Skip to content
Single Sign On solution Django's admin using Google OAuth2
Branch: master
Clone or download
#2 Compare This branch is 46 commits ahead, 2 commits behind frog32:master.
Fetching latest commit…
Cannot retrieve the latest commit at this time.
Permalink
Type Name Latest commit message Commit time
Failed to load latest commit information.
admin_sso
example
.coveragerc
.gitignore
.travis.yml
AUTHORS
LICENSE
MANIFEST.in
README.rst
manage.py
setup.cfg
setup.py
test_requirements.txt

README.rst

Django admin SSO

https://travis-ci.org/matthiask/django-admin-sso.png?branch=master

Django admin SSO lets users login to Django's administration panel using an OAuth2 provider instead of a username/password combination.

Installation

django-admin-sso is most often used with Google OAuth2 and the instructions follow that assumption. At least in theory it is possible to use a different OAuth2 provider.

  1. Make sure you have a working Django project setup.

  2. Install django-admin-sso using pip:

    pip install django-admin-sso
    
  3. Add admin_sso to INSTALLED_APPS in your settings.py file:

    INSTALLED_APPS = (
        ...
        'admin_sso',
        ...
    )
    
  4. Add the django-admin authentication backend:

    AUTHENTICATION_BACKENDS = (
        'admin_sso.auth.DjangoSSOAuthBackend',
        'django.contrib.auth.backends.ModelBackend',
    )
    
  5. Insert your OAuth2 client id and secret key into your settings file:

    DJANGO_ADMIN_SSO_OAUTH_CLIENT_ID = 'your client id here'
    DJANGO_ADMIN_SSO_OAUTH_CLIENT_SECRET = 'your client secret here'
    

Navigate to Google's Developer Console, create a new project, and create a new client ID under the menu point "APIs & AUTH", "Credentials". The redirect URI should be of the form http://example.com/admin/admin_sso/assignment/end/

  1. Run ./manage.py migrate to create the needed database tables.
  2. Log into the admin and add an Assignment.

Assignments

Any Remote User -> Local User X

  • Select Username mode "any".
  • Set Domain to your authenticating domain.
  • Select your local user from the User drop down.

Remote User -> Local User

  • Select Username mode "matches" or "don't match".
  • Set username to [not] match by.
  • Set Domain to your authenticating domain.
  • Select your local user from the User drop down.

Changelog

2.4

  • Official support for Django 1.11.

2.3

  • Raised the minimum supported Django version to the LTS version, 1.8.
  • Avoid deprecation warnings with Django 1.10.

2.2

  • Official support for Django 1.10 (no changes were necessary)
  • Made the admin panel usable on sites with many users.

2.1

  • Removed support for OpenID
  • Python 3 compatible
  • Dropped support for Django versions older than 1.7
  • Continued development as django-admin-sso (2.0.x versions were released independently as django-admin-sso2)

1.0

You can’t perform that action at this time.