Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

Django, mozilla-django-oidc and admin

Tags:

django

openid-connect

okta

i am trying to connect Okta with a custom Django (v.3.0.2) app i am coding, using the mozilla-django-oidc library. So far the initial user authentication and account creation (using Django's user model) works, but i don't understand what i need to do to have the Django AdminSite work.

The Adminsite, before introducing mozilla-django-oidc worked as expected. I created an admin user, named "admin" and the user was able to login.

To integrate the mozilla-django-oidc library i followed the instructions here: https://mozilla-django-oidc.readthedocs.io/en/stable/installation.html. The instructions do not have any specific mention of the AdminSite.

When i access the AdminSite after the library integration, i have the following:

  1. The AdminSite uses the default template - my assumption was that it would also use Okta to authenticate.
  2. The admin account "admin" that used to be able to login into the AdminSite does not work anymore

My goal is to be able to access the AdminSite. I don't mind if it will be over Okta or over the vanilla interface as long as i can access it.

Below are the relevant segments from the files (in order to integrate):

urls.py

urlpatterns = [
    path('', static_site.site_index, name='site_index'),
    path('admin/', admin.site.urls),
    path('review/', include('review.urls')),
    path('oidc/', include('mozilla_django_oidc.urls')),
]

settings.py

# OICD
AUTHENTICATION_BACKENDS = (
    'mozilla_django_oidc.auth.OIDCAuthenticationBackend',
)

OIDC_RP_CLIENT_ID = 'xxxxx'
OIDC_RP_CLIENT_SECRET = 'xxxx'
OIDC_RP_SIGN_ALGO = 'RS256'
OIDC_OP_JWKS_ENDPOINT = 'https://dev-xxx.okta.com/oauth2/default/v1/keys'
OIDC_RP_SCOPES = 'openid email profile'

OIDC_OP_AUTHORIZATION_ENDPOINT = 'https://dev-xxx.okta.com/oauth2/default/v1/authorize'
OIDC_OP_TOKEN_ENDPOINT = 'https://dev-xxx.okta.com/oauth2/default/v1/token'
OIDC_OP_USER_ENDPOINT = 'https://dev-xxx.okta.com/oauth2/default/v1/userinfo'

# Provided by mozilla-django-oidc
LOGIN_URL = reverse_lazy('oidc_authentication_callback')

# App urls
LOGIN_REDIRECT_URL = reverse_lazy('review:dashboard')
LOGOUT_REDIRECT_URL = reverse_lazy('site_index')

Any ideas or pointers welcomed!

like image 602
Dimitrios Stergiou Avatar asked Oct 31 '25 03:10

Dimitrios Stergiou

1 Answers

The goal was achieved by adding the default auth backend to the settings:

settings.py

AUTHENTICATION_BACKENDS = [
    'django.contrib.auth.backends.ModelBackend',
    'mozilla_django_oidc.auth.OIDCAuthenticationBackend',
]

I don't get Okta auth for the admin, but since i am happy just to have the admin running, i will stop here.

like image 173
Dimitrios Stergiou Avatar answered Nov 02 '25 21:11

Dimitrios Stergiou
Sign in to Comment

Related questions

Serialize Many to Many Relationship with Extra fields
Django ValueError: Missing staticfiles manifest entry, but the manifest appears to show the entry
Can I turn a Django form into a GET request string?
How to include in django template a reverse url in translation

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!