search

Clinical-Genomics-Lund / bonsai

Visualize and analyze resistance and outbreak of bacterial pathogen
https://bonsai-wgs.readthedocs.io/en/latest/
GNU General Public License v3.0
4 stars 1 forks source link

178 option to authenticate user against a ldap server #180

Closed mhkc closed 6 months ago

mhkc commented 6 months ago

This PR adds LDAP authentication as an optional authentication method.

Close #178

How to setup and perform the tests

  1. Clone repository and setup
  2. Create a new user with username "fry@planetexpress.com"
  3. Add the test LDAP server to the Bonsai stack and enable LDAP authentication (see configuration below)
  4. Try log in with username "fry@planetexpress.com", password: "fry"

Expected outcome

The user Fry should be able to log in.

Additional context

   version: '3.9'
   # usage:
   # (sudo) docker-compose up -d
   # (sudo) docker-compose down
   services: 
   mongodb:
      image: mongo:4.4.22
      ports:
         - "8813:27017"
      expose:
         - "27017"
      volumes:
         - "./volumes/mongodb:/data/db"
      networks:
         - bonsai-net

   redis:
      image: redis:7.0.10
      networks:
         - bonsai-net

   openldap:
      image: ghcr.io/rroemhild/docker-test-openldap:master
      container_name: openldap
      ports:
         - "10389:10389"
         - "10636:10636"
      networks:
         - bonsai-net
      privileged: true

   api:
      container_name: bonsai_api
      build: 
         context: api
         network: host
      depends_on:
         - mongodb
      ports: 
         - "8811:8000"
      environment:
         - DB_HOST=mongodb
         - REDIS_HOST=redis
         - LDAP_HOST=openldap
         - LDAP_PORT=10389
         - LDAP_BIND_DN=cn=admin,dc=planetexpress,dc=com
         - LDAP_SECRET=GoodNewsEveryone
         - LDAP_BASE_DN=dc=planetexpress,dc=com
         - LDAP_USER_LOGIN_ATTR=mail
         - LDAP_USE_SSL=false
         - LDAP_USE_TLS=false
      networks:
         - bonsai-net
      command: "uvicorn app.main:app --reload --log-level debug --host 0.0.0.0"

   app:
      container_name: bonsai_app
      build: 
         context: frontend
         network: host
      depends_on:
         - mongodb
         - api
         - minhash_service
      ports: 
         - "8812:5000"
      environment:
         - FLASK_APP=app.app:create_app
         - FLASK_ENV=development 
         - "BONSAI_API_URL=http://mtlucmds2.lund.skane.se:8811"
      networks:
         - bonsai-net
      command: "flask run --debug --host 0.0.0.0"

   networks:
   bonsai-net:
      driver: bridge
      ipam:
         driver: default
         config:
         - subnet: 172.0.30.0/24
Jakob37 commented 6 months ago

When the comments are addressed, I think this is good to go!