How to setup Dataporten (Feide etc.) login¶
Make sure your
AUTHENTICATION_BACKENDS setting includes
INSTALLED_APPS += [ 'devilry.devilry_dataporten_allauth', ] AUTHENTICATION_BACKENDS = [ 'allauth.account.auth_backends.AuthenticationBackend', ]
You can have more authentication backends than just the _allauth_ backend, but if you only have the allauth backend, login will redirect directly to dataporten for login instead of asking users how they wish to sign in.
Setup the dataporten application¶
Go to https://dashboard.dataporten.no/, and create a new application. You probably want to create the application within an organization instead of a personal app, but for local testing, a personal app should work.
In the create new application popup¶
- Name: Whatever you want (Typically: “Devilry”, “My Devilry test”, etc.)
- OAuth 2.0 Redirect URL:
https://<devilry domain>/authenticate/allauth/dataporten/login/callback/. E.g.: https://devilry.example.com/authenticate/allauth/dataporten/login/callback/. For localhost development, you can use
<devilry domain>, and http instead of https.
Within the application dashboard¶
Devilry requires that you include the following scopes:
You will most likely want to deselect: Accept all social networks, Feide gjestebrukere and Feide testbrukere. For testing purposes, Feide testbrukere may be useful, but not for production.
You will most likely want to deselect Åpne for alle i utdanningsektoren, and just select the relevant schools.
Add required data to the database¶
Setup your primary domain with:
$ python manage.py devilry_setup_primary_domain <your domain here> $ ... E.g.: $ python manage.py devilry_setup_primary_domain devilry.example.com
Setup dataporten credentials:
$ python manage.py devilry_setup_dataporten_provider <OAuth Client credentials> $ ... E.g.: $ python manage.py devilry_setup_dataporten_provider xxx-xxx-xxx-xxx-xxxxx
You find the credentials for your app via https://dashboard.dataporten.no (in the OAuth credentials section).
Use username instead of feide ID¶
By default, we use the
userid_sec field from Dataporten as the
“shortname” for users. This field is not very pretty, but it is unique.
This means that the shortname which is used some places in the UI, looks
something like this:
You can change this to just
myuser (the username part) for a single
userid_sec suffix with the
setting. For example:
DEVILRY_FEIDE_USERID_SEC_TO_USERNAME_SUFFIX = 'uio.no'
If you forget this, and set it later, the shortname of users will be updated the next time they login.