Legrems/opus-submitter
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
498a1063f7
opus-submitter/README.md
Legrems 498a1063f7 feat: cas
2025-10-29 00:50:26 +01:00

122 lines
3.5 KiB
Markdown
Raw Blame History

# Opus Magnum Submitter with CAS Authentication
A simple Django application that demonstrates CAS (Central Authentication Service) integration with PolyLAN's CAS server at https://polylan.ch/cas/.
## Features
- 🔐 CAS authentication with PolyLAN
- 👤 Automatic user creation with custom attributes
- 🏷️ CAS groups and permissions storage
- 🏠 Protected home page requiring authentication
- 🌍 Public page accessible without authentication
- 🚪 Clean login/logout functionality
- 📱 Responsive web interface
- 🛠️ Admin interface for user management
## Quick Start
1. **Install dependencies:**
```bash
pip install -e .
```
2. **Run database migrations:**
```bash
cd opus_submitter
uv run manage.py migrate
```
3. **Create a superuser (optional, for admin access):**
```bash
uv run manage.py createsuperuser
```
4. **Start the development server:**
```bash
uv run manage.py runserver localhost:7777
```
5. **Access the application:**
- Open your browser to http://localhost:7777/
- Try the public page: http://localhost:7777/public/
- Login with CAS to access protected features
- Admin interface: http://localhost:7777/admin/ (requires superuser)
## How It Works
### Authentication Flow
1. User visits a protected page (e.g., home page)
2. Django redirects to `/cas/login/`
3. CAS redirects to PolyLAN CAS server: `https://polylan.ch/cas/login`
4. User enters credentials on PolyLAN
5. CAS validates credentials and redirects back with a service ticket
6. Django validates the ticket with the CAS server
7. User is authenticated and redirected to the requested page
### Configuration
The CAS configuration is in `opus_submitter/settings.py`:
```python
# CAS Authentication Settings
CAS_SERVER_URL = 'https://polylan.ch/cas/'
CAS_VERSION = '3'
CAS_CREATE_USER = True
CAS_LOGOUT_COMPLETELY = True
```
### URLs
- `/` - Protected home page (requires authentication)
- `/public/` - Public page (no authentication required)
- `/cas/login/` - CAS login endpoint
- `/cas/logout/` - CAS logout endpoint
- `/admin/` - Django admin (requires staff privileges)
## Project Structure
```
opus_submitter/
├── manage.py
├── opus_submitter/
│ ├── __init__.py
│ ├── settings.py # Django settings with CAS configuration
│ ├── urls.py # URL routing with CAS endpoints
│ ├── wsgi.py
│ └── asgi.py
└── templates/
├── base.html # Base template with navigation
├── home.html # Protected home page
└── public.html # Public page
```
## Dependencies
- Django 5.2.7+
- django-cas-ng 5.0.1+ (CAS client for Django)
- requests 2.31.0+ (HTTP library for CAS communication)
## Development
To modify the CAS configuration:
1. Edit `CAS_SERVER_URL` in `settings.py` if using a different CAS server
2. Adjust `CAS_VERSION` if needed (supports CAS 1.0, 2.0, and 3.0)
3. Set `CAS_CREATE_USER = False` if you don't want automatic user creation
## Testing
1. Visit http://127.0.0.1:8000/public/ (should work without login)
2. Visit http://127.0.0.1:8000/ (should redirect to CAS login)
3. Login with your PolyLAN credentials
4. Verify you're redirected back and can see user information
5. Test logout functionality
## Notes
- This is a development setup with `DEBUG = True`
- For production, update `SECRET_KEY`, set `DEBUG = False`, and configure `ALLOWED_HOSTS`
- The application automatically creates Django users from CAS authentication
- User information is populated from CAS attributes when available
Reference in New Issue View Git Blame Copy Permalink