feat!: Remove django-admin default login (#29876)

* feat!: Remove django-admin default login
2022-03-01 17:38:36 +05:00
parent 5d4aa3af8b
commit fe57074dab
9 changed files with 98 additions and 22 deletions
--- a/openedx/core/djangoapps/user_authn/config/waffle.py
+++ b/openedx/core/djangoapps/user_authn/config/waffle.py
@@ -3,7 +3,7 @@ Waffle flags and switches for user authn.
 """


-from edx_toggles.toggles import LegacyWaffleSwitch, LegacyWaffleSwitchNamespace
+from edx_toggles.toggles import LegacyWaffleSwitch, LegacyWaffleSwitchNamespace, WaffleFlag

 _WAFFLE_NAMESPACE = 'user_authn'
 _WAFFLE_SWITCH_NAMESPACE = LegacyWaffleSwitchNamespace(name=_WAFFLE_NAMESPACE, log_prefix='UserAuthN: ')
@@ -37,3 +37,16 @@ ENABLE_PWNED_PASSWORD_API = LegacyWaffleSwitch(
    'enable_pwned_password_api',
    __name__
 )
+
+
+# .. toggle_name: ADMIN_AUTH_REDIRECT_TO_LMS
+# .. toggle_implementation: WaffleFlag
+# .. toggle_default: False
+# .. toggle_description: Set this to True if you want to redirect cms-admin login to lms login.
+#   In case of logout it will use lms logout also.
+# .. toggle_use_cases: open_edx
+# .. toggle_creation_date: 2022-02-08
+# .. toggle_target_removal_date: None
+ADMIN_AUTH_REDIRECT_TO_LMS = WaffleFlag(   # lint-amnesty, pylint: disable=toggle-missing-annotation
+    "user_authn.admin_auth_redirect_to_lms", module_name=__name__
+)
--- a/openedx/core/djangoapps/user_authn/views/login.py
+++ b/openedx/core/djangoapps/user_authn/views/login.py
@@ -43,7 +43,10 @@ from common.djangoapps.util.password_policy_validators import normalize_password
 from openedx.core.djangoapps.password_policy import compliance as password_policy_compliance
 from openedx.core.djangoapps.safe_sessions.middleware import mark_user_change_as_expected
 from openedx.core.djangoapps.site_configuration import helpers as configuration_helpers
-from openedx.core.djangoapps.user_authn.config.waffle import ENABLE_LOGIN_USING_THIRDPARTY_AUTH_ONLY
+from openedx.core.djangoapps.user_authn.config.waffle import (
+    ENABLE_LOGIN_USING_THIRDPARTY_AUTH_ONLY,
+    ADMIN_AUTH_REDIRECT_TO_LMS
+)
 from openedx.core.djangoapps.user_authn.cookies import get_response_with_refreshed_jwt_cookies, set_logged_in_cookies
 from openedx.core.djangoapps.user_authn.exceptions import AuthFailedError
 from openedx.core.djangoapps.user_authn.toggles import (
@@ -655,7 +658,7 @@ def redirect_to_lms_login(request):
    This view redirect the admin/login url to the site's login page if
    waffle switch is on otherwise returns the admin site's login view.
    """
-    if ENABLE_LOGIN_USING_THIRDPARTY_AUTH_ONLY.is_enabled():
+    if ENABLE_LOGIN_USING_THIRDPARTY_AUTH_ONLY.is_enabled() or ADMIN_AUTH_REDIRECT_TO_LMS.is_enabled():
        return redirect('/login?next=/admin')
    else:
        return admin.site.login(request)
--- a/openedx/core/tests/test_admin_view.py
+++ b/openedx/core/tests/test_admin_view.py
@@ -6,8 +6,9 @@ This is not inside a django app because it is a global property of the system.

 from django.test import Client, TestCase
 from django.urls import reverse
-from edx_toggles.toggles.testutils import override_waffle_switch
+from edx_toggles.toggles.testutils import override_waffle_switch, override_waffle_flag
 from common.djangoapps.student.tests.factories import UserFactory, TEST_PASSWORD
+from openedx.core.djangoapps.user_authn.config.waffle import ADMIN_AUTH_REDIRECT_TO_LMS

 from openedx.core.djangoapps.user_authn.views.login import ENABLE_LOGIN_USING_THIRDPARTY_AUTH_ONLY

@@ -43,6 +44,16 @@ class TestAdminView(TestCase):
            response = self.client.get(reverse('admin:login'))
            assert response.url == '/login?next=/admin'
            assert response.status_code == 302
+
+        with override_waffle_flag(ADMIN_AUTH_REDIRECT_TO_LMS, True):
+            response = self.client.get(reverse('admin:login'))
+            assert response.url == '/login?next=/admin'
+            assert response.status_code == 302
+
        with override_waffle_switch(ENABLE_LOGIN_USING_THIRDPARTY_AUTH_ONLY, False):
            response = self.client.get(reverse('admin:login'))
            assert response.template_name == ['admin/login.html']
+
+        with override_waffle_flag(ADMIN_AUTH_REDIRECT_TO_LMS, False):
+            response = self.client.get(reverse('admin:login'))
+            assert response.template_name == ['admin/login.html']