diff --git a/paperless.conf.example b/paperless.conf.example index b197b1a12..d6d6527f0 100644 --- a/paperless.conf.example +++ b/paperless.conf.example @@ -86,6 +86,11 @@ PAPERLESS_PASSPHRASE="secret" # https://docs.djangoproject.com/en/1.11/ref/settings/#force-script-name #PAPERLESS_FORCE_SCRIPT_NAME="" +# If you are using alternative authentication means or are just using paperless +# as a single user on a small private network, this option allows you to disable +# user authentication if you set it to "true" +#PAPERLESS_DISABLE_LOGIN="false" + ############################################################################### #### Software Tweaks #### ############################################################################### diff --git a/src/paperless/middleware.py b/src/paperless/middleware.py new file mode 100644 index 000000000..8fed7da8f --- /dev/null +++ b/src/paperless/middleware.py @@ -0,0 +1,14 @@ +from django.utils.deprecation import MiddlewareMixin +from .models import User + + +class Middleware (MiddlewareMixin): + """ + This is a dummy authentication middleware class that creates what + is roughly an Anonymous authenticated user so we can disable login + and not interfere with existing user ID's. It's only used if + login is disabled in paperless.conf (default is to require login) + """ + + def process_request(self, request): + request.user = User() diff --git a/src/paperless/models.py b/src/paperless/models.py new file mode 100644 index 000000000..4001d3468 --- /dev/null +++ b/src/paperless/models.py @@ -0,0 +1,26 @@ +class User: + """ + This is a dummy django User used with our middleware to disable + login authentication if that is configured in paperless.conf + """ + is_superuser = True + is_active = True + is_staff = True + is_authenticated = True + + # Must be -1 to avoid colliding with real user ID's (which start at 1) + id = -1 + + @property + def pk(self): + return self.id + + +""" + NOTE: These are here as a hack instead of being in the User definition + above due to the way pycodestyle handles lamdbdas. + See https://github.com/PyCQA/pycodestyle/issues/379 for more. +""" + +User.has_module_perms = lambda *_: True +User.has_perm = lambda *_: True diff --git a/src/paperless/settings.py b/src/paperless/settings.py index 14b2aeb63..b998e101a 100644 --- a/src/paperless/settings.py +++ b/src/paperless/settings.py @@ -77,6 +77,8 @@ INSTALLED_APPS = [ if os.getenv("PAPERLESS_INSTALLED_APPS"): INSTALLED_APPS += os.getenv("PAPERLESS_INSTALLED_APPS").split(",") + + MIDDLEWARE_CLASSES = [ 'django.middleware.security.SecurityMiddleware', 'django.contrib.sessions.middleware.SessionMiddleware', @@ -88,6 +90,12 @@ MIDDLEWARE_CLASSES = [ 'django.middleware.clickjacking.XFrameOptionsMiddleware', ] +#If AUTH is disabled, we just use our "bypass" authentication middleware +if bool(os.getenv("PAPERLESS_DISABLE_LOGIN", "false").lower() in ("yes", "y", "1", "t", "true")): + _index = MIDDLEWARE_CLASSES.index('django.contrib.auth.middleware.AuthenticationMiddleware') + MIDDLEWARE_CLASSES[_index] = 'paperless.middleware.Middleware' + MIDDLEWARE_CLASSES.remove('django.contrib.auth.middleware.SessionAuthenticationMiddleware') + ROOT_URLCONF = 'paperless.urls' TEMPLATES = [