From be5218f7e1f0c7d875ee886bcf25f53b29c06ac6 Mon Sep 17 00:00:00 2001
From: Ludovic Stephan <ludovic.stephan@ens.fr>
Date: Thu, 21 Nov 2019 01:02:18 +0100
Subject: [PATCH] Remove pesky middleware

---
 cof/settings/common.py  |  1 -
 kfet/auth/middleware.py | 37 -------------------------------------
 2 files changed, 38 deletions(-)
 delete mode 100644 kfet/auth/middleware.py

diff --git a/cof/settings/common.py b/cof/settings/common.py
index bd07b213..dd5b67b1 100644
--- a/cof/settings/common.py
+++ b/cof/settings/common.py
@@ -111,7 +111,6 @@ MIDDLEWARE = [
     "django.middleware.common.CommonMiddleware",
     "django.middleware.csrf.CsrfViewMiddleware",
     "django.contrib.auth.middleware.AuthenticationMiddleware",
-    "kfet.auth.middleware.TemporaryAuthMiddleware",
     "django.contrib.messages.middleware.MessageMiddleware",
     "django.middleware.clickjacking.XFrameOptionsMiddleware",
     "django.middleware.security.SecurityMiddleware",
diff --git a/kfet/auth/middleware.py b/kfet/auth/middleware.py
deleted file mode 100644
index 43a920e1..00000000
--- a/kfet/auth/middleware.py
+++ /dev/null
@@ -1,37 +0,0 @@
-from django.contrib.auth import get_user_model
-
-from .backends import AccountBackend
-
-User = get_user_model()
-
-
-class TemporaryAuthMiddleware:
-    """Authenticate another user for this request if AccountBackend succeeds.
-
-    By the way, if a user is authenticated, we refresh its from db to add
-    values from CofProfile and Account of this user.
-
-    """
-
-    def __init__(self, get_response):
-        self.get_response = get_response
-
-    def __call__(self, request):
-        if request.user.is_authenticated:
-            # avoid multiple db accesses in views and templates
-            request.user = User.objects.select_related("profile__account_kfet").get(
-                pk=request.user.pk
-            )
-
-        temp_request_user = AccountBackend().authenticate(
-            request, kfet_password=self.get_kfet_password(request)
-        )
-
-        if temp_request_user:
-            request.real_user = request.user
-            request.user = temp_request_user
-
-        return self.get_response(request)
-
-    def get_kfet_password(self, request):
-        return request.META.get("HTTP_KFETPASSWORD") or request.POST.get("KFETPASSWORD")