Skip to content

auth: Improve login management and configuration

Declare login and logout URLs in django settings:

  • basic authentication is used in development mode and when running cypress tests

  • OIDC authentication is used in production mode and when running Python tests

Do not expose basic authentication login URL in production webapp for obvious security reasons.

Align query parameter name for redirection after login in basic authentication backend with the OIDC one, it is now named next_path.

Simplify some code in django templates.

Remove documentation about API authentication when using the basic django backend as no bearer token can be generated in that case.


Migrated from D8420 (view on Phabricator)

Merge request reports