How set USE_JWT=True when SPA and USE_JWT=False when web access?

grafana / django-saml2-auth

Django SAML2 Authentication Made Easy. Easily integrate with SAML2 SSO identity providers like Okta, Azure AD and others.

Other

189 stars 56 forks source link

How set USE_JWT=True when SPA and USE_JWT=False when web access? #271

Closed giuseppenovielli closed 7 months ago

giuseppenovielli commented 8 months ago

Hi @mostafa, thanks for support this library!

When i use SPA i want to generate token, but when i use web i want to navigate to the web home page.

In summary i want to switch ON if i login with Single Page Application (need Token redirect), switch OFF when i login from web (need login into django).

How can i do that? Thanks!

https://github.com/grafana/django-saml2-auth/blob/11b97beaa2a431209e2c54103cb49c033c42ff54/django_saml2_auth/views.py#L133-L166

mostafa commented 8 months ago

Hey @giuseppenovielli,

AFAIK, django settings are static, so there seems to be no way around it. You can't mix these two: SPA with Django login, or let the user switch this on and off via a parameter. I was going to suggest changing this in the TRIGGER.BEFORE_LOGIN hook function, but a copy of the settings.SAML2_AUTH is always received by dictor while setting the use_jwt variable, hence changing it inside that hook has no effect.

giuseppenovielli commented 7 months ago

Hi @mostafa, thanks for your response.

I found a workaround:

1)Set USE_JWT = False into settings

2)into root url_patters set

urlpatterns = [

#WEB
path(r"acs/", django_saml2_auth.views.acs, name="acs"),
path(r"login/", django_saml2_auth.views.signin, name="login"),

#SPA
path(r"acs-token/", users.views_grafana_saml2.acs, name="acs-token"),
path(r"login-token/", users.views_grafana_saml2.signin, name="login-token"),
]

3)Into users.views_grafana_saml2 copy django_saml2_auth.views.acs and django_saml2_auth.views.signin methods. 4)Into users.views_grafana_saml2.acs FORCE TO USE JWT TOKEN, ALWAYS.