Legrems/opus-submitter
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
498a1063f7
opus-submitter/README.md
Legrems 498a1063f7 feat: cas
2025-10-29 00:50:26 +01:00

3.5 KiB
Raw Blame History

Opus Magnum Submitter with CAS Authentication

A simple Django application that demonstrates CAS (Central Authentication Service) integration with PolyLAN's CAS server at https://polylan.ch/cas/.

Features

  • 🔐 CAS authentication with PolyLAN
  • 👤 Automatic user creation with custom attributes
  • 🏷️ CAS groups and permissions storage
  • 🏠 Protected home page requiring authentication
  • 🌍 Public page accessible without authentication
  • 🚪 Clean login/logout functionality
  • 📱 Responsive web interface
  • 🛠️ Admin interface for user management

Quick Start

  1. Install dependencies:

    pip install -e .

  2. Run database migrations:

    cd opus_submitter
uv run manage.py migrate

  3. Create a superuser (optional, for admin access):

    uv run manage.py createsuperuser

  4. Start the development server:

    uv run manage.py runserver localhost:7777

  5. Access the application:

How It Works

Authentication Flow

  1. User visits a protected page (e.g., home page)
  2. Django redirects to /cas/login/
  3. CAS redirects to PolyLAN CAS server: https://polylan.ch/cas/login
  4. User enters credentials on PolyLAN
  5. CAS validates credentials and redirects back with a service ticket
  6. Django validates the ticket with the CAS server
  7. User is authenticated and redirected to the requested page

Configuration

The CAS configuration is in opus_submitter/settings.py:

# CAS Authentication Settings
CAS_SERVER_URL = 'https://polylan.ch/cas/'
CAS_VERSION = '3'
CAS_CREATE_USER = True
CAS_LOGOUT_COMPLETELY = True

URLs

  • / - Protected home page (requires authentication)
  • /public/ - Public page (no authentication required)
  • /cas/login/ - CAS login endpoint
  • /cas/logout/ - CAS logout endpoint
  • /admin/ - Django admin (requires staff privileges)

Project Structure

opus_submitter/
├── manage.py
├── opus_submitter/
│   ├── __init__.py
│   ├── settings.py      # Django settings with CAS configuration
│   ├── urls.py          # URL routing with CAS endpoints
│   ├── wsgi.py
│   └── asgi.py
└── templates/
    ├── base.html        # Base template with navigation
    ├── home.html        # Protected home page
    └── public.html      # Public page

Dependencies

  • Django 5.2.7+
  • django-cas-ng 5.0.1+ (CAS client for Django)
  • requests 2.31.0+ (HTTP library for CAS communication)

Development

To modify the CAS configuration:

  1. Edit CAS_SERVER_URL in settings.py if using a different CAS server
  2. Adjust CAS_VERSION if needed (supports CAS 1.0, 2.0, and 3.0)
  3. Set CAS_CREATE_USER = False if you don't want automatic user creation

Testing

  1. Visit http://127.0.0.1:8000/public/ (should work without login)
  2. Visit http://127.0.0.1:8000/ (should redirect to CAS login)
  3. Login with your PolyLAN credentials
  4. Verify you're redirected back and can see user information
  5. Test logout functionality

Notes

  • This is a development setup with DEBUG = True
  • For production, update SECRET_KEY, set DEBUG = False, and configure ALLOWED_HOSTS
  • The application automatically creates Django users from CAS authentication
  • User information is populated from CAS attributes when available