diff --git a/src/paperless/auto_auth.py b/src/paperless/auto_auth.py deleted file mode 100644 index a12bf9405..000000000 --- a/src/paperless/auto_auth.py +++ /dev/null @@ -1,34 +0,0 @@ -from django.contrib.auth.models import User - -''' - This is a dummy authentication middleware module that creates what - is roughly an Anonymous authenticated user so we can disable login - and not interfere with existing user ID's. -''' - - -class User: - is_superuser = True - is_active = True - is_staff = True - is_authenticated = True - - ''' - Must be -1 to avoid colliding with possible - existing user ID's (that start number at 1) - ''' - id = -1 - pk = -1 - - -def return_true(*args, **kwargs): - return True - - -User.has_module_perms = return_true -User.has_perm = return_true - - -class Middleware(object): - def process_request(self, request): - request.user = User() diff --git a/src/paperless/middleware.py b/src/paperless/middleware.py new file mode 100644 index 000000000..c2a74cc51 --- /dev/null +++ b/src/paperless/middleware.py @@ -0,0 +1,14 @@ +from django.utils.deprecation import MiddlewareMixin +from .models import User + +class Middleware (MiddlewareMixin): + """ + This is a dummy authentication middleware class that creates what + is roughly an Anonymous authenticated user so we can disable login + and not interfere with existing user ID's. It's only used if + login is disabled in paperless.conf (default is to require login) + """ + + def process_request(self, request): + request.user = User() + diff --git a/src/paperless/models.py b/src/paperless/models.py new file mode 100644 index 000000000..1728d6822 --- /dev/null +++ b/src/paperless/models.py @@ -0,0 +1,19 @@ +class User: + """ + This is a dummy django User used with our middleware to disable + login authentication if that is configured in paperless.conf + """ + is_superuser = True + is_active = True + is_staff = True + is_authenticated = True + has_module_perms = lambda *_: True + has_perm = lambda *_: True + + #Must be -1 to avoid colliding with real user ID's (which start at 1) + id = -1 + + @property + def pk(self): + return self.id + diff --git a/src/paperless/settings.py b/src/paperless/settings.py index e9e668037..b998e101a 100644 --- a/src/paperless/settings.py +++ b/src/paperless/settings.py @@ -78,25 +78,24 @@ if os.getenv("PAPERLESS_INSTALLED_APPS"): INSTALLED_APPS += os.getenv("PAPERLESS_INSTALLED_APPS").split(",") -#Default Django authentication middleware (requires a username/password) -AUTH_CLASSES = [\ - 'django.contrib.auth.middleware.AuthenticationMiddleware', - 'django.contrib.auth.middleware.SessionAuthenticationMiddleware'] - -#If AUTH is disabled, we just use our "bypass" authentication middleware -if bool(os.getenv("PAPERLESS_DISABLE_LOGIN","false").lower() in ("yes", "y", "1", "t", "true")): - AUTH_CLASSES = ['paperless.auto_auth.Middleware'] MIDDLEWARE_CLASSES = [ 'django.middleware.security.SecurityMiddleware', 'django.contrib.sessions.middleware.SessionMiddleware', 'django.middleware.common.CommonMiddleware', - 'django.middleware.csrf.CsrfViewMiddleware']\ - + AUTH_CLASSES + \ - ['django.contrib.messages.middleware.MessageMiddleware', + 'django.middleware.csrf.CsrfViewMiddleware', + 'django.contrib.auth.middleware.AuthenticationMiddleware', + 'django.contrib.auth.middleware.SessionAuthenticationMiddleware', + 'django.contrib.messages.middleware.MessageMiddleware', 'django.middleware.clickjacking.XFrameOptionsMiddleware', ] +#If AUTH is disabled, we just use our "bypass" authentication middleware +if bool(os.getenv("PAPERLESS_DISABLE_LOGIN", "false").lower() in ("yes", "y", "1", "t", "true")): + _index = MIDDLEWARE_CLASSES.index('django.contrib.auth.middleware.AuthenticationMiddleware') + MIDDLEWARE_CLASSES[_index] = 'paperless.middleware.Middleware' + MIDDLEWARE_CLASSES.remove('django.contrib.auth.middleware.SessionAuthenticationMiddleware') + ROOT_URLCONF = 'paperless.urls' TEMPLATES = [