Merge pull request #677 from skuzzle/dev

Add the possibility to customize the remote user header name
2025-07-28 18:24:38 -05:00 · 2021-03-03 23:54:33 +01:00
parent e56daf07d4 c7abdb61e8
commit da9f370924
4 changed files with 79 additions and 3 deletions
--- a/src/documents/tests/test_auth.py
+++ b/src/documents/tests/test_auth.py
@@ -0,0 +1,66 @@
+from django.contrib.auth.models import User
+from django.test import override_settings, Client, modify_settings, TestCase
+
+
+class TestRemoteUserAuthentication(TestCase):
+
+    def test_no_remote_user_auth(self):
+        client = Client()
+
+        response = client.get("/api/documents/")
+        self.assertEqual(response.status_code, 401)
+
+        response = client.get("/api/documents/", HTTP_REMOTE_USER="someone")
+        self.assertEqual(response.status_code, 401)
+
+        response = client.get("/api/documents/", HTTP_X_FORWARDED_USER="someone")
+        self.assertEqual(response.status_code, 401)
+
+    @modify_settings(
+        MIDDLEWARE={
+            'append': 'paperless.auth.HttpRemoteUserMiddleware'
+        },
+        AUTHENTICATION_BACKENDS={
+            'prepend': 'django.contrib.auth.backends.RemoteUserBackend'
+        }
+    )
+    def test_standard_remote_user_auth(self):
+        client = Client()
+
+        response = client.get("/api/documents/")
+        self.assertEqual(response.status_code, 401)
+
+        response = client.get("/api/documents/", HTTP_X_FORWARDED_USER="someone")
+        self.assertEqual(response.status_code, 401)
+
+        self.assertFalse(User.objects.filter(username="someone").exists())
+
+        response = client.get("/api/documents/", HTTP_REMOTE_USER="someone")
+        self.assertEqual(response.status_code, 200)
+
+        self.assertTrue(User.objects.filter(username="someone").exists())
+
+    @modify_settings(
+        MIDDLEWARE={
+            'append': 'paperless.auth.HttpRemoteUserMiddleware'
+        },
+        AUTHENTICATION_BACKENDS={
+            'prepend': 'django.contrib.auth.backends.RemoteUserBackend'
+        }
+    )
+    @override_settings(HTTP_REMOTE_USER_HEADER_NAME="HTTP_X_FORWARDED_USER")
+    def test_custom_remote_user_auth(self):
+        client = Client()
+
+        response = client.get("/api/documents/")
+        self.assertEqual(response.status_code, 401)
+
+        response = client.get("/api/documents/", HTTP_REMOTE_USER="someone")
+        self.assertEqual(response.status_code, 401)
+
+        self.assertFalse(User.objects.filter(username="someone").exists())
+
+        response = client.get("/api/documents/", HTTP_X_FORWARDED_USER="someone")
+        self.assertEqual(response.status_code, 200)
+
+        self.assertTrue(User.objects.filter(username="someone").exists())