No description
Kumi
da49ddabcc
Introduce support for Central Authentication Service (CAS) alongside existing OIDC and SAML by integrating a new CAS server app and custom CAS authentication user model. Streamline sign-in infrastructure with updated URL patterns. As part of the update, refactor user model `username` resolution to leverage the email field directly. Includes necessary Django migrations to support new authentication features and removes a deprecated OIDC provider dependency. |
||
|---|---|---|
| .vscode | ||
| authentication | ||
| core | ||
| doc | ||
| frontend | ||
| kumidc | ||
| ldap | ||
| .gitignore | ||
| config.dist.ini | ||
| LICENSE | ||
| manage.py | ||
| README.md | ||
| requirements.txt | ||
KumiDC
KumiDC is a simple Django-based OpenID Connect identity provider.
At its core, it uses Django OpenID Connect Provider by Juan Ignacio Fiorentino to provide the actual OIDC functionality, and adds a few fancy things on top.
- "Pretty" AdminLTE user interface
- Time-based One-Time Passwords for Two Factor Authentication
- Requirement to re-authenticate or enter 2FA token every five minutes
As it stands, this project is not complete. It works as an OIDC provider, although its security has not been tested to any extent.
We currently use it, in conjunction with oauth2-proxy, to add an authentication layer to applications on our internal network where protection against unauthorized access is not directly implemented, and not critical.