Integrating HashiCorp Vault Authentication to a Website

In this lab, we will need to set up a web application and configure it to use HashiCorp vault for authentication, without storing user credentials to a local database.

Learning Objectives

Successfully complete this lab by achieving the following learning objectives:

Unseal the Vault and Login with the Root Token

In the Vault Server, retrieve the vault keys.
Unseal the vault.
Log in with the Initial Root Token.

Enable Kv Secrets Engine and Create a Token with a Policy That Allows Access to It

Enable kv secrets engine.
Start python3.6.
In the Python Interactive Console, create a hash.
Copy the hash.
Write a key-value secret using the email and hash.
Create a policy file named web-policy.hcl, and give it read permissions.
Write the policy.
Create a token with the new policy.
Copy the client_token
Test out the token.

Install `pip for python3`, the `Django` framework, and Allow the Web Server to Access the App

Clone the Git repository.
Install python3-pip.
Using pip3, install the Django framework.
Open the settings.py file.
Add the Web Server public IP address to the ALLOWED_HOSTS.
Save the file.
Open the views.py file.
In the get_hashed_vault_creds() function, change the url and hdr.
Save the file.
Change to the HashiCorp-Vault/ directory.
Run the django app.
Open a web browser, go to 0.0.0.0:8080, and test the login.

What are Hands-on Labs

Hands-on Labs are real environments created by industry experts to help you learn. These environments help you gain knowledge and experience, practice without compromising your system, test without risk, destroy without fear, and let you learn from your mistakes. Hands-on Labs: practice your skills before delivering in the real world.

Integrating HashiCorp Vault Authentication to a Website

About this Hands-on Lab

Learning Objectives

Additional Resources

What are Hands-on Labs

Newsletter