2016-09-01 00:45:44 +02:00
|
|
|
# -*- coding: utf-8 -*-
|
2017-09-25 17:16:19 +02:00
|
|
|
from django.contrib.auth import get_user_model
|
2016-09-01 00:45:44 +02:00
|
|
|
|
2017-09-25 17:16:19 +02:00
|
|
|
from .backends import AccountBackend
|
2016-09-01 00:45:44 +02:00
|
|
|
|
2017-09-25 17:16:19 +02:00
|
|
|
User = get_user_model()
|
2017-04-06 14:15:03 +02:00
|
|
|
|
2016-08-19 06:20:37 +02:00
|
|
|
|
2017-09-25 17:16:19 +02:00
|
|
|
class TemporaryAuthMiddleware:
|
|
|
|
"""Authenticate another user for this request if AccountBackend succeeds.
|
2017-04-06 14:15:03 +02:00
|
|
|
|
|
|
|
By the way, if a user is authenticated, we refresh its from db to add
|
|
|
|
values from CofProfile and Account of this user.
|
|
|
|
|
|
|
|
"""
|
2016-08-19 06:20:37 +02:00
|
|
|
def process_request(self, request):
|
2017-04-06 14:15:03 +02:00
|
|
|
if request.user.is_authenticated():
|
|
|
|
# avoid multiple db accesses in views and templates
|
|
|
|
request.user = (
|
|
|
|
User.objects
|
|
|
|
.select_related('profile__account_kfet')
|
2017-09-25 17:16:19 +02:00
|
|
|
.get(pk=request.user.pk)
|
2017-04-06 14:15:03 +02:00
|
|
|
)
|
|
|
|
|
2017-09-25 17:16:19 +02:00
|
|
|
temp_request_user = AccountBackend().authenticate(
|
|
|
|
request,
|
|
|
|
kfet_password=self.get_kfet_password(request),
|
|
|
|
)
|
|
|
|
|
2016-08-19 06:20:37 +02:00
|
|
|
if temp_request_user:
|
2016-08-20 23:31:30 +02:00
|
|
|
request.real_user = request.user
|
2016-08-19 06:20:37 +02:00
|
|
|
request.user = temp_request_user
|
2017-09-25 17:16:19 +02:00
|
|
|
|
|
|
|
def get_kfet_password(self, request):
|
|
|
|
return (
|
|
|
|
request.META.get('HTTP_KFETPASSWORD') or
|
|
|
|
request.POST.get('KFETPASSWORD')
|
|
|
|
)
|