klonfish
7ada5d152b
|
6 years ago | |
---|---|---|
bam | 6 years ago | |
.gitignore | 6 years ago | |
README.md | 6 years ago |
README.md
bam - Blinkenbunt Account Manager
Installation
Currently, this repository does only contain a plain Django app without a project. The app is not (yet) packaged. Therfore, the following steps are necessary to initialize a development environment:
-
Initialize Django project:
django-admin startproject PROJECT_NAME
2. Clone this repository to a location outside the project directory.
3. Below the project directory, create a symlink called `bam` to the `bam`
folder of this repository, e.g.:
```
ln -sr bam PROJECT_DIRECTORY/bam
-
Add
bam.apps.BamConfig
toINSTALLED_APPS
in the project'ssettings.py
. -
Set
bam.hashers.LDAPPBKDF2PasswordHasher
as the first item of thePASSWORD_HASHERS
array in the project'ssettings.py
. -
Insert the configuration values described below according to your setup into the project's
settings.py
. -
Append
path('', include('bam.urls')),
to the project'surls.py
. -
Initialize database:
./manage.py migrate
9. Create a superuser account:
```
./manage.py createsuperuser
-
Download Pure.css and extract it to
bam/static/pure.css/
. -
Start the development server:
```
./manage.py runserver
## Configuration Options
* `BAM_LDAP_URI`: URI of the LDAP server to connect to. For a server on the
same system, `ldapi:///` usually can be used.
* `BAM_LDAP_BIND_DN`: The DN to bind to. It requires permissions to create
and change entries in the relevant base DNs.
* `BAM_LDAP_SECRET`: The secret corresponding to the bind DN.
* `BAM_LDAP_BASE_DN_MAP`: A dict from base DNs to arrays of Django groups.
User entries are maintained in the given base DN for all active members of
at least one of the assigned groups. They get deleted if the corresponding
user is deactivated or no longer in any of these groups.
Example:
```
BAM_LDAP_BASE_DN_MAP = {
'ou=test,dc=blinkenbunt,dc=org': [
'jabber',
'git',
],
'ou=admins,dc=blinkenbunt,dc=org': [
'admin',
],
}
ToDo
Essential
- LDAP sync mangement command
- profile page view to be displayed after login
- unify CSS for custom views and auth view
Optional, planned
- service-based logins
- self-service registration
- package this app as a Python module