No description
Find a file
Nico Schottelius 196ab2787e ++notes
2021-12-05 20:53:41 +01:00
dal Merge upstream repository and code running on production... 2020-05-24 08:04:25 +02:00
logs Create logs dir 2019-02-19 21:21:30 +01:00
ungleichuser ++notes 2021-12-05 20:53:41 +01:00
.gitignore Add dal/ldap_max_uid_file to .gitignore 2019-02-23 21:25:15 +01:00
Dockerfile Begin cleanup 2021-12-05 18:19:35 +01:00
manage.py Move project files to root directory 2019-02-17 17:43:06 +01:00
nameko-func.py Add ldap user create support 2019-01-26 15:19:58 +01:00
README.md ++notes 2021-12-05 20:53:41 +01:00
requirements-os.txt Cleanup and add OS requirements 2019-01-26 13:19:19 +01:00
requirements.txt Begin setup of new auth system 2021-12-05 18:59:19 +01:00

Ungleich Account Management Webapp

This service runs on account.ungleich.ch and allows customers manage their ungleich account (register, edit mail & password, ...).

Todos for v2:

  • Rewrite/create new app Django 4.0 based (ungleichuser)
  • Do not use django-auth-ldap, because it uses python-ldap
  • Update the template HTML to bootstrap5
  • Use ldap3
  • Check/verify the ldap registration
  • Ensure multiple ldap servers are supported
  • Cleanup this readme
  • Use the following "captcha" for all forms:
    • Extra form field named "random"
    • Present the user the following text:
  • Create Dockerfile / ensure it works in kubernetes

Next steps

  • Override/use custom form to allow captcha

Development Setup

python3 -m venv venv
. ./venv/bin/activate
pip install -r requirements.txt
``

* Clone this repository and enter top-level directory.
* (Optional) Setup a Python virtualenv and install dependencies via pip:
	- `virtualenv .venv`
	- `source .venv/bin/activate`
	- `pip install -r requirements.txt`
	- Note: you might have to install some OS dependencies (i.e. libldap2, libsasl).
* Configure the `dal` django app (uses the [decouple](https://pypi.org/project/python-decouple/) library underneath)
		- Copy `dal/env.sample` to `dal/.env`
		- Populate `dal/.env`

## Functionality

- Allow user to register in a specific subtree
- Verify that user does not exist in another subtree
- Assign an id
- Allow password reset via Mail
- DB usage: for password reset?

## Parameters

LDAPSERVER

## Steps / Views

### Register view

Form: [get]

* captcha?
* username
* password1
* password2

Post receiver: [post]

* Validation / check if human
* E-Mail verification

E-Mail verify: [get]

* Create user

### Password reset view

* captcha
* username


## Tech notes

### django-auth-ldap

Depends on python-ldap, which fails on Alpine at the moment:

* https://django-auth-ldap.readthedocs.io/en/latest/