Skip to content

Commit 0e1d3f9

Browse files
authored
[Update] 支持radius认证 (jumpserver#2323)
* [Update] 支持radius认证 * [Update] 支持radius * [Update] 增加requirements * [Update] 修改copyright * [Update] 修改migrations
1 parent 3540308 commit 0e1d3f9

12 files changed

Lines changed: 75 additions & 69 deletions

File tree

Dockerfile

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -12,7 +12,7 @@ RUN yum -y install epel-release && cd /tmp/requirements && \
1212
RUN cd /tmp/requirements && pip install -r requirements.txt
1313

1414
COPY . /opt/jumpserver
15-
COPY config_docker.py /opt/jumpserver/config.py
15+
COPY config_example.yml /opt/jumpserver/config.yml
1616
VOLUME /opt/jumpserver/data
1717
VOLUME /opt/jumpserver/logs
1818

Lines changed: 2 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,2 @@
1+
# -*- coding: utf-8 -*-
2+
#
Lines changed: 34 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,34 @@
1+
# -*- coding: utf-8 -*-
2+
#
3+
4+
from django.contrib.auth import get_user_model
5+
from radiusauth.backends import RADIUSBackend, RADIUSRealmBackend
6+
from django.conf import settings
7+
8+
User = get_user_model()
9+
10+
11+
class CreateUserMixin:
12+
def get_django_user(self, username, password=None):
13+
if isinstance(username, bytes):
14+
username = username.decode()
15+
try:
16+
user = User.objects.get(username=username)
17+
except User.DoesNotExist:
18+
if '@' in username:
19+
email = username
20+
else:
21+
email_suffix = settings.EMAIL_SUFFIX
22+
email = '{}@{}'.format(username, email_suffix)
23+
user = User(username=username, name=username, email=email)
24+
user.source = user.SOURCE_RADIUS
25+
user.save()
26+
return user
27+
28+
29+
class RadiusBackend(CreateUserMixin, RADIUSBackend):
30+
pass
31+
32+
33+
class RadiusRealmBackend(CreateUserMixin, RADIUSRealmBackend):
34+
pass

apps/jumpserver/conf.py

Lines changed: 4 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -331,6 +331,10 @@ def __getattr__(self, item):
331331
'SECURITY_PASSWORD_LOWER_CASE': False,
332332
'SECURITY_PASSWORD_NUMBER': False,
333333
'SECURITY_PASSWORD_SPECIAL_CHAR': False,
334+
'AUTH_RADIUS': False,
335+
'RADIUS_SERVER': 'localhost',
336+
'RADIUS_PORT': 1812,
337+
'RADIUS_SECRET': '',
334338
'HTTP_BIND_HOST': '0.0.0.0',
335339
'HTTP_LISTEN_PORT': 8080,
336340
}

apps/jumpserver/settings.py

Lines changed: 10 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -400,6 +400,16 @@ def get_xpack_templates_dir():
400400
AUTHENTICATION_BACKENDS.insert(0, AUTH_OPENID_BACKENDS[0])
401401
AUTHENTICATION_BACKENDS.insert(0, AUTH_OPENID_BACKENDS[1])
402402

403+
# Radius Auth
404+
AUTH_RADIUS = CONFIG.AUTH_RADIUS
405+
AUTH_RADIUS_BACKEND = 'authentication.radius.backends.RadiusBackend'
406+
RADIUS_SERVER = CONFIG.RADIUS_SERVER
407+
RADIUS_PORT = CONFIG.RADIUS_PORT
408+
RADIUS_SECRET = CONFIG.RADIUS_SECRET
409+
410+
if AUTH_RADIUS:
411+
AUTHENTICATION_BACKENDS.insert(0, AUTH_RADIUS_BACKEND)
412+
403413
# Celery using redis as broker
404414
CELERY_BROKER_URL = 'redis://:%(password)s@%(host)s:%(port)s/%(db)s' % {
405415
'password': CONFIG.REDIS_PASSWORD,

apps/templates/_copyright.html

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -1,2 +1,2 @@
11
{% load i18n %}
2-
<strong>Copyright</strong> {% trans ' Beijing Duizhan Tech, Inc. ' %} &copy; 2014-2018
2+
<strong>Copyright</strong> {% trans ' Beijing Duizhan Tech, Inc. ' %} &copy; 2014-2019

apps/templates/_footer.html

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -5,6 +5,6 @@
55
<!--<img style="display: none" src="http://www.jumpserver.org/img/evaluate_avatar1.jpg">-->
66
</div>
77
<div>
8-
<strong>Copyright</strong> {% trans ' Beijing Duizhan Tech, Inc. ' %}&copy; 2014-2018
8+
<strong>Copyright</strong> {% trans ' Beijing Duizhan Tech, Inc. ' %}&copy; 2014-2019
99
</div>
1010
</div>

apps/templates/flash_message_standalone.html

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -54,7 +54,7 @@ <h2 style="display: inline">Jumpserver</h2>
5454
{% include '_copyright.html' %}
5555
</div>
5656
<div class="col-md-6 text-right">
57-
<small>2014-2018</small>
57+
<small>2014-2019</small>
5858
</div>
5959
</div>
6060
</div>
Lines changed: 18 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,18 @@
1+
# Generated by Django 2.1.4 on 2019-01-07 11:12
2+
3+
from django.db import migrations, models
4+
5+
6+
class Migration(migrations.Migration):
7+
8+
dependencies = [
9+
('users', '0017_auto_20181123_1113'),
10+
]
11+
12+
operations = [
13+
migrations.AlterField(
14+
model_name='user',
15+
name='source',
16+
field=models.CharField(choices=[('local', 'Local'), ('ldap', 'LDAP/AD'), ('openid', 'OpenID'), ('radius', 'Radius')], default='local', max_length=30, verbose_name='Source'),
17+
),
18+
]

apps/users/models/user.py

Lines changed: 2 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -41,10 +41,12 @@ class User(AbstractUser):
4141
SOURCE_LOCAL = 'local'
4242
SOURCE_LDAP = 'ldap'
4343
SOURCE_OPENID = 'openid'
44+
SOURCE_RADIUS = 'radius'
4445
SOURCE_CHOICES = (
4546
(SOURCE_LOCAL, 'Local'),
4647
(SOURCE_LDAP, 'LDAP/AD'),
4748
(SOURCE_OPENID, 'OpenID'),
49+
(SOURCE_RADIUS, 'Radius'),
4850
)
4951
id = models.UUIDField(default=uuid.uuid4, primary_key=True)
5052
username = models.CharField(

0 commit comments

Comments
 (0)