DokuWiki

It's better when it's simple

User Tools

Site Tools


Sidebar

Translations of this page?:

Learn about DokuWiki

Advanced Use

Corporate Use

Our Community


Follow us on Facebook, Twitter and other social networks.

auth:django

Table of Contents

Djangoauth

  • description: It's an implementation which enables a nice integration with a Django [http://www.djangoproject.com/] installation.
  • author : Michael Luggen
  • email : michael@oiu.ch
  • lastupdate : 2011-07-20
  • compatible : 2011-05-25a
  • depends : Django 1.3

It's an implementation which enables a nice integration with a Django [http://www.djangoproject.com/] installation. You have to let authenticate the user first in Django to get a session. The groups in Django can be used too.

Executes some python code, best to be installed on the same installation where Django lives.

Installation

  • Copy to /inc/auth/django.class.php
  • Set the following fields in local.php
$conf['authtype'] = 'django';
$conf['auth']['django']['server'] = '';
$conf['auth']['django']['user'] = '';
$conf['auth']['django']['db'] = '';
$conf['auth']['django']['password'] = '';

Code

django.class.php
<?php
/**
 * django auth backend
 *
 * Uses external Trust mechanism to check against a django session id
 *
 * @author    Andreas Gohr <andi@splitbrain.org>
 * @author    Michael Luggen <michael.luggen at unifr.ch>
 */
 
define('DOKU_AUTH', dirname(__FILE__));
define('AUTH_USERFILE',DOKU_CONF.'users.auth.php');
 
class auth_django extends auth_basic {
	var $link = null;
 
	/**
	 * Constructor.
	 *
	 * Sets additional capabilities and config strings
	 * @author    Michael Luggen <michael.luggen at rhone.ch>
	 */
	function auth_django(){
		global $conf;
		$this->cando['external'] = true;
		$this->cando['getGroups'] = true;
		$this->cando['logout'] = false;
 
		// needs mysql
		if(function_exists('mysql_connect')) {
			// Connecting, selecting database
			$this->link = mysql_connect( $conf['auth']['django']['server'], $conf['auth']['django']['user'], $conf['auth']['django']['password']) 
				or die('Django Auth - Could not connect: ' . mysql_error());
			mysql_select_db($conf['auth']['django']['db']) or die('Django Auth - Could not select database');
		} else {
			$this->success = false;
		}
	}
 
	/**
	 * Just checks against the django sessionid variable
	 */
	function trustExternal($user,$pass,$sticky=false){
		global $USERINFO;
		global $conf;
		$sticky ? $sticky = true : $sticky = false; //sanity check
 
		if( isset($_COOKIE['sessionid'])){
 
			/**
			 * get user info from django-database (only mysql at the moment)
			 */
 
			$s_id =  $_COOKIE['sessionid'];
 
			// Connecting, selecting database
 
			// Look the cookie up in the db 
			$query = 'SELECT session_data FROM django_session where session_key="'.mysql_real_escape_string($s_id).'" limit 1;';
			$result = mysql_query($query) or die('Django Auth - Query failed: ' . mysql_error());
			$ar = mysql_fetch_row($result);
			$session_data = str_replace("\n",'',$ar[0]);
 
			//decrypting the session_data
			$python_cmd = "python -c \"import base64, cPickle; val = base64.decodestring('".$session_data."'); print cPickle.loads(val[val.index(':')+1:])['_auth_user_id'];\""; 
			exec($python_cmd, $output);
 
			$userid = $output[0];
 
			$query = 'SELECT username, first_name, last_name, email FROM auth_user where id="'.mysql_real_escape_string($userid).'" limit 1;';
 
			$result2 = mysql_query($query) or die('Query failed: ' . mysql_error());
			$user = mysql_fetch_row($result2);
 
			$username =  $user[0];
			$userfullname = $user[1]." ".$user[2];
			$useremail = $user[3];
 
			mysql_free_result($result);
 
			// okay we're logged in - set the globals
			$groups = $this->_getUserGroups($username);
 
			$USERINFO['name'] = $userfullname;
			$USERINFO['pass'] = '';
			$USERINFO['mail'] = $useremail;
			$groups[0] = 'user';
			$USERINFO['grps'] = $groups;
 
			$_SERVER['REMOTE_USER'] = $username;
 
			$_SESSION[DOKU_COOKIE]['auth']['user'] = $username;
			$_SESSION[DOKU_COOKIE]['auth']['info'] = $USERINFO;
			return true;
		}
 
		return false;
	} 
 
	function _getUserGroups($user){
 
		// Performing SQL query
		$query = 'SELECT auth_group.name FROM auth_user, auth_user_groups, auth_group where auth_user.username="'.mysql_real_escape_string($user).'" AND auth_user.id = auth_user_groups.user_id AND auth_user_groups.group_id = auth_group.id;';
 
		$result = mysql_query($query) or die('Query failed: ' . mysql_error());
		$a = 0;
		while($row = mysql_fetch_row($result)) {
			$groups[$a] = $row[0];
			$a++;
		};
		mysql_free_result($result);
		return $groups;
	}
 
	function retrieveGroups($start=0,$limit=0){
		// Performing SQL query
		$query = 'SELECT auth_group.name FROM auth_group';
 
		$result = mysql_query($query) or die('Query failed: ' . mysql_error());
		$a = 0;
		while($row = mysql_fetch_row($result)) {
			$groups[$a] = $row[0];
			$a++;
		};
		mysql_free_result($result);
		return $groups;
	}
 
	function __destruct() {
		mysql_close($this->link);
	}
}
 
//Setup VIM: ex: et ts=4 :
auth/django.txt · Last modified: 2012-08-29 22:37 by ach