push to change branch

.gitignore

@@ -9,4 +9,6 @@ true_false/__pycache__
 true_false/__init__.py
 multichoice/__pycache__
 multichoice/__init__.py
-venv
+venv-quiz
+*__init__.py
+*__pycache__

quiz-app/app/settings.py

@@ -23,6 +23,7 @@ LOGOUT_REDIRECT_URL = '/'
 
 # Application definition
 INSTALLED_APPS = [
+    # django admin backend
     'django.contrib.admin',
     'django.contrib.auth',
     'django.contrib.contenttypes',
@@ -30,7 +31,10 @@ INSTALLED_APPS = [
     'django.contrib.messages',
     'django.contrib.staticfiles',
 
-    # django_quiz apps
+    # openid
+    'mozilla_django_oidc',
+
+    # quiz apps
     'quiz',
     'multichoice',
     'true_false',
@@ -46,8 +50,17 @@ MIDDLEWARE = [
     'django.contrib.auth.middleware.AuthenticationMiddleware',
     'django.contrib.messages.middleware.MessageMiddleware',
     'django.middleware.clickjacking.XFrameOptionsMiddleware',
+    # for sessions
+    'mozilla_django_oidc.middleware.SessionRefresh',
+
 ]
 
+# Add 'mozilla_django_oidc' authentication backend + override user create & update
+AUTHENTICATION_BACKENDS = (
+    #'mozilla_django_oidc.auth.OIDCAuthenticationBackend',
+    'registration.oidc.MyOIDCAB',
+)
+
 ROOT_URLCONF = 'app.urls'
 
 TEMPLATES = [
@@ -68,7 +81,6 @@ TEMPLATES = [
 
 WSGI_APPLICATION = 'app.wsgi.application'
 
-
 # Database
 # https://docs.djangoproject.com/en/2.2/ref/settings/#databases
 
@@ -79,7 +91,6 @@ DATABASES = {
     }
 }
 
-
 # Password validation
 # https://docs.djangoproject.com/en/2.2/ref/settings/#auth-password-validators
 
@@ -118,6 +129,27 @@ USE_TZ = True
 
 STATIC_URL = '/static/'
 
+DEFAULT_AUTO_FIELD = 'django.db.models.AutoField'
+
+
+CSRF_TRUSTED_ORIGINS = ['https://quizz.legaragenumerique.fr']
+
+# oidc
+OIDC_RP_CLIENT_ID = 'djangoquiz'
+OIDC_RP_CLIENT_SECRET = 'c2c1df43-b2bf-42d1-8ad2-faf93dddcb18'
+
+OIDC_RP_SIGN_ALGO= "RS256"
+OIDC_OP_JWKS_ENDPOINT = "https://id.legaragenumerique.fr/auth/realms/garagenum/protocol/openid-connect/certs"
+
+OIDC_OP_AUTHORIZATION_ENDPOINT = "https://id.legaragenumerique.fr/auth/realms/garagenum/protocol/openid-connect/auth"
+OIDC_OP_TOKEN_ENDPOINT = "https://id.legaragenumerique.fr/auth/realms/garagenum/protocol/openid-connect/token"
+OIDC_OP_USER_ENDPOINT = "https://id.legaragenumerique.fr/auth/realms/garagenum/protocol/openid-connect/userinfo"
+
+LOGIN_REDIRECT_URL = "https://quizz.legaragenumerique.fr/"
+LOGOUT_REDIRECT_URL = "https://quizz.legaragenumerique.fr/"
+
+# override hashemail for username
+OIDC_USERNAME_ALGO = "registration.oidc.MyOIDCAB"
 
 # pour envoyer des mail dans un dossier local
 # EMAIL_BACKEND = 'django.core.mail.backends.console.EmailBackend'

quiz-app/quiz/templates/base.html

@@ -35,7 +35,7 @@
 {% endif %}
           </li>
         {% else %}
-          <li><a href="{% url 'login'%}">{% trans "Connect" %}</a></li>
+          <li><a href="{% url 'oidc_authentication_init'%}">{% trans "Connect" %}</a></li>
         {% endif %} 
         </ul>
         {% endblock %}

quiz-app/registration/oidc.py

@@ -0,0 +1,28 @@
+import unicodedata
+from mozilla_django_oidc.auth import OIDCAuthenticationBackend
+from django.contrib.auth.models import User
+
+class MyOIDCAB(OIDCAuthenticationBackend):
+    def create_user(self, claims):
+        user = super(MyOIDCAB, self).create_user(claims)
+
+        user.username = claims.get('given_name', '')
+        user.first_name = claims.get('given_name', '')
+        user.last_name = claims.get('family_name', '')
+        user.save()
+
+        return user
+
+    def update_user(self, user, claims):
+        user.username = claims.get('given_name', '')
+        user.first_name = claims.get('given_name', '')
+        user.last_name = claims.get('family_name', '')
+        user.save()
+
+        return user
+
+# def generate_username(email):
+#     # Using Python 3 and Django 1.11+, usernames can contain alphanumeric
+#     # (ascii and unicode), _, @, +, . and - characters. So we normalize
+#     # it and slice at 150 characters.
+#     return unicodedata.normalize('NFKC', email)[:150]

quiz-app/requirements.txt

@@ -1,7 +1,35 @@
-django>=2.2.9
-django-admin
-django-model-utils>=3.1.1
-Pillow>=4.0.0
-psycopg2-binary
-six
-environs
+asgiref==3.8.1
+certifi==2025.1.31
+cffi==1.17.1
+charset-normalizer==3.4.1
+cryptography==44.0.0
+Django==5.1.6
+django-admin==2.0.2
+django-excel-response2==3.0.6
+django-model-utils==5.0.0
+django-six==1.0.5
+environs==14.1.0
+excel-base==1.0.4
+gunicorn==23.0.0
+idna==3.10
+isoweek==1.3.3
+josepy==1.15.0
+marshmallow==3.26.1
+mozilla-django-oidc==4.0.1
+packaging==24.2
+pillow==11.1.0
+psycopg2-binary==2.9.10
+pycparser==2.22
+pyOpenSSL==25.0.0
+python-dateutil==2.9.0.post0
+python-dotenv==1.0.1
+requests==2.32.3
+screen==1.0.1
+six==1.17.0
+sqlparse==0.5.3
+TimeConvert==3.0.13
+typing_extensions==4.12.2
+tzlocal==5.2
+urllib3==2.3.0
+whitenoise==6.6.0
+xlwt==1.3.0