mirror of
https://github.com/paperless-ngx/paperless-ngx.git
synced 2025-04-02 13:45:10 -05:00
Merge pull request #3516 from ajgon/fix/http-remote-user-api
Fix: KeyError error on unauthenticated API calls
This commit is contained in:
commit
569165371c
src/paperless
@ -1,6 +1,6 @@
|
||||
from django.conf import settings
|
||||
from django.contrib import auth
|
||||
from django.contrib.auth.middleware import RemoteUserMiddleware
|
||||
from django.contrib.auth.middleware import PersistentRemoteUserMiddleware
|
||||
from django.contrib.auth.models import User
|
||||
from django.utils.deprecation import MiddlewareMixin
|
||||
from rest_framework import authentication
|
||||
@ -37,7 +37,7 @@ class AngularApiAuthenticationOverride(authentication.BaseAuthentication):
|
||||
return None
|
||||
|
||||
|
||||
class HttpRemoteUserMiddleware(RemoteUserMiddleware):
|
||||
class HttpRemoteUserMiddleware(PersistentRemoteUserMiddleware):
|
||||
"""This class allows authentication via HTTP_REMOTE_USER which is set for
|
||||
example by certain SSO applications.
|
||||
"""
|
||||
|
@ -12,22 +12,21 @@ def handle_failed_login(sender, credentials, request, **kwargs):
|
||||
client_ip, _ = ipware.get_client_ip(
|
||||
meta=request.META,
|
||||
)
|
||||
username = credentials.get("username")
|
||||
log_output = (
|
||||
"No authentication provided"
|
||||
if username is None
|
||||
else f"Login failed for user `{username}`"
|
||||
)
|
||||
|
||||
if client_ip is None:
|
||||
logger.info(
|
||||
f"Login failed for user `{credentials['username']}`."
|
||||
" Unable to determine IP address.",
|
||||
)
|
||||
log_output += ". Unable to determine IP address."
|
||||
else:
|
||||
if client_ip.is_global:
|
||||
# We got the client's IP address
|
||||
logger.info(
|
||||
f"Login failed for user `{credentials['username']}`"
|
||||
f" from IP `{client_ip}.`",
|
||||
)
|
||||
log_output += f" from IP `{client_ip}.`"
|
||||
else:
|
||||
# The client's IP address is private
|
||||
logger.info(
|
||||
f"Login failed for user `{credentials['username']}`"
|
||||
f" from private IP `{client_ip}.`",
|
||||
)
|
||||
log_output += f" from private IP `{client_ip}.`"
|
||||
|
||||
logger.info(log_output)
|
||||
|
@ -12,6 +12,26 @@ class TestFailedLoginLogging(TestCase):
|
||||
"username": "john lennon",
|
||||
}
|
||||
|
||||
def test_unauthenticated(self):
|
||||
"""
|
||||
GIVEN:
|
||||
- Request with no authentication provided
|
||||
WHEN:
|
||||
- Request provided to signal handler
|
||||
THEN:
|
||||
- Unable to determine logged for unauthenticated user
|
||||
"""
|
||||
request = HttpRequest()
|
||||
request.META = {}
|
||||
with self.assertLogs("paperless.auth") as logs:
|
||||
handle_failed_login(None, {}, request)
|
||||
self.assertEqual(
|
||||
logs.output,
|
||||
[
|
||||
"INFO:paperless.auth:No authentication provided. Unable to determine IP address.",
|
||||
],
|
||||
)
|
||||
|
||||
def test_none(self):
|
||||
"""
|
||||
GIVEN:
|
||||
|
Loading…
x
Reference in New Issue
Block a user