P8JrpEGD

· 7 years ago · Nov 24, 2018, 06:54 PM
1import os
2
3## ldap changes
4import ldap
5from django_auth_ldap.config import LDAPSearch, NestedActiveDirectoryGroupType
6### end
7
8# Build paths inside the project like this: os.path.join(BASE_DIR, ...)
9BASE_DIR = os.path.dirname(os.path.dirname(os.path.abspath(__file__)))
10
11
12# Quick-start development settings - unsuitable for production
13# See https://docs.djangoproject.com/en/2.1/howto/deployment/checklist/
14
15# SECURITY WARNING: keep the secret key used in production secret!
16SECRET_KEY = 'key'
17
18# SECURITY WARNING: don't run with debug turned on in production!
19DEBUG = False
20
21ALLOWED_HOSTS = ["*"]
22
23
24# Application definition
25
26INSTALLED_APPS = [
27    'django.contrib.admin',
28    'django.contrib.auth',
29    'django.contrib.contenttypes',
30    'django.contrib.sessions',
31    'django.contrib.messages',
32    'django.contrib.staticfiles',
33]
34
35MIDDLEWARE = [
36    'django.middleware.security.SecurityMiddleware',
37    'django.contrib.sessions.middleware.SessionMiddleware',
38    'django.middleware.common.CommonMiddleware',
39    'django.middleware.csrf.CsrfViewMiddleware',
40    'django.contrib.auth.middleware.AuthenticationMiddleware',
41    'django.contrib.messages.middleware.MessageMiddleware',
42    'django.middleware.clickjacking.XFrameOptionsMiddleware',
43]
44
45ROOT_URLCONF = 'domain_website.urls'
46
47TEMPLATES = [
48    {
49        'BACKEND': 'django.template.backends.django.DjangoTemplates',
50        'DIRS': [],
51        'APP_DIRS': True,
52        'OPTIONS': {
53            'context_processors': [
54                'django.template.context_processors.debug',
55                'django.template.context_processors.request',
56                'django.contrib.auth.context_processors.auth',
57                'django.contrib.messages.context_processors.messages',
58            ],
59        },
60    },
61]
62
63WSGI_APPLICATION = 'domain.wsgi.application'
64
65
66
67DATABASES = {
68    'default': {
69        'ENGINE': 'django.db.backends.mysql',
70        'NAME': 'django',
71        'USER': 'djangouser',
72        'PASSWORD': 'password',
73        'HOST': db_ip,
74        'PORT': '3306'
75    }
76}
77#DATABASES = {
78#    'default': {
79#        'ENGINE': 'django.db.backends.sqlite3',
80#        'NAME': os.path.join(BASE_DIR, 'db.sqlite3'),
81#    }
82#}
83
84
85# Password validation
86# https://docs.djangoproject.com/en/2.1/ref/settings/#auth-password-validators
87
88AUTH_PASSWORD_VALIDATORS = [
89    {
90        'NAME': 'django.contrib.auth.password_validation.UserAttributeSimilarityValidator',
91    },
92    {
93        'NAME': 'django.contrib.auth.password_validation.MinimumLengthValidator',
94    },
95    {
96        'NAME': 'django.contrib.auth.password_validation.CommonPasswordValidator',
97    },
98    {
99        'NAME': 'django.contrib.auth.password_validation.NumericPasswordValidator',
100    },
101]
102
103
104# Internationalization
105# https://docs.djangoproject.com/en/2.1/topics/i18n/
106
107LANGUAGE_CODE = 'en-us'
108
109TIME_ZONE = 'UTC'
110
111USE_I18N = True
112
113USE_L10N = True
114
115USE_TZ = True
116
117
118# Static files (CSS, JavaScript, Images)
119# https://docs.djangoproject.com/en/2.1/howto/static-files/
120
121STATIC_URL = '/static/'
122
123
124# ldap stuff asttempt 2220
125
126AUTHENTICATION_BACKENDS = [
127    'django_auth_ldap.backend.LDAPBackend',
128    'django.contrib.auth.backends.ModelBackend',
129]
130
131AUTH_LDAP_SERVER_URI = "ldap://host.dc.com:389"
132AUTH_LDAP_BIND_DN = "CN=ldap ldap,ou=ldap,dc=domain,dc=com"
133AUTH_LDAP_BIND_PASSWORD = "password"
134
135AUTH_LDAP_USER_SEARCH = LDAPSearch("OU=Users,DC=domain,DC=com",
136    ldap.SCOPE_SUBTREE, "(sAMAccountName=%(user)s)")
137
138AUTH_LDAP_GROUP_SEARCH = LDAPSearch("OU=Groups,DC=domain,DC=com",
139    ldap.SCOPE_SUBTREE, "(objectClass=group)")
140
141AUTH_LDAP_GROUP_TYPE = NestedActiveDirectoryGroupType()
142
143# caching will delay AD change propogation
144AUTH_LDAP_CACHE_GROUPS = True
145AUTH_LDAP_GROUP_CACHE_TIMEOUT = 300
146
147# mapp fields to user model
148AUTH_LDAP_USER_ATTR_MAP = {
149    "first_name": "givenName",
150    "last_name": "sn",
151    "email": "mail"
152}
153
154# ldap logging
155AUTH_LDAP_CONNECTION_OPTIONS = {
156    ldap.OPT_DEBUG_LEVEL: 1,
157    ldap.OPT_REFERRALS: 0,
158}
159
160LOGGING = {
161    'version': 1,
162    'disable_existing_loggers': False,
163    'handlers': {
164        'mail_admins': {
165            'level': 'ERROR',
166            'class': 'django.utils.log.AdminEmailHandler'
167        },
168        'stream_to_console': {
169            'level': 'DEBUG',
170            'class': 'logging.StreamHandler'
171        },
172    },
173    'loggers': {
174        'django.request': {
175            'handlers': ['mail_admins'],
176            'level': 'ERROR',
177            'propagate': True,
178        },
179        'django_auth_ldap': {
180            'handlers': ['stream_to_console'],
181            'level': 'DEBUG',
182            'propagate': True,
183        },
184    }
185}