gestioCOF/kfet/auth/middleware.py

43 lines
1.2 KiB
Python
Raw Normal View History

from django.contrib.auth import get_user_model
2016-09-01 00:45:44 +02:00
from .backends import AccountBackend
2016-09-01 00:45:44 +02:00
User = get_user_model()
2017-04-06 14:15:03 +02:00
class TemporaryAuthMiddleware:
"""Authenticate another user for this request if AccountBackend succeeds.
2017-04-06 14:15:03 +02:00
By the way, if a user is authenticated, we refresh its from db to add
values from CofProfile and Account of this user.
"""
def __init__(self, get_response):
self.get_response = get_response
def __call__(self, request):
if request.user.is_authenticated:
2017-04-06 14:15:03 +02:00
# avoid multiple db accesses in views and templates
request.user = (
User.objects
.select_related('profile__account_kfet')
.get(pk=request.user.pk)
2017-04-06 14:15:03 +02:00
)
temp_request_user = AccountBackend().authenticate(
request,
kfet_password=self.get_kfet_password(request),
)
if temp_request_user:
request.real_user = request.user
request.user = temp_request_user
return self.get_response(request)
def get_kfet_password(self, request):
return (
request.META.get('HTTP_KFETPASSWORD') or
request.POST.get('KFETPASSWORD')
)