make ldap authentication work

authorization is still missing -> people can login but can't really
do anything. It seems like we should add a group for members to ldap
and authorize the matching django group to be allowed to edit news,
projects, and so on.

Maybe there is a better solution, which I did not see?
Also, there is probably a better code for the populate_user handler
I placed in accounts/models.py

1 files changed, 21 insertions, 0 deletions

diff --git a/sublab_project/accounts/models.py b/sublab_project/accounts/models.py
new file mode 100644
index 0000000..821bed3
--- /dev/null
+++ b/sublab_project/accounts/models.py
@@ -0,0 +1,21 @@
+from django.contrib.auth.models import User
+from django.db import models
+
+from django.db.models.signals import post_save
+from django_auth_ldap.backend import populate_user
+
+class UserProfile(models.Model):
+    """A (dummy) user profile, needed for LDAP
+    """
+    user = models.OneToOneField(User)
+
+
+def create_user_profile(sender, instance, created, **kwargs):
+    if created:
+        UserProfile.objects.create(user=instance)
+post_save.connect(create_user_profile, sender=User)
+
+
+def set_user_as_staff(sender, user, ldap_user, **kwargs):
+    user.is_staff = True # Every LDAP user should be able to use admin
+populate_user.connect(set_user_as_staff)