Auth: add user context
Enable CERN SSO authentication. This is achieved by using a reverse proxy in front of the Nginx router that will inject HTTP headers with the signed in user info. Main changes:
- the Tornado RequestHandler will now check, on each HTTP request, if the user is anonymous or authenticated via
X-ADFS
headers - the
user
object is now injected in Jinja templates to be able to displaySigned in as: <fullname>
- removed unused
index.html
and404.html
templates in the Nginx routerapp-config
folder
Edited by Nicola Tarocco