# Django microsoft authentication
It is a very simple app which uses Microsoft authentication for user login and
admin panel login. It uses the Microsoft authentication library for Python (msal).
## Installation
Standard pip install:
```bash
pip install django-microsoft-authentication
```
## Configuration
* First create an App in https://portal.azure.com/#home. There one needs to create set up for authentication. The details can be found here:
* https://docs.microsoft.com/en-us/azure/api-management/api-management-howto-protect-backend-with-aad
* https://docs.microsoft.com/en-us/azure/app-service/configure-authentication-provider-microsoft
* Add the following microsoft app authentication configuration to settings.py file. (e.g. below, please replace redirect and logout_uri with correct domain)
```python
MICROSOFT = {
"app_id": "YOUR_APP_ID_HERE",
"app_secret": "YOUR_APP_SECRET_HERE",
"redirect": "http://localhost:8000/microsoft_authentication/callback",
"scopes": ["user.read"],
"authority": "https://login.microsoftonline.com/common", # or using tenant "https://login.microsoftonline.com/{tenant}",
"valid_email_domains": ["<list_of_valid_domains>"],
"logout_uri": "http://localhost:8000/admin/logout"
}
```
* Add the following line to settings.py to change the LOGIN_URL and LOGIN_REDIRECT_URL settings.
```python
LOGIN_URL = "/microsoft_authentication/login"
LOGIN_REDIRECT_URL = "/admin" # optional and can be changed to any other url
```
* Add 'microsoft_authentication' to INSTALLED_APPS
* Add the following to the project/urls.py
```python
from django.contrib import admin
from django.urls import path, include
urlpatterns = [
path('admin/', admin.site.urls),
# Add the following line
path('microsoft_authentication/', include('microsoft_authentication.urls'))
]
```
## How it works?
1. It authenticates the user using their microsoft email and microsoft authentication.
2. It also verifies if the domain of the microsoft authenticated email is also in MICROSOFT["valid_email_domains"]
3. After the first two steps of authentication, if the user is not found, it creates a new user but with no access to any apps in admin panel.
4. Superusers can assign User Groups to the users for Group based access to views.
## Quickstart
This app provides a decorator which can be used as follows:
```python
from django.http import HttpResponse
from microsoft_authentication.auth.auth_decorators import microsoft_login_required
@microsoft_login_required()
def home(request):
return HttpResponse("Logged in")
# If pages need to be restricted to certain groups of users.
@microsoft_login_required(groups=("SpecificGroup1", "SpecificGroup2")) # Add here the list of Group names
def specific_group_access(request):
return HttpResponse("You are accessing page which is accessible only to users belonging to SpecificGroup1 or SpecificGroup2")
```
### Troubleshooting during development
* Use http://localhost:8000 instead of http://127.0.0.1:8000 because session cookies
are set differently for these urls.
Raw data
{
"_id": null,
"home_page": "https://github.com/ulisses1478/django-microsoft-authentication",
"name": "django-microsoft-auth-sync",
"maintainer": "",
"docs_url": null,
"requires_python": "",
"maintainer_email": "",
"keywords": "django,microsoft,authentication",
"author": "Shubham Dipt | Ulisses1478",
"author_email": "shubham.dipt@gmail.com",
"download_url": "",
"platform": "any",
"description": "# Django microsoft authentication\n\nIt is a very simple app which uses Microsoft authentication for user login and \nadmin panel login. It uses the Microsoft authentication library for Python (msal).\n\n\n## Installation\n\nStandard pip install:\n\n```bash\npip install django-microsoft-authentication\n```\n\n\n## Configuration\n\n* First create an App in https://portal.azure.com/#home. There one needs to create set up for authentication. The details can be found here: \n * https://docs.microsoft.com/en-us/azure/api-management/api-management-howto-protect-backend-with-aad\n * https://docs.microsoft.com/en-us/azure/app-service/configure-authentication-provider-microsoft\n* Add the following microsoft app authentication configuration to settings.py file. (e.g. below, please replace redirect and logout_uri with correct domain)\n\n\n```python\nMICROSOFT = {\n \"app_id\": \"YOUR_APP_ID_HERE\",\n \"app_secret\": \"YOUR_APP_SECRET_HERE\",\n \"redirect\": \"http://localhost:8000/microsoft_authentication/callback\",\n \"scopes\": [\"user.read\"],\n \"authority\": \"https://login.microsoftonline.com/common\", # or using tenant \"https://login.microsoftonline.com/{tenant}\",\n \"valid_email_domains\": [\"<list_of_valid_domains>\"],\n \"logout_uri\": \"http://localhost:8000/admin/logout\"\n}\n```\n\n\n* Add the following line to settings.py to change the LOGIN_URL and LOGIN_REDIRECT_URL settings. \n\n```python\nLOGIN_URL = \"/microsoft_authentication/login\"\nLOGIN_REDIRECT_URL = \"/admin\" # optional and can be changed to any other url\n```\n\n\n* Add 'microsoft_authentication' to INSTALLED_APPS\n* Add the following to the project/urls.py\n\n```python\nfrom django.contrib import admin\nfrom django.urls import path, include\n\nurlpatterns = [\n path('admin/', admin.site.urls),\n # Add the following line\n path('microsoft_authentication/', include('microsoft_authentication.urls'))\n]\n```\n\n\n## How it works?\n\n1. It authenticates the user using their microsoft email and microsoft authentication.\n2. It also verifies if the domain of the microsoft authenticated email is also in MICROSOFT[\"valid_email_domains\"] \n3. After the first two steps of authentication, if the user is not found, it creates a new user but with no access to any apps in admin panel.\n4. Superusers can assign User Groups to the users for Group based access to views.\n\n\n## Quickstart\n\nThis app provides a decorator which can be used as follows:\n\n```python\nfrom django.http import HttpResponse\nfrom microsoft_authentication.auth.auth_decorators import microsoft_login_required\n\n\n@microsoft_login_required()\ndef home(request):\n return HttpResponse(\"Logged in\")\n\n# If pages need to be restricted to certain groups of users.\n@microsoft_login_required(groups=(\"SpecificGroup1\", \"SpecificGroup2\")) # Add here the list of Group names\ndef specific_group_access(request):\n return HttpResponse(\"You are accessing page which is accessible only to users belonging to SpecificGroup1 or SpecificGroup2\")\n\n```\n\n### Troubleshooting during development\n\n* Use http://localhost:8000 instead of http://127.0.0.1:8000 because session cookies \n are set differently for these urls.\n",
"bugtrack_url": null,
"license": "MIT",
"summary": "Django based app for Microsoft authentication of users.",
"version": "0.1.8",
"split_keywords": [
"django",
"microsoft",
"authentication"
],
"urls": [
{
"comment_text": "",
"digests": {
"md5": "c64cd2b6de713596b3b4dd35295e2fc0",
"sha256": "e6b988f5e248f8f0d8f18b9f54547e38e405a161d13184cfda95ada10df5459a"
},
"downloads": -1,
"filename": "django_microsoft_auth_sync-0.1.8-py3-none-any.whl",
"has_sig": false,
"md5_digest": "c64cd2b6de713596b3b4dd35295e2fc0",
"packagetype": "bdist_wheel",
"python_version": "py3",
"requires_python": null,
"size": 7779,
"upload_time": "2022-12-14T16:33:33",
"upload_time_iso_8601": "2022-12-14T16:33:33.060247Z",
"url": "https://files.pythonhosted.org/packages/2d/f7/4c2e82ec9f5ccf03de4be5484bf10108554be9ed2b103c0cc8d5e8517b80/django_microsoft_auth_sync-0.1.8-py3-none-any.whl",
"yanked": false,
"yanked_reason": null
}
],
"upload_time": "2022-12-14 16:33:33",
"github": true,
"gitlab": false,
"bitbucket": false,
"github_user": "ulisses1478",
"github_project": "django-microsoft-authentication",
"travis_ci": false,
"coveralls": false,
"github_actions": false,
"requirements": [],
"lcname": "django-microsoft-auth-sync"
}
JSON
