From 10f6708a711f66a60aca82865c3d4a6708aa32db Mon Sep 17 00:00:00 2001
From: Shea Polansky <shea@polansky.co>
Date: Fri, 4 Dec 2020 20:00:30 -0800
Subject: [PATCH] Move active check for header auth to middleware Add extra
 header type sanity check to the backend

---
 hc/accounts/backends.py   | 7 +++++--
 hc/accounts/middleware.py | 7 ++++++-
 2 files changed, 11 insertions(+), 3 deletions(-)

diff --git a/hc/accounts/backends.py b/hc/accounts/backends.py
index c8c932bf..43efe398 100644
--- a/hc/accounts/backends.py
+++ b/hc/accounts/backends.py
@@ -42,8 +42,11 @@ class EmailBackend(BasicBackend):
 
 class CustomHeaderBackend(RemoteUserBackend):
     def clean_username(self, username):
-        if settings.REMOTE_USER_HEADER_TYPE == None: return None
-        elif settings.REMOTE_USER_HEADER_TYPE == "ID": return username
+        if settings.REMOTE_USER_HEADER_TYPE == "ID": return username
+
+        # "EMAIL" and "ID" are the only two values that should reach here
+        if settings.REMOTE_USER_HEADER_TYPE != "EMAIL": 
+            raise Exception(f"Unexpected value for REMOTE_USER_HEADER_TYPE ({settings.REMOTE_USER_HEADER_TYPE})!")
 
         #else, it's the email address
         try:
diff --git a/hc/accounts/middleware.py b/hc/accounts/middleware.py
index b759c8b4..aba45000 100644
--- a/hc/accounts/middleware.py
+++ b/hc/accounts/middleware.py
@@ -18,4 +18,9 @@ class TeamAccessMiddleware(object):
 from django.contrib.auth.middleware import RemoteUserMiddleware
 
 class CustomHeaderMiddleware(RemoteUserMiddleware):
-    header = settings.REMOTE_USER_HEADER
\ No newline at end of file
+    header = settings.REMOTE_USER_HEADER
+
+    def process_request(self, request):
+        if settings.REMOTE_USER_HEADER_TYPE == None: return None
+        if settings.REMOTE_USER_HEADER_TYPE == "": return None
+        return super().process_request(request)
\ No newline at end of file