marcel/linkding
1
0
Fork 0
mirror of https://github.com/sissbruecker/linkding.git synced 2025-08-12 13:15:28 +02:00
Code Issues Packages Projects Releases Wiki Activity

Add support for OIDC (#389)

Browse Source 
* added support for oidc auth

* fixed oidc usernames

* hiding password for users that aren't logged in via local auth

* add dependency, update settings

* keep change password link

* add tests

* add docs

---------

Co-authored-by: Sascha Ißbrücker <sascha.issbruecker@gmail.com>
This commit is contained in:
ηg
2024-03-16 23:42:46 +01:00
committed by GitHub
parent 4bee104b62
commit 39782e75e7
12 changed files with 192 additions and 17 deletions
Download Patch File Download Diff File Expand all files Collapse all files

12
bookmarks/templates/registration/login.html
View File

@@ -17,22 +17,24 @@
{% endif %}
<div class="form-group">
<label class="form-label" for="{{ form.username.id_for_label }}">Username</label>
{{ form.username|add_class:'form-input'|attr:"placeholder: " }}
{{ form.username|add_class:'form-input'|attr:'placeholder: ' }}
</div>
<div class="form-group">
<label class="form-label" for="{{ form.password.id_for_label }}">Password</label>
{{ form.password|add_class:'form-input'|attr:"placeholder: " }}
{{ form.password|add_class:'form-input'|attr:'placeholder: ' }}
</div>
<br/>
<div class="d-flex justify-between">
<input type="submit" value="Login" class="btn btn-primary btn-wide">
<input type="hidden" name="next" value="{{ next }}">
<input type="submit" value="Login" class="btn btn-primary btn-wide"/>
<input type="hidden" name="next" value="{{ next }}"/>
{% if enable_oidc %}
<a class="btn btn-link" href="{% url 'oidc_authentication_init' %}">Login with OIDC</a>
{% endif %}
{% if allow_registration %}
<a href="{% url 'django_registration_register' %}" class="btn btn-link">Register</a>
{% endif %}
</div>
</form>
</section>
{% endblock %}

4
bookmarks/templates/settings/general.html
View File

@@ -150,7 +150,9 @@
<i class="form-icon"></i> Import public bookmarks as shared
</label>
<div class="form-input-hint">
When importing bookmarks from a service that supports marking bookmarks as public or private (using the <code>PRIVATE</code> attribute), enabling this option will import all bookmarks that are marked as not private as shared bookmarks.
When importing bookmarks from a service that supports marking bookmarks as public or private (using the
<code>PRIVATE</code> attribute), enabling this option will import all bookmarks that are marked as not
private as shared bookmarks.
Otherwise, all bookmarks will be imported as private bookmarks.
</div>
</div>

29
bookmarks/tests/test_login_view.py Normal file
View File

@@ -0,0 +1,29 @@
from django.test import TestCase, override_settings
from django.urls import path, include
from bookmarks.tests.helpers import HtmlTestMixin
from siteroot.urls import urlpatterns as base_patterns
# Register OIDC urls for this test, otherwise login template can not render when OIDC is enabled
urlpatterns = base_patterns + [path("oidc/", include("mozilla_django_oidc.urls"))]
@override_settings(ROOT_URLCONF=__name__)
class LoginViewTestCase(TestCase, HtmlTestMixin):
def test_should_not_show_oidc_login_by_default(self):
response = self.client.get("/login/")
soup = self.make_soup(response.content.decode())
oidc_login_link = soup.find("a", text="Login with OIDC")
self.assertIsNone(oidc_login_link)
@override_settings(LD_ENABLE_OIDC=True)
def test_should_show_oidc_login_when_enabled(self):
response = self.client.get("/login/")
soup = self.make_soup(response.content.decode())
oidc_login_link = soup.find("a", text="Login with OIDC")
self.assertIsNotNone(oidc_login_link)

51
bookmarks/tests/test_oidc_support.py Normal file
View File

@@ -0,0 +1,51 @@
import importlib
import os
from django.test import TestCase, override_settings
from django.urls import URLResolver
class OidcSupportTest(TestCase):
def test_should_not_add_oidc_urls_by_default(self):
siteroot_urls = importlib.import_module("siteroot.urls")
importlib.reload(siteroot_urls)
oidc_url_found = any(
isinstance(urlpattern, URLResolver) and urlpattern.pattern._route == "oidc/"
for urlpattern in siteroot_urls.urlpatterns
)
self.assertFalse(oidc_url_found)
@override_settings(LD_ENABLE_OIDC=True)
def test_should_add_oidc_urls_when_enabled(self):
siteroot_urls = importlib.import_module("siteroot.urls")
importlib.reload(siteroot_urls)
oidc_url_found = any(
isinstance(urlpattern, URLResolver) and urlpattern.pattern._route == "oidc/"
for urlpattern in siteroot_urls.urlpatterns
)
self.assertTrue(oidc_url_found)
def test_should_not_add_oidc_authentication_backend_by_default(self):
base_settings = importlib.import_module("siteroot.settings.base")
importlib.reload(base_settings)
self.assertListEqual(
["django.contrib.auth.backends.ModelBackend"],
base_settings.AUTHENTICATION_BACKENDS,
)
def test_should_add_oidc_authentication_backend_when_enabled(self):
os.environ["LD_ENABLE_OIDC"] = "True"
base_settings = importlib.import_module("siteroot.settings.base")
importlib.reload(base_settings)
self.assertListEqual(
[
"django.contrib.auth.backends.ModelBackend",
"mozilla_django_oidc.auth.OIDCAuthenticationBackend",
],
base_settings.AUTHENTICATION_BACKENDS,
)
del os.environ["LD_ENABLE_OIDC"] # Remove the temporary environment variable

10
bookmarks/utils.py
View File

@@ -1,5 +1,6 @@
import logging
import re
import unicodedata
from datetime import datetime
from typing import Optional
@@ -111,3 +112,12 @@ def get_safe_return_url(return_url: str, fallback_url: str):
if not return_url or not re.match(r"^/[a-z]+", return_url):
return fallback_url
return return_url
def generate_username(email):
# taken from mozilla-django-oidc docs :)
# Using Python 3 and Django 1.11+, usernames can contain alphanumeric
# (ascii and unicode), _, @, +, . and - characters. So we normalize
# it and slice at 150 characters.
return unicodedata.normalize("NFKC", email)[:150]