Add NativeAuth as an optional authenticator

docs/howto/auth/nativeauth.rst

@@ -0,0 +1,38 @@
+.. _howto/auth/nativeauth:
+
+==================================================
+Users can signup and create username and password
+==================================================
+
+The **Native Authenticator** lets users signup for creating a new username 
+and password.
+When they signup, they won't be able to login until they are authorized by an 
+admin. Users that are characterized as admin have to signup as well, but they  
+will be authorized automatically.
+
+
+Enabling the authenticator
+==========================
+
+#. Enable the authenticator and reload config to apply the configuration:
+
+   sudo tljh-config set auth.type nativeauthenticator.NativeAuthenticator
+   sudo tljh-config reload
+
+
+Allowing all users to be authorized after signup
+================================================
+
+By default, all users created on signup don't have authorization to login. 
+If you wish to allow **any** user to access
+the JupyterHub just after the signup, run the following command:
+
+.. code-block:: bash
+
+   tljh-config set auth.NativeAuthenticator.open_signup true
+   tljh-config reload
+
+Optional features
+=================
+
+More optional features are available on the `authenticator documentation <https://native-authenticator.readthedocs.io/en/latest/>` 

docs/index.rst

@@ -76,6 +76,7 @@ with your JupyterHub. For more information on Authentication, see
    howto/auth/dummy
    howto/auth/github
    howto/auth/firstuse
+   howto/auth/nativeauth
 
 Administration and security
 ---------------------------
@@ -147,4 +148,4 @@ to people contributing in various ways.
    contributing/dev-setup
    contributing/tests
    contributing/plugins
-   contributing/packages
+   contributing/packages

docs/topic/authenticator-configuration.rst

@@ -16,6 +16,7 @@ can be used with TLJH. A number of them ship by default with TLJH:
    available.
 #. `FirstUseAuthenticator <https://github.com/yuvipanda/jupyterhub-firstuseauthenticator>`_ - Users set
    their password when they log in for the first time. Default authenticator used in TLJH.
+#. `NativeAuthenticator <https://native-authenticator.readthedocs.io/en/latest/>`_ - Allow users to signup, add password security verification and block users after failed attempts oflogin. 
 
 We try to have specific how-to guides & tutorials for common authenticators. Since we can not cover
 everything, this guide shows you how to use any authenticator you want with JupyterHub by following

tests/test_configurer.py

@@ -159,3 +159,19 @@ def test_auth_github():
     assert c.JupyterHub.authenticator_class == 'oauthenticator.github.GitHubOAuthenticator'
     assert c.GitHubOAuthenticator.client_id == 'something'
     assert c.GitHubOAuthenticator.client_secret == 'something-else'
+
+
+def test_auth_native():
+    """
+    Test setting Native Authenticator
+    """
+    c = apply_mock_config({
+        'auth': {
+            'type': 'nativeauthenticator.NativeAuthenticator',
+            'NativeAuthenticator': {
+                'open_signup': True,
+            }
+        }
+    })
+    assert c.JupyterHub.authenticator_class == 'nativeauthenticator.NativeAuthenticator'
+    assert c.NativeAuthenticator.open_signup == True

tljh/installer.py

@@ -188,6 +188,7 @@ def ensure_jupyterhub_package(prefix):
         'jupyterhub-dummyauthenticator==0.3.1',
         'jupyterhub-systemdspawner==0.11',
         'jupyterhub-firstuseauthenticator==0.12',
+        'jupyterhub-nativeauthenticator==0.0.4',
         'jupyterhub-ldapauthenticator==1.2.2',
         'oauthenticator==0.8.0',
     ])