django_cas_ng Module Documentation

Module contents

Django CAS 1.0/2.0 authentication backend

Submodules

django_cas_ng.backends module

CAS authentication backend

class django_cas_ng.backends.CASBackend[source]

Bases: django.contrib.auth.backends.ModelBackend

CAS authentication backend

authenticate(request: django.http.request.HttpRequest, ticket: str, service: str) → django.contrib.auth.models.User[source]

Verifies CAS ticket and gets or creates User object

Returns

[User] Authenticated User object or None if authenticate failed.

bad_attributes_reject(request: django.http.request.HttpRequest, username: str, attributes: Mapping[str, str])[source]

Rejects a user if the returned username/attributes are not OK.

Returns

[boolean] True/False. Default is False.

clean_username(username: str) → str[source]

Performs any cleaning on the username prior to using it to get or create the user object.

By default, changes the username case according to settings.CAS_FORCE_CHANGE_USERNAME_CASE.

Parameters

username – [string] username.

Returns

[string] The cleaned username.

configure_user(user: django.contrib.auth.models.User) → django.contrib.auth.models.User[source]

Configures a user after creation and returns the updated user.

This method is called immediately after a new user is created, and can be used to perform custom setup actions.

Parameters

user – User object.

Returns

[User] The user object. By default, returns the user unmodified.

get_user_id(attributes: Mapping[str, str]) → str[source]

For use when CAS_CREATE_USER_WITH_ID is True. Will raise ImproperlyConfigured exceptions when a user_id cannot be accessed. This is important because we shouldn’t create Users with automatically assigned ids if we are trying to keep User primary key’s in sync.

Returns

[string] user id.

django_cas_ng.decorators module

Replacement authentication decorators that work around redirection loops

django_cas_ng.decorators.login_required(function=None, redirect_field_name='next', login_url=None)[source]

Decorator for views that checks that the user is logged in, redirecting to the log-in page if necessary.

django_cas_ng.decorators.permission_required(perm: str, login_url: str = None)[source]

Replacement for django.contrib.auth.decorators.permission_required that returns 403 Forbidden if the user is already logged in.

django_cas_ng.decorators.user_passes_test(test_func, login_url=None, redirect_field_name: str = 'next')[source]

Replacement for django.contrib.auth.decorators.user_passes_test that returns 403 Forbidden if the user is already logged in.

django_cas_ng.middleware module

CAS authentication middleware

class django_cas_ng.middleware.CASMiddleware(get_response=None)[source]

Bases: django.utils.deprecation.MiddlewareMixin

Middleware that allows CAS authentication on admin pages

process_request(request)[source]

Checks that the authentication middleware is installed

process_view(request, view_func, view_args, view_kwargs)[source]

Forwards unauthenticated requests to the admin page to the CAS login URL, as well as calls to django.contrib.auth.views.login and logout.

django_cas_ng.models module

exception django_cas_ng.models.ProxyError[source]

Bases: ValueError

class django_cas_ng.models.ProxyGrantingTicket(id, session_key, user, pgtiou, pgt, date)[source]

Bases: django.db.models.base.Model

exception DoesNotExist

Bases: django.core.exceptions.ObjectDoesNotExist

exception MultipleObjectsReturned

Bases: django.core.exceptions.MultipleObjectsReturned

classmethod clean_deleted_sessions() → None[source]
date

A wrapper for a deferred-loading field. When the value is read from this object the first time, the query is executed.

get_next_by_date(*, field=<django.db.models.fields.DateTimeField: date>, is_next=True, **kwargs)
get_previous_by_date(*, field=<django.db.models.fields.DateTimeField: date>, is_next=False, **kwargs)
id

A wrapper for a deferred-loading field. When the value is read from this object the first time, the query is executed.

objects = <django.db.models.manager.Manager object>
pgt

A wrapper for a deferred-loading field. When the value is read from this object the first time, the query is executed.

pgtiou

A wrapper for a deferred-loading field. When the value is read from this object the first time, the query is executed.

classmethod retrieve_pt(request: django.http.request.HttpRequest, service: str) → str[source]

request should be the current HttpRequest object service a string representing the service for witch we want to retrieve a ticket. The function return a Proxy Ticket or raise ProxyError

session_key

A wrapper for a deferred-loading field. When the value is read from this object the first time, the query is executed.

user

Accessor to the related object on the forward side of a many-to-one or one-to-one (via ForwardOneToOneDescriptor subclass) relation.

In the example:

class Child(Model):
    parent = ForeignKey(Parent, related_name='children')

Child.parent is a ForwardManyToOneDescriptor instance.

user_id
class django_cas_ng.models.SessionTicket(id, session_key, ticket)[source]

Bases: django.db.models.base.Model

exception DoesNotExist

Bases: django.core.exceptions.ObjectDoesNotExist

exception MultipleObjectsReturned

Bases: django.core.exceptions.MultipleObjectsReturned

classmethod clean_deleted_sessions() → None[source]
id

A wrapper for a deferred-loading field. When the value is read from this object the first time, the query is executed.

objects = <django.db.models.manager.Manager object>
session_key

A wrapper for a deferred-loading field. When the value is read from this object the first time, the query is executed.

ticket

A wrapper for a deferred-loading field. When the value is read from this object the first time, the query is executed.

django_cas_ng.signals module

django_cas_ng.views module

CAS login/logout replacement views

class django_cas_ng.views.LoginView(**kwargs)[source]

Bases: django.views.generic.base.View

dispatch(request, *args, **kwargs)[source]
get(request)[source]

Forwards to CAS login URL or verifies CAS ticket

Parameters

request

Returns

post(request)[source]
successful_login(request, next_page)[source]

This method is called on successful login. Override this method for custom post-auth actions (i.e, to add a cookie with a token).

Parameters
  • request

  • next_page

Returns

class django_cas_ng.views.LogoutView(**kwargs)[source]

Bases: django.views.generic.base.View

get(request)[source]

Redirects to CAS logout page

Parameters

request

Returns

class django_cas_ng.views.CallbackView(**kwargs)[source]

Bases: django.views.generic.base.View

Read PGT and PGTIOU sent by CAS

dispatch(request, *args, **kwargs)[source]
get(request)[source]
post(request)[source]