Move active check for header auth to middleware

Add extra header type sanity check to the backend

hc/accounts/backends.py

@@ -42,8 +42,11 @@ class EmailBackend(BasicBackend):
 
 class CustomHeaderBackend(RemoteUserBackend):
     def clean_username(self, username):
-        if settings.REMOTE_USER_HEADER_TYPE == None: return None
-        elif settings.REMOTE_USER_HEADER_TYPE == "ID": return username
+        if settings.REMOTE_USER_HEADER_TYPE == "ID": return username
+
+        # "EMAIL" and "ID" are the only two values that should reach here
+        if settings.REMOTE_USER_HEADER_TYPE != "EMAIL": 
+            raise Exception(f"Unexpected value for REMOTE_USER_HEADER_TYPE ({settings.REMOTE_USER_HEADER_TYPE})!")
 
         #else, it's the email address
         try:

hc/accounts/middleware.py

@@ -18,4 +18,9 @@ class TeamAccessMiddleware(object):
 from django.contrib.auth.middleware import RemoteUserMiddleware
 
 class CustomHeaderMiddleware(RemoteUserMiddleware):
-    header = settings.REMOTE_USER_HEADER
+    header = settings.REMOTE_USER_HEADER
+
+    def process_request(self, request):
+        if settings.REMOTE_USER_HEADER_TYPE == None: return None
+        if settings.REMOTE_USER_HEADER_TYPE == "": return None
+        return super().process_request(request)