Skip to content

Authentication Provider

Authentication Providers are developer-supplied code, called by the system during login. It is passed the id/password, and returns a user row and list of roles.

The underlying presumptions:

  1. Multiple systems will share the same authentication data, so this data will be separate from each application

  2. Organizations will utilize a wide variety of techniques to maintain authorization data (databases, LDAP, AD etc), so an open "interface" approach is required.

 

Abstract_Authentication_Provider

To ensure that Authentication-Providers implement the api expected by the system, you should inherit from this class.

 

Configure Authentication Provider

You select the authentication_provider in conf/config.py:

    from security.authentication_provider.sql.auth_provider import Authentication_Provider
    SECURITY_PROVIDER = Authentication_Provider

You can define new authentication providers, e.g. for Active Directory, LDAP, etc.

 

Memory Auth Provider

Provided for quick prototyping.

 

sqlite Auth Provider

This provided to demonstrate a typical sql-based Authentication-Provider.

 

Authentication DB

Note this uses Multi-DB Support.

The database file is security/authentication_provider/sql/authentication_db.sqlite. This database includes:

  • Users
  • Roles (Role and UserRole)
  • User.client_id, to test multi-tenant (the test user is aneu).

authdb