Django URLConf and OZP authentication - How is https://localhost:4440/center/ is routed and processed?
28 views
Skip to first unread message
Gang Yang
Jan 9, 2017, 5:20:14 PM1/9/17
to ozoneplatform-users
Hi,
I'm trying to understand how authentication is done in OZP. But with only some Django background (just learn it), I failed to see how https://localhost:4440/center/ is routed to start with. In the root URLConf, ozp.urls, I did not see any URL pattern for "/center/". So how is https://localhost:4440/center/ routed and processed? Is the initial authentication done in OZP's backend project or somewhere else?
In my experiment, I do know the Demo Auth Service is used to authenticate users because killing gunicorn_demoauth service the initial authentication would fail. But who uses it and how is it used?
I guess I'm lacking an document of the overall architecture - what component does what. Can someone help?
Thanks,
Gang
kdrumm...@gmail.com
Jan 10, 2017, 10:48:53 AM1/10/17
to ozoneplatform-users
Hi Gang,
Most of the projects for OZP (center, iwc, webtop, help, hud) don't need to run in Django as after they are build, they are just static files. These static projects use an OzoneConfig.js to map where each of the other projects can be found. Authentication is done by requests set to the backend project which talks to ozp-auth. So the user initially points a browser to one of the static frontend projects and that project knows the urls to the backend and other frontend projects. Does that answer your question? If not, I may have misunderstood your question.
Thanks,
Kyle
Most of the projects for OZP (center, iwc, webtop, help, hud) don't need to run in Django as after they are build, they are just static files. These static projects use an OzoneConfig.js to map where each of the other projects can be found. Authentication is done by requests set to the backend project which talks to ozp-auth. So the user initially points a browser to one of the static frontend projects and that project knows the urls to the backend and other frontend projects. Does that answer your question? If not, I may have misunderstood your question.
Thanks,
Kyle
Gang Yang
Jan 10, 2017, 12:14:15 PM1/10/17
to ozoneplatform-users
Hi Kyle,
Thank you very much for your reply. Following your pointers, I found the ngnix configuration files (nginx.conf and ozp.conf), where the static contents are configured. That helped a lot.
One thing is still not clear and it's not quite obvious. I did not see how authentication is triggered and where it's done. I did not see basic_auth directive in nginx conf files. I tried to read the main.js from center component and it was "gulped" and hard to understand. Without going into details and based on what you described, am I right in saying that the frontend static content, say center component, would include requests to the backend component in Django and the initial authentication is triggered and done in there?
Gang
kdrumm...@gmail.com
Jan 10, 2017, 1:30:54 PM1/10/17
to ozoneplatform-users
Gang,
Yes, you are correct. The ozp-backend project has configuration in the settings.py file (can be seen on github here: https://github.com/ozoneplatform/ozp-backend/blob/master/ozp/settings.py). If you look at the OZP object (line 228) you can see ozp-backend references an OZP_AUTHORIZATION server at http://localhost:8000/demo-auth (lines 239). So the frontend (center for example) will send an AJAX request to ozp-backend. Ozp-backend will check if authorization is required and valid by talking to ozp-auth. Then ozp-backend will send the response back to the frontend. I hope this helps clear things up.
Thanks,
Kyle
Yes, you are correct. The ozp-backend project has configuration in the settings.py file (can be seen on github here: https://github.com/ozoneplatform/ozp-backend/blob/master/ozp/settings.py). If you look at the OZP object (line 228) you can see ozp-backend references an OZP_AUTHORIZATION server at http://localhost:8000/demo-auth (lines 239). So the frontend (center for example) will send an AJAX request to ozp-backend. Ozp-backend will check if authorization is required and valid by talking to ozp-auth. Then ozp-backend will send the response back to the frontend. I hope this helps clear things up.
Thanks,
Kyle
Reply all
Reply to author
Forward
0 new messages