nielsperetzke
/
healthchecks
1
0
Fork 0
Code Issues 0 Pull Requests 0 Projects 0 Releases 32 Wiki Activity
Browse Source

Add HTTP header authentiation backend/middleware

pull/457/head
Shea Polansky 4 years ago
committed by Pēteris Caune
parent
70ef9c1904
commit
ae4e6c539d
No known key found for this signature in database GPG Key ID: E28D7679E9A9EDE2
3 changed files with 28 additions and 0 deletions
Split View
Diff Options
Show Stats Download Patch File Download Diff File
  1. +14
    -0
      hc/accounts/backends.py
  2. +8
    -0
      hc/accounts/middleware.py
  3. +6
    -0
      hc/settings.py

+ 14
- 0
hc/accounts/backends.py View File

@ -1,5 +1,8 @@
from django.contrib.auth.models import User
from hc.accounts.models import Profile
from django.contrib.auth.backends import RemoteUserBackend
from hc.accounts import views
from django.conf import settings
class BasicBackend(object):
@ -36,3 +39,14 @@ class EmailBackend(BasicBackend):
if user.check_password(password):
return user
class CustomHeaderBackend(RemoteUserBackend):
def clean_username(self, username):
if settings.REMOTE_USER_HEADER_TYPE == None: return None
elif settings.REMOTE_USER_HEADER_TYPE == "ID": return username
#else, it's the email address
try:
return User.objects.get(email=username).username
except User.DoesNotExist:
return views._make_user(username).username

+ 8
- 0
hc/accounts/middleware.py View File

@ -1,4 +1,7 @@
from hc.accounts.models import Profile
from django.contrib.auth.middleware import RemoteUserMiddleware
from django.contrib.auth.backends import RemoteUserBackend
from django.conf import settings
class TeamAccessMiddleware(object):
@ -11,3 +14,8 @@ class TeamAccessMiddleware(object):
request.profile = Profile.objects.for_user(request.user)
return self.get_response(request)
from django.contrib.auth.middleware import RemoteUserMiddleware
class CustomHeaderMiddleware(RemoteUserMiddleware):
header = settings.REMOTE_USER_HEADER

+ 6
- 0
hc/settings.py View File

@ -58,12 +58,17 @@ INSTALLED_APPS = (
"hc.payments",
)
REMOTE_USER_HEADER = os.getenv("REMOTE_USER_HEADER", "AUTH_USER")
REMOTE_USER_HEADER_TYPE = os.getenv("REMOTE_USER_HEADER_TYPE", "").upper()
if REMOTE_USER_HEADER_TYPE not in ["EMAIL", "ID"]: REMOTE_USER_HEADER_TYPE = None
MIDDLEWARE = (
"django.middleware.security.SecurityMiddleware",
"django.contrib.sessions.middleware.SessionMiddleware",
"django.middleware.common.CommonMiddleware",
"django.middleware.csrf.CsrfViewMiddleware",
"django.contrib.auth.middleware.AuthenticationMiddleware",
"hc.accounts.middleware.CustomHeaderMiddleware",
"django.contrib.messages.middleware.MessageMiddleware",
"django.middleware.clickjacking.XFrameOptionsMiddleware",
"django.middleware.locale.LocaleMiddleware",
@ -73,6 +78,7 @@ MIDDLEWARE = (
AUTHENTICATION_BACKENDS = (
"hc.accounts.backends.EmailBackend",
"hc.accounts.backends.ProfileBackend",
"hc.accounts.backends.CustomHeaderBackend",
)
ROOT_URLCONF = "hc.urls"


Write Preview
Loading…
Cancel
Save