From 9fd445e9478ef2a30106905d6fabd47abaf9663a Mon Sep 17 00:00:00 2001 From: Nico Schottelius Date: Thu, 20 Feb 2020 18:58:07 +0100 Subject: [PATCH] add ldap support + tutorial example --- nicohack202002/uncloud/api/serializers.py | 14 +++++++++++++ nicohack202002/uncloud/api/views.py | 20 ++++++++++++++++++ nicohack202002/uncloud/uncloud/settings.py | 24 ++++++++++++++++++++++ nicohack202002/uncloud/uncloud/urls.py | 19 +++++++++++++++-- 4 files changed, 75 insertions(+), 2 deletions(-) create mode 100644 nicohack202002/uncloud/api/serializers.py diff --git a/nicohack202002/uncloud/api/serializers.py b/nicohack202002/uncloud/api/serializers.py new file mode 100644 index 0000000..f5a5a92 --- /dev/null +++ b/nicohack202002/uncloud/api/serializers.py @@ -0,0 +1,14 @@ +from django.contrib.auth.models import User, Group +from rest_framework import serializers + + +class UserSerializer(serializers.HyperlinkedModelSerializer): + class Meta: + model = User + fields = ['url', 'username', 'email', 'groups'] + + +class GroupSerializer(serializers.HyperlinkedModelSerializer): + class Meta: + model = Group + fields = ['url', 'name'] diff --git a/nicohack202002/uncloud/api/views.py b/nicohack202002/uncloud/api/views.py index 91ea44a..d7f3dae 100644 --- a/nicohack202002/uncloud/api/views.py +++ b/nicohack202002/uncloud/api/views.py @@ -1,3 +1,23 @@ from django.shortcuts import render # Create your views here. + +from django.contrib.auth.models import User, Group +from rest_framework import viewsets +from api.serializers import UserSerializer, GroupSerializer + + +class UserViewSet(viewsets.ModelViewSet): + """ + API endpoint that allows users to be viewed or edited. + """ + queryset = User.objects.all().order_by('-date_joined') + serializer_class = UserSerializer + + +class GroupViewSet(viewsets.ModelViewSet): + """ + API endpoint that allows groups to be viewed or edited. + """ + queryset = Group.objects.all() + serializer_class = GroupSerializer diff --git a/nicohack202002/uncloud/uncloud/settings.py b/nicohack202002/uncloud/uncloud/settings.py index 97dcf1e..7def11a 100644 --- a/nicohack202002/uncloud/uncloud/settings.py +++ b/nicohack202002/uncloud/uncloud/settings.py @@ -37,6 +37,7 @@ INSTALLED_APPS = [ 'django.contrib.sessions', 'django.contrib.messages', 'django.contrib.staticfiles', + 'rest_framework' ] MIDDLEWARE = [ @@ -99,6 +100,29 @@ AUTH_PASSWORD_VALIDATORS = [ }, ] +# LDAP +import ldap +from django_auth_ldap.config import LDAPSearch, LDAPSearchUnion + +AUTHENTICATION_BACKENDS = ["django_auth_ldap.backend.LDAPBackend"] +AUTH_LDAP_SERVER_URI = "ldaps://ldap1.ungleich.ch,ldaps://ldap2.ungleich.ch" + +AUTH_LDAP_USER_DN_TEMPLATE = "uid=%(user)s,ou=customer,dc=ungleich,dc=ch" + +AUTH_LDAP_USER_SEARCH = LDAPSearch( + "ou=customer,dc=ungleich,dc=ch", ldap.SCOPE_SUBTREE, "(uid=%(user)s)" +) + +################################################################################ +# AUTH/REST +REST_FRAMEWORK = { + 'DEFAULT_AUTHENTICATION_CLASSES': [ + 'rest_framework.authentication.BasicAuthentication', + 'rest_framework.authentication.SessionAuthentication', + ] +} + + # Internationalization # https://docs.djangoproject.com/en/3.0/topics/i18n/ diff --git a/nicohack202002/uncloud/uncloud/urls.py b/nicohack202002/uncloud/uncloud/urls.py index 7b82bc9..e52fd35 100644 --- a/nicohack202002/uncloud/uncloud/urls.py +++ b/nicohack202002/uncloud/uncloud/urls.py @@ -14,8 +14,23 @@ Including another URLconf 2. Add a URL to urlpatterns: path('blog/', include('blog.urls')) """ from django.contrib import admin -from django.urls import path +from django.urls import path, include +from rest_framework import routers +from api import views + +router = routers.DefaultRouter() +router.register(r'users', views.UserViewSet) +router.register(r'groups', views.GroupViewSet) + +# Wire up our API using automatic URL routing. +# Additionally, we include login URLs for the browsable API. urlpatterns = [ - path('admin/', admin.site.urls), + path('', include(router.urls)), + path('api-auth/', include('rest_framework.urls', namespace='rest_framework')) ] + +#urlpatterns = [ +# path('admin/', admin.site.urls), +# path('api/', include('api.urls')), +#]