authentik/authentik/core/urls.py

"""authentik URL Configuration"""
from django.conf import settings
from django.contrib.auth.decorators import login_required
from django.urls import path
from django.views.decorators.csrf import ensure_csrf_cookie
from django.views.generic import RedirectView

from authentik.core.views import apps, impersonate
from authentik.core.views.debug import AccessDeniedView
from authentik.core.views.interface import FlowInterfaceView, InterfaceView
from authentik.core.views.session import EndSessionView

urlpatterns = [
    path(
        "",
        login_required(
            RedirectView.as_view(pattern_name="authentik_core:if-user", query_string=True)
        ),
        name="root-redirect",
    ),
    path(
        # We have to use this format since everything else uses applications/o or applications/saml
        "application/launch/<slug:application_slug>/",
        apps.RedirectToAppLaunch.as_view(),
        name="application-launch",
    ),
    # Impersonation
    path(
        "-/impersonation/<int:user_id>/",
        impersonate.ImpersonateInitView.as_view(),
        name="impersonate-init",
    ),
    path(
        "-/impersonation/end/",
        impersonate.ImpersonateEndView.as_view(),
        name="impersonate-end",
    ),
    # Interfaces
    path(
        "if/admin/",
        ensure_csrf_cookie(InterfaceView.as_view(template_name="if/admin.html")),
        name="if-admin",
    ),
    path(
        "if/user/",
        ensure_csrf_cookie(InterfaceView.as_view(template_name="if/user.html")),
        name="if-user",
    ),
    path(
        "if/flow/<slug:flow_slug>/",
        ensure_csrf_cookie(FlowInterfaceView.as_view()),
        name="if-flow",
    ),
    path(
        "if/session-end/<slug:application_slug>/",
        ensure_csrf_cookie(EndSessionView.as_view()),
        name="if-session-end",
    ),
    # Fallback for WS
    path("ws/outpost/<uuid:pk>/", InterfaceView.as_view(template_name="if/admin.html")),
    path(
        "ws/client/",
        InterfaceView.as_view(template_name="if/admin.html"),
    ),
]

if settings.DEBUG:
    urlpatterns += [
        path("debug/policy/deny/", AccessDeniedView.as_view(), name="debug-policy-deny"),
    ]
wip: rename to authentik (#361) * root: initial rename * web: rename custom element prefix * root: rename external functions with pb_ prefix * root: fix formatting * root: replace domain with goauthentik.io * proxy: update path * root: rename remaining prefixes * flows: rename file extension * root: pbadmin -> akadmin * docs: fix image filenames * lifecycle: ignore migration files * ci: copy default config from current source before loading last tagged * : new sentry dsn tests: fix missing python3.9-dev package * root: add additional migrations for service accounts created by outposts * core: mark system-created service accounts with attribute * policies/expression: fix pb_ replacement not working * web: fix last linting errors, add lit-analyse * policies/expressions: fix lint errors * web: fix sidebar display on screens where not all items fit * proxy: attempt to fix proxy pipeline * proxy: use go env GOPATH to get gopath * lib: fix user_default naming inconsistency * docs: add upgrade docs * docs: update screenshots to use authentik * admin: fix create button on empty-state of outpost * web: fix modal submit not refreshing SiteShell and Table * web: fix height of app-card and height of generic icon * web: fix rendering of subtext * admin: fix version check error not being caught * web: fix worker count not being shown * docs: update screenshots * root: new icon * web: fix lint error * admin: fix linting error * root: migrate coverage config to pyproject 2020-12-05 21:08:42 +00:00			`"""authentik URL Configuration"""`
root: add silk and debugging views Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> 2022-04-21 20:38:32 +00:00			`from django.conf import settings`
Static SPA (#648) * core: initial migration to /if Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * core: move jsi18n to api Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * tests: fix static URLs in tests Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * web: add new html files to rollup Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * web: fix rollup config and nginx config Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * core: add Impersonation support to user API Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * web: add banner for impersonation Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * tests: fix test_user function for new User API Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * flows: add background to API Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * web: set background from flow API Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * core: make root view login_required for redirect Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * flows: redirect to root-redirect instead of if-admin direct Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * api: add header to prevent Authorization Basic prompt in browser Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * web: redirect to root when user/me request fails Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> 2021-03-22 12:44:17 +00:00			`from django.contrib.auth.decorators import login_required`
separate passbook.core into passbook.root and passbook.core Move Main Django Project into passbook.root while passbook.core holds core functionality. passbook.root contains main settings, ASGI & WSGI, celery and URLs. 2019-06-25 16:00:54 +00:00			`from django.urls import path`
Static SPA (#648) * core: initial migration to /if Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * core: move jsi18n to api Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * tests: fix static URLs in tests Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * web: add new html files to rollup Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * web: fix rollup config and nginx config Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * core: add Impersonation support to user API Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * web: add banner for impersonation Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * tests: fix test_user function for new User API Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * flows: add background to API Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * web: set background from flow API Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * core: make root view login_required for redirect Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * flows: redirect to root-redirect instead of if-admin direct Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * api: add header to prevent Authorization Basic prompt in browser Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * web: redirect to root when user/me request fails Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> 2021-03-22 12:44:17 +00:00			`from django.views.decorators.csrf import ensure_csrf_cookie`
			`from django.views.generic import RedirectView`
add working oauth and ldap client 2018-11-11 12:41:48 +00:00
core: add initial app launch url (#2367) Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> 2022-02-23 21:48:55 +00:00			`from authentik.core.views import apps, impersonate`
root: add silk and debugging views Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> 2022-04-21 20:38:32 +00:00			`from authentik.core.views.debug import AccessDeniedView`
core: pre-hydrate config into templates to directly load correct assets closes #3228 Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> 2022-07-28 22:02:48 +00:00			`from authentik.core.views.interface import FlowInterfaceView, InterfaceView`
core: make EndSessionView inherit PolicyAccessView Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> 2021-06-06 12:07:50 +00:00			`from authentik.core.views.session import EndSessionView`
add working oauth and ldap client 2018-11-11 12:41:48 +00:00
separate passbook.core into passbook.root and passbook.core Move Main Django Project into passbook.root while passbook.core holds core functionality. passbook.root contains main settings, ASGI & WSGI, celery and URLs. 2019-06-25 16:00:54 +00:00			`urlpatterns = [`
Static SPA (#648) * core: initial migration to /if Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * core: move jsi18n to api Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * tests: fix static URLs in tests Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * web: add new html files to rollup Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * web: fix rollup config and nginx config Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * core: add Impersonation support to user API Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * web: add banner for impersonation Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * tests: fix test_user function for new User API Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * flows: add background to API Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * web: set background from flow API Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * core: make root view login_required for redirect Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * flows: redirect to root-redirect instead of if-admin direct Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * api: add header to prevent Authorization Basic prompt in browser Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * web: redirect to root when user/me request fails Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> 2021-03-22 12:44:17 +00:00			`path(`
			`"",`
web: fix redirect when accessing authentik URLs authenticated closes #3174 Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> 2022-06-30 20:37:29 +00:00			`login_required(`
			`RedirectView.as_view(pattern_name="authentik_core:if-user", query_string=True)`
			`),`
Static SPA (#648) * core: initial migration to /if Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * core: move jsi18n to api Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * tests: fix static URLs in tests Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * web: add new html files to rollup Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * web: fix rollup config and nginx config Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * core: add Impersonation support to user API Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * web: add banner for impersonation Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * tests: fix test_user function for new User API Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * flows: add background to API Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * web: set background from flow API Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * core: make root view login_required for redirect Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * flows: redirect to root-redirect instead of if-admin direct Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * api: add header to prevent Authorization Basic prompt in browser Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * web: redirect to root when user/me request fails Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> 2021-03-22 12:44:17 +00:00			`name="root-redirect",`
			`),`
core: add initial app launch url (#2367) Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> 2022-02-23 21:48:55 +00:00			`path(`
			`# We have to use this format since everything else uses applications/o or applications/saml`
			`"application/launch/<slug:application_slug>/",`
			`apps.RedirectToAppLaunch.as_view(),`
			`name="application-launch",`
			`),`
core: move impersonation to core, add tests, add better permission checks 2020-09-17 14:24:53 +00:00			`# Impersonation`
			`path(`
			`"-/impersonation/<int:user_id>/",`
			`impersonate.ImpersonateInitView.as_view(),`
			`name="impersonate-init",`
			`),`
			`path(`
			`"-/impersonation/end/",`
			`impersonate.ImpersonateEndView.as_view(),`
			`name="impersonate-end",`
			`),`
Static SPA (#648) * core: initial migration to /if Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * core: move jsi18n to api Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * tests: fix static URLs in tests Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * web: add new html files to rollup Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * web: fix rollup config and nginx config Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * core: add Impersonation support to user API Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * web: add banner for impersonation Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * tests: fix test_user function for new User API Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * flows: add background to API Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * web: set background from flow API Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * core: make root view login_required for redirect Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * flows: redirect to root-redirect instead of if-admin direct Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * api: add header to prevent Authorization Basic prompt in browser Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * web: redirect to root when user/me request fails Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> 2021-03-22 12:44:17 +00:00			`# Interfaces`
			`path(`
			`"if/admin/",`
core: pre-hydrate config into templates to directly load correct assets closes #3228 Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> 2022-07-28 22:02:48 +00:00			`ensure_csrf_cookie(InterfaceView.as_view(template_name="if/admin.html")),`
Static SPA (#648) * core: initial migration to /if Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * core: move jsi18n to api Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * tests: fix static URLs in tests Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * web: add new html files to rollup Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * web: fix rollup config and nginx config Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * core: add Impersonation support to user API Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * web: add banner for impersonation Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * tests: fix test_user function for new User API Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * flows: add background to API Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * web: set background from flow API Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * core: make root view login_required for redirect Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * flows: redirect to root-redirect instead of if-admin direct Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * api: add header to prevent Authorization Basic prompt in browser Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * web: redirect to root when user/me request fails Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> 2021-03-22 12:44:17 +00:00			`name="if-admin",`
			`),`
interface split (#943) 2021-09-16 15:30:16 +00:00			`path(`
			`"if/user/",`
core: pre-hydrate config into templates to directly load correct assets closes #3228 Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> 2022-07-28 22:02:48 +00:00			`ensure_csrf_cookie(InterfaceView.as_view(template_name="if/user.html")),`
interface split (#943) 2021-09-16 15:30:16 +00:00			`name="if-user",`
			`),`
Static SPA (#648) * core: initial migration to /if Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * core: move jsi18n to api Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * tests: fix static URLs in tests Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * web: add new html files to rollup Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * web: fix rollup config and nginx config Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * core: add Impersonation support to user API Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * web: add banner for impersonation Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * tests: fix test_user function for new User API Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * flows: add background to API Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * web: set background from flow API Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * core: make root view login_required for redirect Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * flows: redirect to root-redirect instead of if-admin direct Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * api: add header to prevent Authorization Basic prompt in browser Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * web: redirect to root when user/me request fails Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> 2021-03-22 12:44:17 +00:00			`path(`
			`"if/flow/<slug:flow_slug>/",`
flows: add compatibility_mode to toggle ShadyDOM closes #894 Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> 2021-06-05 18:04:30 +00:00			`ensure_csrf_cookie(FlowInterfaceView.as_view()),`
Static SPA (#648) * core: initial migration to /if Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * core: move jsi18n to api Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * tests: fix static URLs in tests Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * web: add new html files to rollup Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * web: fix rollup config and nginx config Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * core: add Impersonation support to user API Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * web: add banner for impersonation Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * tests: fix test_user function for new User API Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * flows: add background to API Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * web: set background from flow API Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * core: make root view login_required for redirect Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * flows: redirect to root-redirect instead of if-admin direct Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * api: add header to prevent Authorization Basic prompt in browser Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * web: redirect to root when user/me request fails Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> 2021-03-22 12:44:17 +00:00			`name="if-flow",`
			`),`
core: move end-session to core Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> 2021-06-06 11:24:27 +00:00			`path(`
			`"if/session-end/<slug:application_slug>/",`
			`ensure_csrf_cookie(EndSessionView.as_view()),`
			`name="if-session-end",`
			`),`
core: add fallback URLs for websocket to cleanup test logs Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> 2021-06-03 15:20:44 +00:00			`# Fallback for WS`
core: pre-hydrate config into templates to directly load correct assets closes #3228 Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> 2022-07-28 22:02:48 +00:00			`path("ws/outpost/<uuid:pk>/", InterfaceView.as_view(template_name="if/admin.html")),`
core: add fallback URLs for websocket to cleanup test logs Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> 2021-06-03 15:20:44 +00:00			`path(`
			`"ws/client/",`
core: pre-hydrate config into templates to directly load correct assets closes #3228 Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> 2022-07-28 22:02:48 +00:00			`InterfaceView.as_view(template_name="if/admin.html"),`
core: add fallback URLs for websocket to cleanup test logs Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> 2021-06-03 15:20:44 +00:00			`),`
Many broken things 2018-11-16 08:10:35 +00:00			`]`
root: add silk and debugging views Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> 2022-04-21 20:38:32 +00:00
			`if settings.DEBUG:`
			`urlpatterns += [`
			`path("debug/policy/deny/", AccessDeniedView.as_view(), name="debug-policy-deny"),`
			`]`