Possible to use django authentication for standalone YouTrack - django

I love PyCharm, so I thought I'd give YouTrack a try.
I used run-docker-container-as-service instruction, and I was able to create a service. I can start and stop the service with no issues.
Using a browser, I was able to do configuration, I can create users, issues, etc.
On the same system (Ubuntu 18.04.3 LTS) I'm also running a django application. I would like for my django application users to submit issues, check status on issues, and possibly update issues they have submitted.
I want to make it as simple for my users as possible, so I would like to use django authentication for my YouTrack. That way, once a user is logged into my application, they don't need to go through a separate authentication process to use YouTrack.
It seems YouTrack offers multiple different authentication methods, but I don't see a django option. Is it possible?

Unfortunately, there is no option to use Django authentication for YouTrack. The only option that came to my mind is a vice versa scenario with configuring YouTrack as a SSO provider and use the django plugin for your application for authentication purposes.

Related

Django REST authentication with React/ Redux

I am building a web app with a Django backend and React/Redux frontend running on separate servers. I have begun to try and start working on authentication and I cannot find a tutorial that suits my needs. Every tutorial either uses deprecated modules like drf-jwt (as opposed to simple-jwt) or has a simple mono-server that houses both the backend and the frontend in one directory. The former is useless and I do not want to do the latter as I like having the two separate servers for when I move on to deployment. Now can someone direct me to a good source of knowledge for getting this done? It doesn't have to be a tutorial it can be anything. I am really lost and I do not know how to begin.
you can use 3rd party packages djoser: Provides a set of views to handle basic actions such as registration, login, logout, password reset and account activation. for more information: https://pypi.org/project/djoser/
I'm using token authentication from Django Rest Framework so, after a login/password verification, the token on response can be used on any DRF endpoint.

Cross Platform Single Sign On

Want to know some best ways how to achieve Single Sign On for cross platform django projects. I have a monolithic application which is getting converted to Multi Tenant system. The core part of the monolithic application is converted and divided into micro services but there are portions and part of monolithic application which will take time to get converted.
So currently I cannot remove monolithic application hence needed a way to implement Single Sign On for these two application running in parallel.
Monolithic Stack:- Python, Django1.10, mysql,
MultiTenantSystem Stack :- Python, Django2.1, Postgres
Some references :-
https://github.com/aldryn/django-simple-sso
https://medium.com/#MicroPyramid/django-single-sign-on-sso-to-multiple-applications-64637da015f4
I would recommand working with OpenID Connect or SAML.
At work we are currently using django-oidc-provider with some business customization of course. This allows you to serve a single sign-on across multiple platforms.
The way it works is having a central authentication server that handles all logins and redirects the user to clients, which then again, exchange for an access-token and/or id-token. How to implement the access token from here varies, but for your sake the back-end middleware would fetch user info from the authentication server, and give the user a session cookie for your service related to the user info just fetched.
Or even better, use id-tokens. That way you dont need to ask for user info from the authentication server as these are JWT and can be verified by cryptography.
For more info you can checkout the OpenID website.

user-authentication from remote site?

I am building a tool, in django, for a client's web site.
The tool I am building requires users to be signed in to an existing account.
User-authentication is handled by legacy software on another vendor's servers.
I can contact the programmer who wrote the legacy software (I am unsure of their development environment), but I am not sure what to ask for -- what hooks, api, rpc, etc. do I want?
Is there a design pattern for this type of situation? And what features of django should I use or extend to make this as straightforward as possible? REMOTE_USER sounds like the right thing, but I am not sure how I would use it in this case.
I'd recommend using jquery requests. You can send the username and password (encrypted, of course) to the remote site and get back a cookie/session key.
If you have access to the database, I'd also recommend doing that. For example, if the remote host is using MySQL, ask to have a view created for your user and then you can authenticate directly. With this approach, however, you may have to set up a MySQL connection outside of settings.py.
Two approaches:
1) API: If they have released their API, it would be much more simpler, you authenticate user using their API.
2) Expose Database: If they don't have API, they should must give their access to their database so that you can go in and authenticate. But while doing this keep in mind several things: Django authenticate() won't work, because by default authenticate method authenticates again auth_user table. You can of course manually authenticate using your own logic but that would be problem too: you have to create your own sessions and stuffs. So your option is to use custom user models (only available from Django 1.5) in Django.
I am sure other may have better solution than this.

How to handle client authentication for secure web service in Delphi?

I have a SharePoint server running on my network and I am trying to build an app in Delphi which allows me to access the various SharePoint Web Services hosted there.
Running my app on the same network as the SharePoint server works fine, however, when I attempt to run it on a VM which is not part of the same Domain I can't get authenticated. I was looking for some advice as to how I should be handling authentication for this type of scenario, more specifically, should I be prompting the user for their credentials or is there some built in security model I can use for this?
Ideally I would like to try avoid dealing with Usernames & Passwords in my app and let the OS handle that sort of thing, however, at the moment I can't seem to see any other way around this.
After some investigation, for my particular scenario I decided that the best approach would be to use WinINet. I chose this approach over Indy because after some thorough investigation I found Indy did have some bugs & also it didn't have all the authentication handling we needed built in.
WinINet supports prompting for credentials & automatically authenticating across the wire. See Handling Authentication.

Django + Google SSO openid

I would like to have my application http://app.acquee.com/designer to accept a google account as a login. I found a bunch of libs for django but most work on top of existing Django authentication system that I do not use. I have my own set of user tables where I keep user info and privileges.
Any suggestion on how to integrate that with the Google Openid?
Seems I will have to do it manually using python-openid. Or could I use django-openid?
However, with the latter, I don't even know how to issue the discover command.
Regardless, I get stuck on google's step 5, sending a login authentication request (optionally with OAuth parameters) to the provided endpoint address. Can someone provide a sample request? is it a GET/POST? content?
Cheers
You can try https://launchpad.net/django-openid-auth - I'm using it in a commercial project, for both regular Google Accounts and Google Apps accounts. I remember that it was the most convincing one at the time I was doing a review, although I can't give you any details now due to my short memory. Anyway - it's working great.