added setting PAPERLESS_AUTO_LOGIN_USERNAME

This commit is contained in:
Jonas Winkler 2020-11-23 22:50:02 +01:00
parent 09e419aeee
commit f4013b1343
5 changed files with 92 additions and 52 deletions

View File

@ -5,6 +5,13 @@
Changelog
*********
next
####
* Setting ``PAPERLESS_AUTO_LOGIN_USERNAME`` replaces ``PAPERLESS_DISABLE_LOGIN``.
You have to specify your username.
paperless-ng 0.9.2
##################
@ -138,8 +145,11 @@ paperless-ng 0.9.0
* Many more small changes here and there. The usual stuff.
Paperless
#########
2.7.0
#####
=====
* `syntonym`_ submitted a pull request to catch IMAP connection errors `#475`_.
* `Stéphane Brunner`_ added ``psycopg2`` to the Pipfile `#489`_. He also fixed
@ -156,7 +166,7 @@ paperless-ng 0.9.0
2.6.1
#####
=====
* We now have a logo, complete with a favicon :-)
* Removed some problematic tests.
@ -168,7 +178,7 @@ paperless-ng 0.9.0
2.6.0
#####
=====
* Allow an infinite number of logs to be deleted. Thanks to `Ulli`_ for noting
the problem in `#433`_.
@ -189,7 +199,7 @@ paperless-ng 0.9.0
2.5.0
#####
=====
* **New dependency**: Paperless now optimises thumbnail generation with
`optipng`_, so you'll need to install that somewhere in your PATH or declare
@ -233,7 +243,7 @@ paperless-ng 0.9.0
2.4.0
#####
=====
* A new set of actions are now available thanks to `jonaswinkler`_'s very first
pull request! You can now do nifty things like tag documents in bulk, or set
@ -254,7 +264,7 @@ paperless-ng 0.9.0
2.3.0
#####
=====
* Support for consuming plain text & markdown documents was added by
`Joshua Taillon`_! This was a long-requested feature, and it's addition is
@ -272,14 +282,14 @@ paperless-ng 0.9.0
2.2.1
#####
=====
* `Kyle Lucy`_ reported a bug quickly after the release of 2.2.0 where we broke
the ``DISABLE_LOGIN`` feature: `#392`_.
2.2.0
#####
=====
* Thanks to `dadosch`_, `Wolfgang Mader`_, and `Tim Brooks`_ this is the first
version of Paperless that supports Django 2.0! As a result of their hard
@ -296,7 +306,7 @@ paperless-ng 0.9.0
2.1.0
#####
=====
* `Enno Lohmeier`_ added three simple features that make Paperless a lot more
user (and developer) friendly:
@ -315,7 +325,7 @@ paperless-ng 0.9.0
2.0.0
#####
=====
This is a big release as we've changed a core-functionality of Paperless: we no
longer encrypt files with GPG by default.
@ -347,7 +357,7 @@ Special thanks to `erikarvstedt`_, `matthewmoto`_, and `mcronce`_ who did the
bulk of the work on this big change.
1.4.0
#####
=====
* `Quentin Dawans`_ has refactored the document consumer to allow for some
command-line options. Notably, you can now direct it to consume from a
@ -382,7 +392,7 @@ bulk of the work on this big change.
to some excellent work from `erikarvstedt`_ on `#351`_
1.3.0
#####
=====
* You can now run Paperless without a login, though you'll still have to create
at least one user. This is thanks to a pull-request from `matthewmoto`_:
@ -405,7 +415,7 @@ bulk of the work on this big change.
problem and helping me find where to fix it.
1.2.0
#####
=====
* New Docker image, now based on Alpine, thanks to the efforts of `addadi`_
and `Pit`_. This new image is dramatically smaller than the Debian-based
@ -424,7 +434,7 @@ bulk of the work on this big change.
in the document text.
1.1.0
#####
=====
* Fix for `#283`_, a redirect bug which broke interactions with
paperless-desktop. Thanks to `chris-aeviator`_ for reporting it.
@ -434,7 +444,7 @@ bulk of the work on this big change.
`Dan Panzarella`_
1.0.0
#####
=====
* Upgrade to Django 1.11. **You'll need to run
``pip install -r requirements.txt`` after the usual ``git pull`` to
@ -453,14 +463,14 @@ bulk of the work on this big change.
`Lukas Winkler`_'s issue `#278`_
0.8.0
#####
=====
* Paperless can now run in a subdirectory on a host (``/paperless``), rather
than always running in the root (``/``) thanks to `maphy-psd`_'s work on
`#255`_.
0.7.0
#####
=====
* **Potentially breaking change**: As per `#235`_, Paperless will no longer
automatically delete documents attached to correspondents when those
@ -472,7 +482,7 @@ bulk of the work on this big change.
`Kusti Skytén`_ for posting the correct solution in the Github issue.
0.6.0
#####
=====
* Abandon the shared-secret trick we were using for the POST API in favour
of BasicAuth or Django session.
@ -486,7 +496,7 @@ bulk of the work on this big change.
the help with this feature.
0.5.0
#####
=====
* Support for fuzzy matching in the auto-tagger & auto-correspondent systems
thanks to `Jake Gysland`_'s patch `#220`_.
@ -504,13 +514,13 @@ bulk of the work on this big change.
* Amended the Django Admin configuration to have nice headers (`#230`_)
0.4.1
#####
=====
* Fix for `#206`_ wherein the pluggable parser didn't recognise files with
all-caps suffixes like ``.PDF``
0.4.0
#####
=====
* Introducing reminders. See `#199`_ for more information, but the short
explanation is that you can now attach simple notes & times to documents
@ -520,7 +530,7 @@ bulk of the work on this big change.
like to make use of this feature in his project.
0.3.6
#####
=====
* Fix for `#200`_ (!!) where the API wasn't configured to allow updating the
correspondent or the tags for a document.
@ -534,7 +544,7 @@ bulk of the work on this big change.
documentation is on its way.
0.3.5
#####
=====
* A serious facelift for the documents listing page wherein we drop the
tabular layout in favour of a tiled interface.
@ -545,7 +555,7 @@ bulk of the work on this big change.
consumption.
0.3.4
#####
=====
* Removal of django-suit due to a licensing conflict I bumped into in 0.3.3.
Note that you *can* use Django Suit with Paperless, but only in a
@ -558,26 +568,26 @@ bulk of the work on this big change.
API thanks to @thomasbrueggemann. See `#179`_.
0.3.3
#####
=====
* Thumbnails in the UI and a Django-suit -based face-lift courtesy of @ekw!
* Timezone, items per page, and default language are now all configurable,
also thanks to @ekw.
0.3.2
#####
=====
* Fix for `#172`_: defaulting ALLOWED_HOSTS to ``["*"]`` and allowing the
user to set her own value via ``PAPERLESS_ALLOWED_HOSTS`` should the need
arise.
0.3.1
#####
=====
* Added a default value for ``CONVERT_BINARY``
0.3.0
#####
=====
* Updated to using django-filter 1.x
* Added some system checks so new users aren't confused by misconfigurations.
@ -590,7 +600,7 @@ bulk of the work on this big change.
``PAPERLESS_SHARED_SECRET`` respectively instead.
0.2.0
#####
=====
* `#150`_: The media root is now a variable you can set in
``paperless.conf``.
@ -618,7 +628,7 @@ bulk of the work on this big change.
to `Martin Honermeyer`_ and `Tim White`_ for working with me on this.
0.1.1
#####
=====
* Potentially **Breaking Change**: All references to "sender" in the code
have been renamed to "correspondent" to better reflect the nature of the
@ -642,7 +652,7 @@ bulk of the work on this big change.
to be imported but made unavailable.
0.1.0
#####
=====
* Docker support! Big thanks to `Wayne Werner`_, `Brian Conn`_, and
`Tikitu de Jager`_ for this one, and especially to `Pit`_
@ -661,14 +671,14 @@ bulk of the work on this big change.
* Added tox with pep8 checking
0.0.6
#####
=====
* Added support for parallel OCR (significant work from `Pit`_)
* Sped up the language detection (significant work from `Pit`_)
* Added simple logging
0.0.5
#####
=====
* Added support for image files as documents (png, jpg, gif, tiff)
* Added a crude means of HTTP POST for document imports
@ -677,7 +687,7 @@ bulk of the work on this big change.
* Documentation for the above as well as data migration
0.0.4
#####
=====
* Added automated tagging basted on keyword matching
* Cleaned up the document listing page
@ -685,19 +695,19 @@ bulk of the work on this big change.
* Added ``pytz`` to the list of requirements
0.0.3
#####
=====
* Added basic tagging
0.0.2
#####
=====
* Added language detection
* Added datestamps to ``document_exporter``.
* Changed ``settings.TESSERACT_LANGUAGE`` to ``settings.OCR_LANGUAGE``.
0.0.1
#####
=====
* Initial release

View File

@ -35,22 +35,22 @@ PAPERLESS_DBHOST=<hostname>
PAPERLESS_DBPORT=<port>
Adjust port if necessary.
Default is 5432.
PAPERLESS_DBNAME=<name>
Database name in PostgreSQL.
Defaults to "paperless".
PAPERLESS_DBUSER=<name>
Database user in PostgreSQL.
Defaults to "paperless".
PAPERLESS_DBPASS=<password>
Database password for PostgreSQL.
Defaults to "paperless".
@ -113,7 +113,7 @@ PAPERLESS_ALLOWED_HOSTS<comma-separated-list>
really should set this value to the domain name you're using. Failing to do
so leaves you open to HTTP host header attacks:
https://docs.djangoproject.com/en/3.1/topics/security/#host-header-validation
Just remember that this is a comma-separated list, so "example.com" is fine,
as is "example.com,www.example.com", but NOT " example.com" or "example.com,"
@ -132,15 +132,25 @@ PAPERLESS_FORCE_SCRIPT_NAME=<path>
.. note::
I don't know if this works in paperless-ng. Probably not.
Defaults to none, which hosts paperless at "/".
PAPERLESS_STATIC_URL=<path>
Override the STATIC_URL here. Unless you're hosting Paperless off a
subdomain like /paperless/, you probably don't need to change this.
Defaults to "/static/".
PAPERLESS_AUTO_LOGIN_USERNAME=<username>
Specify a username here so that paperless will automatically perform login
with the selected user.
.. danger::
Do not use this when exposing paperless on the internet. There are no
checks in place that would prevent you from doing this.
Defaults to none, which disables this feature.
Software tweaks
###############
@ -156,11 +166,11 @@ PAPERLESS_THREADS_PER_WORKER=<num>
in parallel on a single document.
.. caution::
Ensure that the product
PAPERLESS_TASK_WORKERS * PAPERLESS_THREADS_PER_WORKER
does not exceed your CPU core count or else paperless will be extremely slow.
If you want paperless to process many documents in parallel, choose a high
worker count. If you want paperless to process very large documents faster,
@ -197,10 +207,10 @@ PAPERLESS_OCR_PAGES=<num>
PAPERLESS_OCR_LANGUAGE=<lang>
Customize the default language that tesseract will attempt to use when
parsing documents. The default language is used whenever
* No language could be detected on a document
* No tesseract data files are available for the detected language
It should be a 3-letter language code consistent with ISO
639: https://www.loc.gov/standards/iso639-2/php/code_list.php
@ -234,7 +244,7 @@ PAPERLESS_CONVERT_MEMORY_LIMIT=<num>
such cases, try setting this to a reasonably low value, like 32. The
default is to use whatever is necessary to do everything without writing to
disk, and units are in megabytes.
For more information on how to use this value, you should search
the web for "MAGICK_MEMORY_LIMIT".
@ -245,7 +255,7 @@ PAPERLESS_CONVERT_TMPDIR=<path>
/tmp as tmpfs, you should set this to a path that's on a physical disk, like
/home/your_user/tmp or something. ImageMagick will use this as scratch space
when crunching through very large documents.
For more information on how to use this value, you should search
the web for "MAGICK_TMPDIR".
@ -282,7 +292,7 @@ PAPERLESS_FILENAME_DATE_ORDER=<format>
Use this setting to enable checking the document filename for date
information. The date order can be set to any option as specified in
https://dateparser.readthedocs.io/en/latest/settings.html#date-order.
The filename will be checked first, and if nothing is found, the document
The filename will be checked first, and if nothing is found, the document
text will be checked as normal.
Defaults to none, which disables this feature.

View File

@ -29,6 +29,7 @@
#PAPERLESS_CORS_ALLOWED_HOSTS=localhost:8080,example.com,localhost:8000
#PAPERLESS_FORCE_SCRIPT_NAME=
#PAPERLESS_STATIC_URL=/static/
#PAPERLESS_AUTO_LOGIN_USERNAME=
# Software tweaks

View File

@ -1,8 +1,18 @@
from django.conf import settings
from django.contrib.auth.models import User
from django.utils.deprecation import MiddlewareMixin
from rest_framework import authentication
class AutoLoginMiddleware(MiddlewareMixin):
def process_request(self, request):
try:
request.user = User.objects.get(username=settings.AUTO_LOGIN_USERNAME)
except User.DoesNotExist:
pass
class AngularApiAuthenticationOverride(authentication.BaseAuthentication):
""" This class is here to provide authentication to the angular dev server
during development. This is disabled in production.

View File

@ -144,6 +144,15 @@ TEMPLATES = [
# Security #
###############################################################################
AUTO_LOGIN_USERNAME = os.getenv("PAPERLESS_AUTO_LOGIN_USERNAME")
if AUTO_LOGIN_USERNAME:
_index = MIDDLEWARE.index('django.contrib.auth.middleware.AuthenticationMiddleware')
# This overrides everything the auth middleware is doing but still allows
# regular login in case the provided user does not exist.
MIDDLEWARE.insert(_index+1, 'paperless.auth.AutoLoginMiddleware')
if DEBUG:
X_FRAME_OPTIONS = ''
# this should really be 'allow-from uri' but its not supported in any mayor