Metadata-Version: 2.1
Name: django-sso
Version: 1.0.4.2
Summary: Django Single Sign-On implementation
Home-page: https://github.com/davidhaker/django-sso
Author: DAVIDhaker
Author-email: me@davidhaker.ru
License: UNKNOWN
Description: # Django SSO (Single Sign-On) v1.0.0a
        
        Realization of SSO for Django. 
        
        This library contains two modules.
        
        - <u>Server</u> side - `django_sso.gate` module
        - <u>Service</u> side module - `django_sso`.`service`
        
        
        
        ### Concept
        
        Conception of module requires Django user subsystem and Django session subsystem - supports custom classes, but he must be based on classical Django classes (AbstractUser / AbstractBaseUser, etc..). This means that you have two ways. One: Do nothing, just install library to server/client and use it. Two: Create own user models based on abstract user classes (models).
        
        One side - server with all accounts. Two side - many services, who can communicate with SSO server and accept from it base user information.
        
        
        
        ## Integration
        
        #### Server side
        
        1) Add to `INSTALLED_APPS` `django_sso`.`gate`
        
        ```python
        # project/settings.py
        INSTALLED_APPS = [
            # ...
            'django_sso.gate',
        ]
        ```
        
        
        
        2) Migrate server models
        
        ```python
        ./manage.py migrate gate
        ```
        
        
        
        3) Add urls to project:
        
        ```python
        # project/urls.py
        
        urlpatterns = [
        	# ...,
        	path('', include('django_sso.gate.urls')),
        ]
        ```
        
        
        
        4) In the admin panel you can see now new section, named `SINGLE SIGN-ON`. And in `External services` you should be create new. With next fields:
        
        - `Name` - Human name of service
        - `Base url` - URL for redirects and access to service endpoints from server side. (Like https://your-service.example).
        - `Enabled` - Are external service active. (Inactive services can’t communicate with server side and server side can’t communicate with it)
        - `Token` - Automatically generated token you should past to `settings.py ` to your service to `SSO_TOKEN` variable.
        
        
        
        Then server side is ready to use!
        
        
        
        #### Client side
        
        When library app attached to client side app. Admin login form will overridden with same view as `login/` in client side.
        
        1) Add `django_sso`.`service` to `INSTALLED_APPS` 
        
        ```python
        # project/settings.py
        INSTALLED_APPS = [
            # ...
            'django_sso.service',
        ]
        ```
        
        
        
        2) Add urls to service application
        
        ```python
        # project/urls.py
        
        urlpatterns = [
            # ...,
            path('', include('django_sso.service.urls')),    
        ]
        ```
        
        
        
        3) Setup settings variables
        
        ```python
        # project/settings.py
        
        # Django variable. URL for unlogged users. We redirect it to our view.
        LOGIN_URL = '/login/'
        
        # Specify SSO server base url
        SSO_ROOT = 'https://sso.project.test'
        
        # Specify application token obtained in SSO server in the admin panel
        SSO_TOKEN = 'reej8Vt5kbCPJM9mZQqYsvfxC...'
        ```
        
        
        
        ## Structure
        
        #### Server side urls
        
        - `login/` - central login form (you can override template `django_sso/login.html`) 
        - `logout/` - central logout view. Clear all sessions on all resources for user
        
        Internal library urls (endpoints for services):
        
        - `sso/obtain/` - obtain <u>authorization request</u>
        - `sso/get/` - get SSO token information. (Is authorized for this token? Get user identity from token. etc..)
        - `sso/make_used/` - after successful authentication on client side need to mark authorization request as used.
        - `sso/deauthenticate/` - services sends deauthentication requests to SSO-server. SSO server broadcasts all services to deauthenticate user
        - `welcome/` - sample view for testing. For logged and unlogged users.
        
        
        
        #### Client side urls
        
        - `login/` - login form. Intermediate form. Obtains authentication request, and redirects to SSO server `/login`. 
        - `logout/` - Does deauthenticate user and cast deauthentication event to SSO-server (to `sso/deauthenticate/` on server side).
        - `sso/test/` - Page for test SSO mechanism immediately after install `django_sso`. When you open it in browser: If user are logged in - shows his name or redirect to SSO server and comes back after successful authentication.
        
        Library urls for internal usage (endpoints for SSO-server side)
        
        - `sso/push/` - After successful authenticate SSO-server sends to this endpoint basic information about 
        
        - `sso/accept/` - User after successful authentication comes back. SSO-server redirect it to this URL for make Django authorization. Then after session is up - browser will redirect to the next URL.
        - `sso/deauthenticate/` - Acceptor for deauthentication messages from server side.
        
        
        
        # To do and coming fixes
        
        - Access control to subordinated services. Possibility to set available services for single user.
        
        - Any changes of user model must be immediately sent do subordinated services.
        
        
        
        # Support
        
        This library in alpha version. Don’t panic. This are draft version. Next time will uploaded fully documented clean version. Plans - make it more better and finish. Also i wanna to make later visual illustrations of logic.
        
        You can support me via
        
        Ethereum: 0x2BD7aA911861029feB08430EEB9a36DC9a8A14d2 (also accept any token :-) )
        
        BUSD/BNB or any token (**BEP20**):  0x74e47ae3A26b8C5cD84d181595cC62723A1B114E
        
        
        
        Any thinks: me@davidhaker.ru
        
        With love to open source!
Keywords: Django SSO Single Sign-On
Platform: UNKNOWN
Requires-Python: >=3
Description-Content-Type: text/markdown
