AutomaticAuthentication

Features

Display the ARKID login page (password、Before mobile phone)，The system will traverse the automatic login plug -in (such as Keberos) authenticate method，If one of the plug -in certification is successful，Then you can log in immediately

Implementation

• Call the ARKID system before entering the ARKID system /api/v1/login/ interface，In the processing function of this interface，URL Query Params and /api/v1/login_process/ Parameter rendering templates/login_enter.html Template returns to the browser，JavaScript code in the browser execution template， Judge URL Query Parmas Whether there is token， If there is，Save in LocalStorage，if there is not，Take the token in LocalStorage，At last，Reset to the browser to /api/v1/login_process And bring token and url Query Parmas as query parameters
• Enter /api/v1/login_process/After the processing function of the interface，Will determine whether there is token in the query parameter，If there is token，After verifying Token is valid，If there is NEXT in the query parameter, Direct redirection to the URL pointed by Next，If not, redirect to the front -end login page；If there is no token or token, it will fail， Then distribute auto_Login event，And traverse the event distribution back result，If one of the automatic authentication plug -in certification is successful and returned to User，Then refresh the user token，Bring token redirection /api/v1/login/ ，If all automatic authentication plugins have failed to authenticate，Reset to the front -end login page

Abstract method

• authenticate

Hint

authenticate The certification should be returned to User, If it fails to return to None，If similar Kerberos certification, you need to enter Authenticate twice，The first time you should enter should be returned to httpResponse The status code is 401

Foundation definition

arkid.core.extension.auto_auth.AutoAuthExtension (Extension)

Source code in arkid/core/extension/auto_auth.py

class AutoAuthExtension(Extension):

    TYPE = "auto_auth"

    composite_schema_map = {}
    created_composite_schema_list = []
    composite_key = 'type'
    composite_model = TenantExtensionConfig

    @property
    def type(self):
        return AutoAuthExtension.TYPE

    def load(self):
        self.listen_event(core_event.AUTO_LOGIN, self.authenticate)

        super().load()

    @abstractmethod
    def authenticate(self, event, **kwargs):
        """
        抽象方法
        Args:
            event (arkid.core.event.Event): 自动认证事件
        Returns:
            Union[arkid.core.models.User, django.http.HttpResponse, None]: 自动认证返回结果
        """
        pass

    def register_auto_auth_schema(self, schema, auto_auth_type):
        self.register_config_schema(schema, self.package + '_' + auto_auth_type)
        self.register_composite_config_schema(
            schema, auto_auth_type, exclude=['extension']
        )

composite_model (BaseModel) django-model

TenantExtensionConfig(id, is_del, is_active, updated, created, tenant, extension, config, name, type)

Source code in arkid/core/extension/auto_auth.py

class TenantExtensionConfig(BaseModel):

    class Meta(object):
        verbose_name = _("插件运行时配置")
        verbose_name_plural = _("插件运行时配置")

    tenant = models.ForeignKey('core.Tenant', blank=False, on_delete=models.PROTECT, verbose_name=_('租户'))
    extension = models.ForeignKey('Extension', blank=False, on_delete=models.PROTECT, verbose_name=_('插件'))
    config = models.JSONField(blank=True, default=dict, verbose_name=_('Runtime Config','运行时配置'))
    name = models.CharField(max_length=128, default='', verbose_name=_('名称'))
    type = models.CharField(max_length=128, default='', verbose_name=_('类型'))

config: JSONField blank django-field

Runtime Config

created: DateTimeField blank django-field nullable

创建时间

extension: ForeignKey django-field

插件

id: UUIDField django-field

ID

is_active: BooleanField django-field

是否可用

is_del: BooleanField django-field

是否删除

name: CharField django-field

名称

tenant: ForeignKey django-field

租户

type: CharField django-field

类型

updated: DateTimeField blank django-field nullable

更新时间

authenticate(self, event, **kwargs)

抽象方法

Parameters:

Name	Type	Description	Default
event	arkid.core.event.Event	自动认证事件	required

Returns:

Type	Description
Union[arkid.core.models.User, django.http.HttpResponse, None]	自动认证返回结果

Source code in arkid/core/extension/auto_auth.py

@abstractmethod
def authenticate(self, event, **kwargs):
    """
    抽象方法
    Args:
        event (arkid.core.event.Event): 自动认证事件
    Returns:
        Union[arkid.core.models.User, django.http.HttpResponse, None]: 自动认证返回结果
    """
    pass

load(self)

抽象方法，插件加载的入口方法

Source code in arkid/core/extension/auto_auth.py

def load(self):
    self.listen_event(core_event.AUTO_LOGIN, self.authenticate)

    super().load()

评论