forked from DGNum/gestioCOF
b42452080f
AccountBackend - Should now work if used in AUTHENTICATION_BACKENDS settings. - It does not retieve itself the password, as it should not be used this way. GenericBackend - Delete useless 'username' arg of its 'authenticate()' method. - Now delete the token in DB. TemporaryAuthMiddleware - New name of the middleware is more meaningful. - Is now responsible to retrieve the password from the request, instead of the AccountBackend. GenericTeamToken model - Add a manager' method to create token, avoiding possible error due to unicity constraint. GenericLoginView (authentication with the kfet generic user) - Replace obscure system with a 100% HTTP handling. - See comments for more information. Misc - More docstrings! - More tests! - Add some i18n. - Add kfet/confirm_form.html template: Ask user to confirm sth via a form (which will send a POST request). Context variables: * title: the page title * confirm_url: action attribute for <form> * text: displayed confirmation text - kfet.js : Add functions allowing to emit POST request from <a> tag. - Non-link nav items from kfet navbar also get a 'title'. - A utility has been found for the 'sunglasses' glyphicon!
38 lines
1.1 KiB
Python
38 lines
1.1 KiB
Python
# -*- coding: utf-8 -*-
|
|
from django.contrib.auth import get_user_model
|
|
|
|
from .backends import AccountBackend
|
|
|
|
User = get_user_model()
|
|
|
|
|
|
class TemporaryAuthMiddleware:
|
|
"""Authenticate another user for this request if AccountBackend succeeds.
|
|
|
|
By the way, if a user is authenticated, we refresh its from db to add
|
|
values from CofProfile and Account of this user.
|
|
|
|
"""
|
|
def process_request(self, request):
|
|
if request.user.is_authenticated():
|
|
# avoid multiple db accesses in views and templates
|
|
request.user = (
|
|
User.objects
|
|
.select_related('profile__account_kfet')
|
|
.get(pk=request.user.pk)
|
|
)
|
|
|
|
temp_request_user = AccountBackend().authenticate(
|
|
request,
|
|
kfet_password=self.get_kfet_password(request),
|
|
)
|
|
|
|
if temp_request_user:
|
|
request.real_user = request.user
|
|
request.user = temp_request_user
|
|
|
|
def get_kfet_password(self, request):
|
|
return (
|
|
request.META.get('HTTP_KFETPASSWORD') or
|
|
request.POST.get('KFETPASSWORD')
|
|
)
|