paradizelost/paperless-ngx
1
0
Fork 0
mirror of https://github.com/paperless-ngx/paperless-ngx.git synced 2025-10-28 03:46:06 -05:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #295 from matthewmoto/disable_login

Browse Source 
Disable login with a creative hack
This commit is contained in:
Daniel Quinn
2018-02-18 17:15:51 +01:00
committed by GitHub
parent f0ad1d8a73 98034ad6c5
commit 48328e19a2
4 changed files with 53 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
paperless.conf.example
View File

@@ -86,6 +86,11 @@ PAPERLESS_PASSPHRASE="secret"
# https://docs.djangoproject.com/en/1.11/ref/settings/#force-script-name # https://docs.djangoproject.com/en/1.11/ref/settings/#force-script-name
#PAPERLESS_FORCE_SCRIPT_NAME="" #PAPERLESS_FORCE_SCRIPT_NAME=""
# If you are using alternative authentication means or are just using paperless
# as a single user on a small private network, this option allows you to disable
# user authentication if you set it to "true"
#PAPERLESS_DISABLE_LOGIN="false"
############################################################################### ###############################################################################
#### Software Tweaks #### #### Software Tweaks ####
############################################################################### ###############################################################################

14
src/paperless/middleware.py Normal file
View File

@@ -0,0 +1,14 @@
from django.utils.deprecation import MiddlewareMixin
from .models import User
class Middleware (MiddlewareMixin):
"""
This is a dummy authentication middleware class that creates what
is roughly an Anonymous authenticated user so we can disable login
and not interfere with existing user ID's. It's only used if
login is disabled in paperless.conf (default is to require login)
"""
def process_request(self, request):
request.user = User()

26
src/paperless/models.py Normal file
View File

@@ -0,0 +1,26 @@
class User:
"""
This is a dummy django User used with our middleware to disable
login authentication if that is configured in paperless.conf
"""
is_superuser = True
is_active = True
is_staff = True
is_authenticated = True
# Must be -1 to avoid colliding with real user ID's (which start at 1)
id = -1
@property
def pk(self):
return self.id
"""
NOTE: These are here as a hack instead of being in the User definition
above due to the way pycodestyle handles lamdbdas.
See https://github.com/PyCQA/pycodestyle/issues/379 for more.
"""
User.has_module_perms = lambda *_: True
User.has_perm = lambda *_: True

8
src/paperless/settings.py
View File

@@ -77,6 +77,8 @@ INSTALLED_APPS = [
if os.getenv("PAPERLESS_INSTALLED_APPS"): if os.getenv("PAPERLESS_INSTALLED_APPS"):
INSTALLED_APPS += os.getenv("PAPERLESS_INSTALLED_APPS").split(",") INSTALLED_APPS += os.getenv("PAPERLESS_INSTALLED_APPS").split(",")
MIDDLEWARE_CLASSES = [ MIDDLEWARE_CLASSES = [
'django.middleware.security.SecurityMiddleware', 'django.middleware.security.SecurityMiddleware',
'django.contrib.sessions.middleware.SessionMiddleware', 'django.contrib.sessions.middleware.SessionMiddleware',
@@ -88,6 +90,12 @@ MIDDLEWARE_CLASSES = [
'django.middleware.clickjacking.XFrameOptionsMiddleware', 'django.middleware.clickjacking.XFrameOptionsMiddleware',
] ]
#If AUTH is disabled, we just use our "bypass" authentication middleware
if bool(os.getenv("PAPERLESS_DISABLE_LOGIN", "false").lower() in ("yes", "y", "1", "t", "true")):
_index = MIDDLEWARE_CLASSES.index('django.contrib.auth.middleware.AuthenticationMiddleware')
MIDDLEWARE_CLASSES[_index] = 'paperless.middleware.Middleware'
MIDDLEWARE_CLASSES.remove('django.contrib.auth.middleware.SessionAuthenticationMiddleware')
ROOT_URLCONF = 'paperless.urls' ROOT_URLCONF = 'paperless.urls'
TEMPLATES = [ TEMPLATES = [