paradizelost/paperless-ngx
1
0
Fork 0
mirror of https://github.com/paperless-ngx/paperless-ngx.git synced 2025-10-30 03:56:23 -05:00
Code Issues Packages Projects Releases Wiki Activity

Allow authentication via HTTP_REMOTE_USER

Browse Source
This commit is contained in:
Michael Shamoon
2021-01-03 00:37:19 -08:00
parent edc07ec65f
commit 009de5184f
4 changed files with 39 additions and 6 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
docs/configuration.rst
View File

@@ -162,6 +162,12 @@ PAPERLESS_COOKIE_PREFIX=<str>
Defaults to ``""``, which does not alter the cookie names. Defaults to ``""``, which does not alter the cookie names.
PAPERLESS_ENABLE_HTTP_REMOTE_USER=<bool>
Allows authentication via HTTP_REMOTE_USER which is used by some SSO
applications.
Defaults to `false` which disables this feature.
.. _configuration-ocr: .. _configuration-ocr:
OCR settings OCR settings

1
paperless.conf.example
View File

@@ -31,6 +31,7 @@
#PAPERLESS_STATIC_URL=/static/ #PAPERLESS_STATIC_URL=/static/
#PAPERLESS_AUTO_LOGIN_USERNAME= #PAPERLESS_AUTO_LOGIN_USERNAME=
#PAPERLESS_COOKIE_PREFIX= #PAPERLESS_COOKIE_PREFIX=
#PAPERLESS_ENABLE_HTTP_REMOTE_USER=false
# OCR settings # OCR settings

19
src/paperless/auth.py
View File

@@ -2,6 +2,7 @@ from django.conf import settings
from django.contrib.auth.models import User from django.contrib.auth.models import User
from django.utils.deprecation import MiddlewareMixin from django.utils.deprecation import MiddlewareMixin
from rest_framework import authentication from rest_framework import authentication
from rest_framework import exceptions
class AutoLoginMiddleware(MiddlewareMixin): class AutoLoginMiddleware(MiddlewareMixin):
@@ -26,3 +27,21 @@ class AngularApiAuthenticationOverride(authentication.BaseAuthentication):
return (user, None) return (user, None)
else: else:
return None return None
class HttpRemoteUserAuthentication(authentication.BaseAuthentication):
""" This class allows authentication via HTTP_REMOTE_USER which is set for
example by certain SSO applications.
"""
def authenticate(self, request):
username = request.META.get('HTTP_REMOTE_USER')
if not username:
return None
try:
user = User.objects.get(username=username)
except User.DoesNotExist:
raise exceptions.AuthenticationFailed('No such user')
return (user, None)

7
src/paperless/settings.py
View File

@@ -112,6 +112,13 @@ if DEBUG:
'paperless.auth.AngularApiAuthenticationOverride' 'paperless.auth.AngularApiAuthenticationOverride'
) )
ENABLE_HTTP_REMOTE_USER = __get_boolean("PAPERLESS_ENABLE_HTTP_REMOTE_USER")
if ENABLE_HTTP_REMOTE_USER:
REST_FRAMEWORK['DEFAULT_AUTHENTICATION_CLASSES'].append(
'paperless.auth.HttpRemoteUserAuthentication'
)
MIDDLEWARE = [ MIDDLEWARE = [
'django.middleware.security.SecurityMiddleware', 'django.middleware.security.SecurityMiddleware',
'whitenoise.middleware.WhiteNoiseMiddleware', 'whitenoise.middleware.WhiteNoiseMiddleware',