Ticket #10270 (closed: fixed)
Create custom authentication application for autoreduction webapp
Reported by: | MarcusNoble | Owned by: | MarcusNoble |
---|---|---|---|
Priority: | critical | Milestone: | Release 3.3 |
Component: | Tools | Keywords: | AUTOREDUCTION |
Cc: | doucetm@…, tom.griffin@…, nick.draper@…, anders.markvardsen@… | Blocked By: | #10242, #10284 |
Blocking: | #10147 | Tester: | John Hill |
Description (last modified by MarcusNoble) (diff)
Create an authentication backend for Django that makes use of ICAT authentication and sessions.
See https://docs.djangoproject.com/en/dev/topics/auth/customizing/ for details.
- Upon first login the user should be created in the 'user' table. A check for if the user is staff (instrument scientist) could also be done at this point.
Superusers must be manually setSuperusers will be set based on a check for ICAT user group. The password field should be blank(if possible?) so that the authentication always goes off to ICAT.
- A method decorator should be used on all method that require the user to be logged in (pretty much all) that makes a call to checkSession(). This needs to be in addition to the @login_required decorator as that doesn't check for invalidation of the session provided by the UOWS.
For Tester:
Note: This can only be done by a new user.
- Navigate to http://datareducedev.isis.cclrc.ac.uk/autoreduce_webapp/runs/queue/, when asked for credentials login with your Federal ID details. (If these details don't work please let me know)
- You should be redirected to a mostly blank page but it should read "Welcome, [name]" in the top bar.
- In a new tab navigate to https://devusers.facilities.rl.ac.uk/auth/ and click the logout link in the top right.
- Refresh http://datareducedev.isis.cclrc.ac.uk/autoreduce_webapp/runs/queue/ and you should be asked to login again.
Change History
comment:6 Changed 6 years ago by MarcusNoble
- There is currently some issues with infinite redirects when django appends ?next=.
- The logout method is returning users to users.facilities.rl.ac.uk/auth (with no redirect back).This may be OK when the new auth menu is rolled out with user-specific menu items (as autoreduce webapp can be one of them)
comment:8 Changed 6 years ago by MarcusNoble
- Status changed from inprogress to verify
- Resolution set to fixed
Note: See
TracTickets for help on using
tickets.