_framework import routers
+from api import views
+
+router = routers.DefaultRouter()
+router.register(r'users', views.UserViewSet)
+router.register(r'groups', views.GroupViewSet)
+
+# Wire up our API using automatic URL routing.
+# Additionally, we include login URLs for the browsable API.
 urlpatterns = [
-    path('admin/', admin.site.urls),
+    path('', include(router.urls)),
+    path('api-auth/', include('rest_framework.urls', namespace='rest_framework'))
 ]
+
+#urlpatterns = [
+#    path('admin/', admin.site.urls),
+#    path('api/', include('api.urls')),
+#]