[Update] 支持 OpenID 认证 (#2008)

* [Update] core支持openid登录，coco还不支持 * [Update] coco支持openid登录 * [Update] 修改注释 * [Update] 修改 OpenID Auth Code Backend 用户认证失败返回None, 不是Anonymoususer * [Update] 修改OpenID Code用户认证异常捕获 * [Update] 修改OpenID Auth Middleware, check用户是否单点退出的异常捕获 * [Update] 修改config_example Auth OpenID 配置 * [Update] 登录页面添加更多登录方式 * [Update] 重构OpenID认证架构 * [Update] 修改小细节 * [Update] OpenID用户认证成功后，更新用户来源 * [update] 添加OpenID用户登录成功日志
2026-01-15 14:47:24 +00:00 · 2018-11-09 14:54:38 +08:00
parent 1fcb272ddc
commit e09f3ca4fd
24 changed files with 564 additions and 26 deletions
--- a/apps/users/models/user.py
+++ b/apps/users/models/user.py
@@ -40,9 +40,11 @@ class User(AbstractUser):
    )
    SOURCE_LOCAL = 'local'
    SOURCE_LDAP = 'ldap'
+    SOURCE_OPENID = 'openid'
    SOURCE_CHOICES = (
        (SOURCE_LOCAL, 'Local'),
        (SOURCE_LDAP, 'LDAP/AD'),
+        (SOURCE_OPENID, 'OpenID'),
    )
    id = models.UUIDField(default=uuid.uuid4, primary_key=True)
    username = models.CharField(
--- a/apps/users/templates/users/login.html
+++ b/apps/users/templates/users/login.html
@@ -75,9 +75,23 @@
                        </p>
                        {% endif %}

-                        <a href="{% url 'users:forgot-password' %}">
-                            <small>{% trans 'Forgot password' %}?</small>
-                        </a>
+                        <div class="text-muted text-center">
+                        <div>
+                            <a href="{% url 'users:forgot-password' %}">
+                                <small>{% trans 'Forgot password' %}?</small>
+                            </a>
+                        </div>
+
+                        {% if AUTH_OPENID %}
+                        <div class="hr-line-dashed"></div>
+                        <p class="text-muted text-center">{% trans "More login options" %}</p>
+                        <div>
+                            <button type="button" class="btn btn-default btn-sm btn-block" onclick="location.href='{% url 'authentication:openid-login' %}'">
+                                <i class="fa fa-openid"></i>
+                                {% trans 'Keycloak' %}
+                            </button>
+                        </div>
+                        {% endif %}

                    </form>
                    <p class="m-t">
--- a/apps/users/views/login.py
+++ b/apps/users/views/login.py
@@ -132,6 +132,7 @@ class UserLoginView(FormView):
    def get_context_data(self, **kwargs):
        context = {
            'demo_mode': os.environ.get("DEMO_MODE"),
+            'AUTH_OPENID': settings.AUTH_OPENID,
        }
        kwargs.update(context)
        return super().get_context_data(**kwargs)
@@ -200,6 +201,9 @@ class UserLogoutView(TemplateView):

    def get(self, request, *args, **kwargs):
        auth_logout(request)
+        next_uri = request.COOKIES.get("next")
+        if next_uri:
+            return redirect(next_uri)
        response = super().get(request, *args, **kwargs)
        return response