DokuWiki

It's better when it's simple

User Tools

Site Tools

Trace:
auth:django

This is an old revision of the document!

Table of Contents

Djangoauth

Compatible with DokuWiki

Frusterick Manners

plugin Allows for Authentication via with a Django installation.

Last updated on
2017-03-29
Provides
Auth

The missing download url means that this extension cannot be installed via the Extension Manager. Please see Publishing a Plugin on dokuwiki.org. Recommended are public repository hosts like GitHub, GitLab or Bitbucket.

This extension has not been updated in over 2 years. It may no longer be maintained or supported and may have compatibility issues.

This extension is not in the 'plugin' or 'template' namespace and is therefore ignored.

Tagged with auth, django

By Michael Luggen

This plugin enables authentication with a Django installation. You have to let authenticate the user first in Django to get a session. The groups in Django can be used too.

Executes some python code, best to be installed on the same installation where Django lives.

Installation

  • Copy to /inc/auth/django.class.php
  • Set the following fields in local.php
$conf['authtype'] = 'authdjango';
$conf['auth']['django']['server'] = '';
$conf['auth']['django']['user'] = '';
$conf['auth']['django']['db'] = '';
$conf['auth']['django']['password'] = '';
$conf['auth']['django']['protocol'] = 'pgsql'; // or other, see PHP PDO documentation

Code

django.class.php
<?php
/**
 * django auth backend
 *
 * Uses external trust mechanism to check against a django session id
 * Needs to run python3 to extract user from session data
 *
 * @author    Andreas Gohr <andi@splitbrain.org>
 * @author    Michael Luggen <michael.luggen at unifr.ch>
 * @author    Robert Czechowski <zgtm at zgtm.de>
 */
 
define('DOKU_AUTH', dirname(__FILE__));
define('AUTH_USERFILE',DOKU_CONF.'users.auth.php');
 
class auth_plugin_authdjango extends DokuWiki_Auth_Plugin  {
 
        var $dbh = null; // db handle
 
        /**
         * Constructor.
         *
         * Sets additional capabilities and config strings
         * @author    Michael Luggen <michael.luggen at rhone.ch>
         * @author    Robert Czechowski <zgtm at zgtm.de>
         */
        function auth_plugin_authdjango(){
                global $conf;
                global $config_cascade;
                global $dbh;
 
                $this->cando['external'] = true;
                $this->cando['getGroups'] = true;
                $this->cando['logout'] = false;
 
 
                try {
                        // Connecting, selecting database
            $this->dbh = new PDO($conf['auth']['django']['protocol'] . ':host=' . $conf['auth']['django']['server'] . ';dbname=' . $conf['auth']['django']['db'], $conf['auth']['django']['user'], $conf['auth']['django']['password']);
        } catch (PDOException $e) {
            msg("Cannot connect to Database!", -1);
            $this->success = false;
        }
        $this->success = true;
        }
 
 
        function trustExternal($user,$pass,$sticky=false){
                global $USERINFO;
                global $conf;
                global $dbh;
 
                $sticky ? $sticky = true : $sticky = false; //sanity check
 
        /**
         * Just checks against the django sessionid variable,
         * gets user info from django-database
         */
                if (isset($_COOKIE['sessionid']) && $this->dbh) {
 
                        $s_id =  $_COOKIE['sessionid'];
 
                        // Look up the cookie in the db
                        $query = 'SELECT session_data FROM django_session WHERE session_key=' . $this->dbh->quote($s_id) . ' LIMIT 1;';
                        $result = $this->dbh->query($query) or die('Query failed1: ' . $this->dbh->errorInfo());
                        $ar = $result->fetch(PDO::FETCH_ASSOC);
                        $session_data = $ar['session_data'];
                        // TODO: $session_data can now be empty if the session does not exist in database, handle correctly instead of just dying
 
                        //decrypting the session_data
                        $session_json = preg_split('/:/', base64_decode($session_data), 2)[1];
                        $userid = json_decode($session_json, true)['_auth_user_id'];
                        $query2 = 'SELECT username, first_name, last_name, email FROM auth_user WHERE id=' . $this->dbh->quote($userid) . ' LIMIT 1;';
 
                        $result2 = $this->dbh->query($query2) or die('Query failed2: ' . print_r($this->dbh->errorInfo()));
            $user = $result2->fetch(PDO::FETCH_ASSOC);
 
                        $username =  $user['username'];
                        $userfullname = $user['first_name'] . " " . $user['last_name'];
                        $useremail = $user['email'];
 
                        // okay we're logged in - set the globals
                        $groups = $this->_getUserGroups($username);
 
                        $USERINFO['name'] = $username;
                        $USERINFO['pass'] = '';
                        $USERINFO['mail'] = $useremail;
                        $groups[] = 'user';
                        $USERINFO['grps'] = $groups;
 
                        $_SERVER['REMOTE_USER'] = $username;
 
                        $_SESSION[DOKU_COOKIE]['auth']['user'] = $username;
                        $_SESSION[DOKU_COOKIE]['auth']['info'] = $USERINFO;
 
                        return true;
                }
                return false;
        }
 
        function _getUserGroups($user){
                $query = 'SELECT auth_group.name FROM auth_user, auth_user_groups, auth_group where auth_user.username = ' . $this->dbh->quote($user) . ' AND auth_user.id = auth_user_groups.user_id AND auth_user_groups.group_id = auth_group.id;';
 
                $result = $this->dbh->query($query) or die('Query failed3: ' . $this->dbh->errorInfo());
                $a = 0;
                foreach ($result as $row) {
                        $groups[$a] = $row[0];
                        $a++;
                };
                return $groups;
        }
 
        function retrieveGroups($start=0,$limit=0){
                $query = 'SELECT auth_group.name FROM auth_group';
 
                $result = $this->dbh->query($query) or die('Query failed4: ' . $this->dbh->errorInfo());
                $a = 0;
                foreach ($result as $row) {
                        $groups[$a] = $row[0];
                        $a++;
                };
 
                return $groups;
        }
 
        function __destruct() {
                $this->dbh = null;
        }
 
 
}
auth/django.1522365265.txt.gz · Last modified: 2018-03-30 01:14 by zygentoma
Except where otherwise noted, content on this wiki is licensed under the following license: CC Attribution-Share Alike 4.0 International
CC Attribution-Share Alike 4.0 International Donate Powered by PHP Valid HTML5 Valid CSS Driven by DokuWiki

Global DokuWiki Links