Django,mozilla-django-oidc和admin [英] Django, mozilla-django-oidc and admin
问题描述
我试图使用 mozilla-django-oidc 库.到目前为止,初始的用户身份验证和帐户创建(使用Django的用户模型)可以,但是我不明白要让Django
i am trying to connect Okta with a custom Django (v.3.0.2) app i am coding, using the mozilla-django-oidc library. So far the initial user authentication and account creation (using Django's user model) works, but i don't understand what i need to do to have the Django AdminSite work.
在引入mozilla-django-oidc
之前,Adminsite按预期方式工作.我创建了一个名为"admin"的管理员用户,该用户可以登录.
The Adminsite, before introducing mozilla-django-oidc
worked as expected. I created an admin user, named "admin" and the user was able to login.
要集成mozilla-django-oidc
库,我按照此处的说明进行操作: https://mozilla-django-oidc.readthedocs.io/en/stable/installation.html .这些说明中没有对AdminSite的任何具体提及.
To integrate the mozilla-django-oidc
library i followed the instructions here: https://mozilla-django-oidc.readthedocs.io/en/stable/installation.html. The instructions do not have any specific mention of the AdminSite.
在集成库后访问AdminSite时,我具有以下内容:
When i access the AdminSite after the library integration, i have the following:
- AdminSite使用默认模板-我的假设是 也将使用Okta进行身份验证.
- 以前能够登录AdminSite的管理员帐户"admin"不再起作用
- The AdminSite uses the default template - my assumption was that it would also use Okta to authenticate.
- The admin account "admin" that used to be able to login into the AdminSite does not work anymore
我的目标是能够访问AdminSite.只要我可以访问它,我都不介意是通过Okta还是通过香草界面.
My goal is to be able to access the AdminSite. I don't mind if it will be over Okta or over the vanilla interface as long as i can access it.
以下是文件中的相关段(以进行集成):
Below are the relevant segments from the files (in order to integrate):
urls.py
urlpatterns = [
path('', static_site.site_index, name='site_index'),
path('admin/', admin.site.urls),
path('review/', include('review.urls')),
path('oidc/', include('mozilla_django_oidc.urls')),
]
settings.py
settings.py
# OICD
AUTHENTICATION_BACKENDS = (
'mozilla_django_oidc.auth.OIDCAuthenticationBackend',
)
OIDC_RP_CLIENT_ID = 'xxxxx'
OIDC_RP_CLIENT_SECRET = 'xxxx'
OIDC_RP_SIGN_ALGO = 'RS256'
OIDC_OP_JWKS_ENDPOINT = 'https://dev-xxx.okta.com/oauth2/default/v1/keys'
OIDC_RP_SCOPES = 'openid email profile'
OIDC_OP_AUTHORIZATION_ENDPOINT = 'https://dev-xxx.okta.com/oauth2/default/v1/authorize'
OIDC_OP_TOKEN_ENDPOINT = 'https://dev-xxx.okta.com/oauth2/default/v1/token'
OIDC_OP_USER_ENDPOINT = 'https://dev-xxx.okta.com/oauth2/default/v1/userinfo'
# Provided by mozilla-django-oidc
LOGIN_URL = reverse_lazy('oidc_authentication_callback')
# App urls
LOGIN_REDIRECT_URL = reverse_lazy('review:dashboard')
LOGOUT_REDIRECT_URL = reverse_lazy('site_index')
欢迎任何想法或指点!
推荐答案
目标是通过将默认的auth后端添加到设置中来实现的:
The goal was achieved by adding the default auth backend to the settings:
settings.py
settings.py
AUTHENTICATION_BACKENDS = [
'django.contrib.auth.backends.ModelBackend',
'mozilla_django_oidc.auth.OIDCAuthenticationBackend',
]
我没有获得管理员的Okta身份验证,但是由于我很高兴能运行管理员,因此我将在此处停止.
I don't get Okta auth for the admin, but since i am happy just to have the admin running, i will stop here.
这篇关于Django,mozilla-django-oidc和admin的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!