initial openid integration

diff --git a/pkgs/django-openid-auth-0.5.1.tar.gz b/pkgs/django-openid-auth-0.5.1.tar.gz
new file mode 100644 (file)
index 0000000..034b0ff
Binary files /dev/null and b/pkgs/django-openid-auth-0.5.1.tar.gz differ

diff --git a/plgng/settings.py b/plgng/settings.py
index 7971690..d16396c 100644 (file)
--- a/plgng/settings.py
+++ b/plgng/settings.py
@@ -43,6 +43,7 @@ INSTALLED_APPS = (
     'django.contrib.staticfiles',
     'django.contrib.webdesign',
     'qcg',
+    'django_openid_auth',
 )
 
 MIDDLEWARE_CLASSES = (
@@ -92,3 +93,31 @@ USE_TZ = True
 # https://docs.djangoproject.com/en/1.7/howto/static-files/
 
 STATIC_URL = '/static/'
+
+
+# Authentication
+
+AUTHENTICATION_BACKENDS = (
+    'django_openid_auth.auth.OpenIDBackend',
+    'django.contrib.auth.backends.ModelBackend',
+)
+
+LOGIN_URL = 'openid-login'
+LOGIN_REDIRECT_URL = '/jobs/'
+
+# If set, always use this as the identity URL rather than asking the
+# user.  This only makes sense if it is a server URL.
+OPENID_SSO_SERVER_URL = 'https://openid.plgrid.pl/gateway'
+
+# Should users be created when new OpenIDs are used to log in?
+OPENID_CREATE_USERS = True
+
+# Update user details from OpenID each time they log in
+OPENID_UPDATE_DETAILS_FROM_SREG = True
+
+# Login will fail if no 'nickname' (username), or if the nickname
+# conflicts with an existing user with a different openid identity url
+OPENID_STRICT_USERNAMES = True
+
+
+SESSION_SERIALIZER = 'django.contrib.sessions.serializers.PickleSerializer'

diff --git a/qcg/static/qcg/img/banner.jpg b/qcg/static/qcg/img/banner.jpg
new file mode 100644 (file)
index 0000000..10b3a14
Binary files /dev/null and b/qcg/static/qcg/img/banner.jpg differ

diff --git a/qcg/static/qcg/img/plgrid_logo.png b/qcg/static/qcg/img/plgrid_logo.png
new file mode 100644 (file)
index 0000000..f291414
Binary files /dev/null and b/qcg/static/qcg/img/plgrid_logo.png differ

diff --git a/qcg/static/qcg/img/qcg_logo.png b/qcg/static/qcg/img/qcg_logo.png
new file mode 100644 (file)
index 0000000..d1d1a79
Binary files /dev/null and b/qcg/static/qcg/img/qcg_logo.png differ

diff --git a/qcg/static/qcg/img/statistics.jpg b/qcg/static/qcg/img/statistics.jpg
new file mode 100644 (file)
index 0000000..4766d1c
Binary files /dev/null and b/qcg/static/qcg/img/statistics.jpg differ

diff --git a/qcg/templates/qcg/base.html b/qcg/templates/qcg/base.html
index c711581..bbb29f3 100644 (file)
--- a/qcg/templates/qcg/base.html
+++ b/qcg/templates/qcg/base.html
@@ -25,13 +25,37 @@
                 <a class="navbar-brand" href="/">Portal QosCosGrid</a>
             </div>
             <div id="navbar" class="collapse navbar-collapse">
-                <ul class="nav navbar-nav">
-                    <li{% ifequal request.resolver_match.url_name 'jobs' %} class="active"{% endifequal %}>
-                        <a href="{% url 'jobs' %}">Zadania</a>
-                    </li>
-                </ul>
+                {% if user.is_authenticated %}
+                    <ul class="nav navbar-nav">
+                        <li{% ifequal request.resolver_match.url_name 'jobs' %} class="active"{% endifequal %}>
+                            <a href="{% url 'jobs' %}">Zadania</a>
+                        </li>
+                    </ul>
+                {% endif %}
+
                 <ul class="nav navbar-nav navbar-right">
-                    <li><a href="#" class="navbar-link">Zaloguj</a></li>
+                    {% if user.is_authenticated %}
+                            <li class="dropdown">
+                                <a href="#" class="dropdown-toggle" data-toggle="dropdown">
+                                    {% firstof user.get_full_name user.username  %} <b class="caret"></b>
+                                </a>
+                                <ul class="dropdown-menu">
+                                    {% if request.user.is_superuser %}
+                                        <li><a href="{% url 'admin:index' %}" target="_blank">
+                                            <span class="glyphicon glyphicon-wrench"></span>&nbsp;Panel Administracyjny</a></li>
+                                        <li class="divider"></li>
+                                    {% endif %}
+
+                                    <li>
+                                        <a href="{% url 'logout' %}" role="button">
+                                            <span class="glyphicon glyphicon-off"></span>&nbsp;Wyloguj
+                                        </a>
+                                    </li>
+                                </ul>
+                            </li>
+                    {% else %}
+                        <li><a href="{% url 'openid-login' %}" class="navbar-link">Zaloguj</a></li>
+                    {% endif %}
                 </ul>
             </div><!--/.nav-collapse -->
         </div>
@@ -41,31 +65,31 @@
         {% block container %}
 
             <div class="jumbotron">
-                <h1>Hello, cruel world!</h1>
-
-                {% lorem 1 p %}
-            </div>
-
-            <div class="row">
-                <div class="col-md-6">
-                    <h3>PL-GRID jest super!</h3>
+                <h1>QosCosGrid</h1>
+                <p>Infrastruktura QosCosGrid jest zestawem zintegrowanych, wysoce wydajnych usług i narzędzi dostępowych do zarządzania zasobami i zadaniami w wieloklastrowych i gridowych środowiskach obliczeniowych. QosCosGrid wspiera różne scenariusze dla aplikacji, w tym aplikacji równoległych dużej skali, aplikacji parametrycznych oraz złożonych aplikacji typu workflow. Usługi QosCosGrid umożliwiają logiczne scalenie zasobów obliczeniowych pochodzących z wielu klastrów w jeden rozproszony system obliczeniowy.</p>
 
-                    {% lorem 1 p %}
-                </div>
-                <div class="col-md-6"></div>
+{#                <div class="row">#}
+{#                    <div class="col-md-6">#}
+{#                    </div>#}
+{#                    <div class="col-md-6">#}
+{#                        <img src="{% static 'qcg/img/qcg_logo.png' %}" class="img-responsive" alt="Banner image">#}
+{#                    </div>#}
+{#                </div>#}
             </div>
 
             <div class="row">
-                <div class="col-md-6"></div>
-                <div class="col-md-6">
-                    <h3>QosCosGrid jest super!</h3>
+                <div class="col-md-offset-2 col-md-8">
+                    <h3>PL-GRID</h3>
 
-                    {% lorem 1 p %}
+                    <p>
+                        <img src="{% static 'qcg/img/plgrid_logo.png' %}" class="img-responsive pull-right" alt="Banner image">
+                        Polska Infrastruktura Gridowa została zbudowana w ramach projektu PL-Grid, w celu dostarczenia polskiej społeczności naukowej platformy informatycznej opartej na klastrach komputerów, służących e-Science w różnych dziedzinach. Infrastruktura wspiera badania naukowe poprzez integrację danych doświadczalnych i wyników zaawansowanych symulacji komputerowych prowadzonych przez geograficznie rozproszone zespoły. Infrastruktura PL-Grid umożliwia polskim naukowcom prowadzenie badań naukowych w oparciu o symulacje i obliczenia dużej skali z wykorzystaniem klastrów komputerów oraz zapewnia wygodny dostęp do rozproszonych zasobów komputerowych.
+                    </p>
                 </div>
             </div>
 
             <p class="text-center" style="margin: 20px 0">
-                <a class="btn btn-lg btn-primary" href="#" role="button">Zaloguj się korzystając z OpenID</a>
+                <a class="btn btn-lg btn-primary" href="{% url 'openid-login' %}" role="button">Zaloguj się korzystając z OpenID</a>
             </p>
 
         {% endblock container %}

diff --git a/qcg/templates/qcg/logout.html b/qcg/templates/qcg/logout.html
new file mode 100644 (file)
index 0000000..617121f
--- /dev/null
+++ b/qcg/templates/qcg/logout.html
@@ -0,0 +1,15 @@
+{% extends 'qcg/base.html' %}
+
+{% block container %}
+    <h1 class="page-header">{% block title %}Wylogowano{% endblock %}</h1>
+
+    <p>Powrót do:
+        {% if return_to %}
+            <a href="{{ return_to }}" class="btn btn-default">poprzedniej strony</a>
+            lub
+        {% endif %}
+        <a href="{% url 'index' %}" class="btn btn-default">strony głównej</a>.
+    </p>
+
+    <iframe src="https://openid.plgrid.pl/logout" hidden></iframe>
+{% endblock %}

diff --git a/qcg/urls.py b/qcg/urls.py
index caa6139..c48f41b 100644 (file)
--- a/qcg/urls.py
+++ b/qcg/urls.py
@@ -1,8 +1,12 @@
-from django.conf.urls import patterns, url
+from django.conf.urls import patterns, url, include
 
 from qcg import views
 
 urlpatterns = patterns('',
+    url(r'^openid/login/', views.openid_login, name='openid-login'),
+    url(r'^openid/logout/', 'django.contrib.auth.views.logout', {'template_name': 'qcg/logout.html'}, name='logout'),
+    url(r'^openid/', include('django_openid_auth.urls')),
+
     url(r'^$', views.index, name='index'),
     url(r'^jobs/$', views.jobs_list, name='jobs'),
     url(r'^job/$', views.job_details, name='job'),

diff --git a/qcg/views.py b/qcg/views.py
index 9476197..bff6d17 100644 (file)
--- a/qcg/views.py
+++ b/qcg/views.py
@@ -1,10 +1,40 @@
+from django.conf import settings
+from django.contrib.auth import REDIRECT_FIELD_NAME
+from django.core.urlresolvers import reverse
+from django.http import HttpResponse
 from django.shortcuts import render
+from django.utils.http import urlencode
+from django_openid_auth.views import make_consumer
+from openid.extensions import ax
 
 
 def index(request):
     return render(request, 'qcg/base.html')
 
 
+def openid_login(request):
+    openid_request = make_consumer(request).begin(settings.OPENID_SSO_SERVER_URL)
+
+    fetch_request = ax.FetchRequest()
+    for (attr, alias) in [('http://axschema.org/namePerson/friendly', 'nickname'),
+                          ('http://axschema.org/contact/email', 'email'),
+                          ('http://axschema.org/namePerson', 'fullname'),
+                          # ('http://openid.plgrid.pl/certificate/proxy', 'proxy'),
+                          # ('http://openid.plgrid.pl/certificate/userCert', 'userCert'),
+                          # ('http://openid.plgrid.pl/certificate/proxyPrivKey', 'proxyPrivKey'),
+                          ('http://openid.plgrid.pl/POSTresponse', 'POSTresponse')]:
+        fetch_request.add(ax.AttrInfo(attr, alias=alias, required=True))
+    openid_request.addExtension(fetch_request)
+
+    return_to = request.build_absolute_uri(reverse('openid-complete'))
+
+    redirect_to = request.GET.get(REDIRECT_FIELD_NAME)
+    if redirect_to:
+        return_to += '?' + urlencode({REDIRECT_FIELD_NAME: redirect_to})
+
+    return HttpResponse(openid_request.htmlMarkup(request.build_absolute_uri('/'), return_to))
+
+
 def jobs_list(request):
     return render(request, 'qcg/jobs.html')
 

diff --git a/requirements.txt b/requirements.txt
index 9123ed7..f27deb6 100644 (file)
--- a/requirements.txt
+++ b/requirements.txt
@@ -1,2 +1,4 @@
 Django
 django-grappelli
+pkgs/django-openid-auth-0.5.1.tar.gz
+python-openid