Style and federated doc about the manage command cas_clean_federate
This commit is contained in:
parent
2b02568e5b
commit
0dba0d1776
13
README.rst
13
README.rst
@ -286,7 +286,7 @@ Federation mode
|
|||||||
``django-cas-server`` comes with a federation mode. Then ``CAS_FEDERATE`` is ``True``,
|
``django-cas-server`` comes with a federation mode. Then ``CAS_FEDERATE`` is ``True``,
|
||||||
user are invited to choose an identity provider on the login page, then, they are redirected
|
user are invited to choose an identity provider on the login page, then, they are redirected
|
||||||
to the provider CAS to authenticate. This provider transmit to ``django-cas-server`` the user
|
to the provider CAS to authenticate. This provider transmit to ``django-cas-server`` the user
|
||||||
username and attributes. The user is now logged in on ``django-cas-server`` and can user
|
username and attributes. The user is now logged in on ``django-cas-server`` and can use
|
||||||
services using ``django-cas-server`` as CAS.
|
services using ``django-cas-server`` as CAS.
|
||||||
|
|
||||||
The list of allowed identity providers is defined using the ``CAS_FEDERATE_PROVIDERS`` parameter.
|
The list of allowed identity providers is defined using the ``CAS_FEDERATE_PROVIDERS`` parameter.
|
||||||
@ -306,4 +306,13 @@ For instance:
|
|||||||
In federation mode, ``django-cas-server`` build user's username as follow:
|
In federation mode, ``django-cas-server`` build user's username as follow:
|
||||||
``provider_returned_username@provider_name``.
|
``provider_returned_username@provider_name``.
|
||||||
You can choose the provider returned username for ``django-cas-server`` and the provider name
|
You can choose the provider returned username for ``django-cas-server`` and the provider name
|
||||||
in order than to builed username make sense.
|
in order to make sense.
|
||||||
|
|
||||||
|
|
||||||
|
Then using federate mode, you should add one command to a daily crontab: ``cas_clean_federate``.
|
||||||
|
This command clean the local cache of federated user from old unused users.
|
||||||
|
You could for example do as bellow :
|
||||||
|
|
||||||
|
.. code-block::
|
||||||
|
|
||||||
|
10 0 * * * cas-user /path/to/project/manage.py cas_clean_federate
|
||||||
|
@ -13,7 +13,9 @@ class Command(BaseCommand):
|
|||||||
help = _(u"Clean old federated users")
|
help = _(u"Clean old federated users")
|
||||||
|
|
||||||
def handle(self, *args, **options):
|
def handle(self, *args, **options):
|
||||||
federated_users = models.FederatedUser.objects.filter(last_update__lt=(timezone.now() - timedelta(seconds=settings.CAS_TICKET_TIMEOUT)))
|
federated_users = models.FederatedUser.objects.filter(
|
||||||
|
last_update__lt=(timezone.now() - timedelta(seconds=settings.CAS_TICKET_TIMEOUT))
|
||||||
|
)
|
||||||
for user in federated_users:
|
for user in federated_users:
|
||||||
if not models.User.objects.filter(username='%s@%s' % (user.username, user.provider)):
|
if not models.User.objects.filter(username='%s@%s' % (user.username, user.provider)):
|
||||||
user.delete()
|
user.delete()
|
||||||
|
Loading…
Reference in New Issue
Block a user