URL login

You can generate a permalink of your application to give a user direct access to protected data.

First, you should configure urllogin in the vars file:

urllogin:
    aes_key: foobarfoobar1234

The AES key must be either 16, 24, or 32 bytes long.

To generate a key, you can use the docker-compose exec geoportal urllogin command:

Generate an auth token

usage: docker-compose exec geoportal urllogin [-h]
                                              [config_uri]
                                              [config_vars [config_vars ...]]
                                              user password [valid]

Positional Arguments

config_uri

The URI to the configuration file.

Default: “c2c://geoportal/development.ini”

config_vars

Variables required by the config file. For example, http_port=%(http_port)s would expect http_port=8080 to be passed here.

Default: ()

user

The username

password

The password

valid

Is valid for, in days

Default: 1

This generates a token like: auth=148b60cc... that you can add in the query string of the permalink.

When the user uses this link, s/he will be connected as a normal user, therefore you should be sure that the session timeout is not too big.

You can change the session timeout in the docker-compose.yaml file with:

services:
    geoportal:
        environment:
            # in second => One day
            AUTHTKT_TIMEOUT: 86400

How to build your token in your application

The content of the token is a json-encoded text like this:

{
    u: <username>,
    p: <password>,
    t: <timestamp> // end of validity in seconds
}

This content is then encrypted in AES with the provided key, and encoded in hexadecimal.