[Feature] Initial Active Directory / Entra Login (#101)

Co-authored-by: Tim Lorsbach <tim@lorsba.ch> Reviewed-on: enviPath/enviPy#101
2025-09-10 08:29:27 +12:00
parent 4463bf1bc8
commit e82fe7e87e
13 changed files with 146 additions and 5 deletions
--- a/envipath/settings.py
+++ b/envipath/settings.py
@ -47,6 +47,7 @@ INSTALLED_APPS = [
    # Custom
    'epdb',
    'migration',
+    'epauth',
 ]

 AUTHENTICATION_BACKENDS = [
@ -351,5 +352,16 @@ LOGIN_EXEMPT_URLS = [
    '/o/token/',
    '/o/userinfo/',
    '/password_reset/',
-    '/reset/'
+    '/reset/',
+    '/microsoft/',
 ]
+
+# MS AD/Entra
+MS_ENTRA_ENABLED = os.environ.get('MS_ENTRA_ENABLED', 'False') == 'True'
+if MS_ENTRA_ENABLED:
+    MS_ENTRA_CLIENT_ID = os.environ['MS_CLIENT_ID']
+    MS_ENTRA_CLIENT_SECRET = os.environ['MS_CLIENT_SECRET']
+    MS_ENTRA_TENANT_ID = os.environ['MS_TENANT_ID']
+    MS_ENTRA_AUTHORITY = f"https://login.microsoftonline.com/{MS_ENTRA_TENANT_ID}"
+    MS_ENTRA_REDIRECT_URI = os.environ['MS_REDIRECT_URI']
+    MS_ENTRA_SCOPES = os.environ.get('MS_SCOPES', '').split(',')