added setting PAPERLESS_AUTO_LOGIN_USERNAME

docs/changelog.rst

@@ -5,6 +5,13 @@
 Changelog
 *********
 
+next
+####
+
+*   Setting ``PAPERLESS_AUTO_LOGIN_USERNAME`` replaces ``PAPERLESS_DISABLE_LOGIN``.
+    You have to specify your username.
+
+
 paperless-ng 0.9.2
 ##################
 
@@ -138,8 +145,11 @@ paperless-ng 0.9.0
 
 * Many more small changes here and there. The usual stuff.
 
+Paperless
+#########
+
 2.7.0
-#####
+=====
 
 * `syntonym`_ submitted a pull request to catch IMAP connection errors `#475`_.
 * `Stéphane Brunner`_ added ``psycopg2`` to the Pipfile `#489`_.  He also fixed
@@ -156,7 +166,7 @@ paperless-ng 0.9.0
 
 
 2.6.1
-#####
+=====
 
 * We now have a logo, complete with a favicon :-)
 * Removed some problematic tests.
@@ -168,7 +178,7 @@ paperless-ng 0.9.0
 
 
 2.6.0
-#####
+=====
 
 * Allow an infinite number of logs to be deleted.  Thanks to `Ulli`_ for noting
   the problem in `#433`_.
@@ -189,7 +199,7 @@ paperless-ng 0.9.0
 
 
 2.5.0
-#####
+=====
 
 * **New dependency**: Paperless now optimises thumbnail generation with
   `optipng`_, so you'll need to install that somewhere in your PATH or declare
@@ -233,7 +243,7 @@ paperless-ng 0.9.0
 
 
 2.4.0
-#####
+=====
 
 * A new set of actions are now available thanks to `jonaswinkler`_'s very first
   pull request!  You can now do nifty things like tag documents in bulk, or set
@@ -254,7 +264,7 @@ paperless-ng 0.9.0
 
 
 2.3.0
-#####
+=====
 
 * Support for consuming plain text & markdown documents was added by
   `Joshua Taillon`_!  This was a long-requested feature, and it's addition is
@@ -272,14 +282,14 @@ paperless-ng 0.9.0
 
 
 2.2.1
-#####
+=====
 
 * `Kyle Lucy`_ reported a bug quickly after the release of 2.2.0 where we broke
   the ``DISABLE_LOGIN`` feature: `#392`_.
 
 
 2.2.0
-#####
+=====
 
 * Thanks to `dadosch`_, `Wolfgang Mader`_, and `Tim Brooks`_ this is the first
   version of Paperless that supports Django 2.0!  As a result of their hard
@@ -296,7 +306,7 @@ paperless-ng 0.9.0
 
 
 2.1.0
-#####
+=====
 
 * `Enno Lohmeier`_ added three simple features that make Paperless a lot more
   user (and developer) friendly:
@@ -315,7 +325,7 @@ paperless-ng 0.9.0
 
 
 2.0.0
-#####
+=====
 
 This is a big release as we've changed a core-functionality of Paperless: we no
 longer encrypt files with GPG by default.
@@ -347,7 +357,7 @@ Special thanks to `erikarvstedt`_, `matthewmoto`_, and `mcronce`_ who did the
 bulk of the work on this big change.
 
 1.4.0
-#####
+=====
 
 * `Quentin Dawans`_ has refactored the document consumer to allow for some
   command-line options.  Notably, you can now direct it to consume from a
@@ -382,7 +392,7 @@ bulk of the work on this big change.
   to some excellent work from `erikarvstedt`_ on `#351`_
 
 1.3.0
-#####
+=====
 
 * You can now run Paperless without a login, though you'll still have to create
   at least one user.  This is thanks to a pull-request from `matthewmoto`_:
@@ -405,7 +415,7 @@ bulk of the work on this big change.
   problem and helping me find where to fix it.
 
 1.2.0
-#####
+=====
 
 * New Docker image, now based on Alpine, thanks to the efforts of `addadi`_
   and `Pit`_.  This new image is dramatically smaller than the Debian-based
@@ -424,7 +434,7 @@ bulk of the work on this big change.
   in the document text.
 
 1.1.0
-#####
+=====
 
 * Fix for `#283`_, a redirect bug which broke interactions with
   paperless-desktop.  Thanks to `chris-aeviator`_ for reporting it.
@@ -434,7 +444,7 @@ bulk of the work on this big change.
   `Dan Panzarella`_
 
 1.0.0
-#####
+=====
 
 * Upgrade to Django 1.11.  **You'll need to run
   ``pip install -r requirements.txt`` after the usual ``git pull`` to
@@ -453,14 +463,14 @@ bulk of the work on this big change.
   `Lukas Winkler`_'s issue `#278`_
 
 0.8.0
-#####
+=====
 
 * Paperless can now run in a subdirectory on a host (``/paperless``), rather
   than always running in the root (``/``) thanks to `maphy-psd`_'s work on
   `#255`_.
 
 0.7.0
-#####
+=====
 
 * **Potentially breaking change**: As per `#235`_, Paperless will no longer
   automatically delete documents attached to correspondents when those
@@ -472,7 +482,7 @@ bulk of the work on this big change.
   `Kusti Skytén`_ for posting the correct solution in the Github issue.
 
 0.6.0
-#####
+=====
 
 * Abandon the shared-secret trick we were using for the POST API in favour
   of BasicAuth or Django session.
@@ -486,7 +496,7 @@ bulk of the work on this big change.
   the help with this feature.
 
 0.5.0
-#####
+=====
 
 * Support for fuzzy matching in the auto-tagger & auto-correspondent systems
   thanks to `Jake Gysland`_'s patch `#220`_.
@@ -504,13 +514,13 @@ bulk of the work on this big change.
   * Amended the Django Admin configuration to have nice headers (`#230`_)
 
 0.4.1
-#####
+=====
 
 * Fix for `#206`_ wherein the pluggable parser didn't recognise files with
   all-caps suffixes like ``.PDF``
 
 0.4.0
-#####
+=====
 
 * Introducing reminders.  See `#199`_ for more information, but the short
   explanation is that you can now attach simple notes & times to documents
@@ -520,7 +530,7 @@ bulk of the work on this big change.
   like to make use of this feature in his project.
 
 0.3.6
-#####
+=====
 
 * Fix for `#200`_ (!!) where the API wasn't configured to allow updating the
   correspondent or the tags for a document.
@@ -534,7 +544,7 @@ bulk of the work on this big change.
   documentation is on its way.
 
 0.3.5
-#####
+=====
 
 * A serious facelift for the documents listing page wherein we drop the
   tabular layout in favour of a tiled interface.
@@ -545,7 +555,7 @@ bulk of the work on this big change.
   consumption.
 
 0.3.4
-#####
+=====
 
 * Removal of django-suit due to a licensing conflict I bumped into in 0.3.3.
   Note that you *can* use Django Suit with Paperless, but only in a
@@ -558,26 +568,26 @@ bulk of the work on this big change.
   API thanks to @thomasbrueggemann.  See `#179`_.
 
 0.3.3
-#####
+=====
 
 * Thumbnails in the UI and a Django-suit -based face-lift courtesy of @ekw!
 * Timezone, items per page, and default language are now all configurable,
   also thanks to @ekw.
 
 0.3.2
-#####
+=====
 
 * Fix for `#172`_: defaulting ALLOWED_HOSTS to ``["*"]`` and allowing the
   user to set her own value via ``PAPERLESS_ALLOWED_HOSTS`` should the need
   arise.
 
 0.3.1
-#####
+=====
 
 * Added a default value for ``CONVERT_BINARY``
 
 0.3.0
-#####
+=====
 
 * Updated to using django-filter 1.x
 * Added some system checks so new users aren't confused by misconfigurations.
@@ -590,7 +600,7 @@ bulk of the work on this big change.
   ``PAPERLESS_SHARED_SECRET`` respectively instead.
 
 0.2.0
-#####
+=====
 
 * `#150`_: The media root is now a variable you can set in
   ``paperless.conf``.
@@ -618,7 +628,7 @@ bulk of the work on this big change.
   to `Martin Honermeyer`_ and `Tim White`_ for working with me on this.
 
 0.1.1
-#####
+=====
 
 * Potentially **Breaking Change**: All references to "sender" in the code
   have been renamed to "correspondent" to better reflect the nature of the
@@ -642,7 +652,7 @@ bulk of the work on this big change.
   to be imported but made unavailable.
 
 0.1.0
-#####
+=====
 
 * Docker support!  Big thanks to `Wayne Werner`_, `Brian Conn`_, and
   `Tikitu de Jager`_ for this one, and especially to `Pit`_
@@ -661,14 +671,14 @@ bulk of the work on this big change.
 * Added tox with pep8 checking
 
 0.0.6
-#####
+=====
 
 * Added support for parallel OCR (significant work from `Pit`_)
 * Sped up the language detection (significant work from `Pit`_)
 * Added simple logging
 
 0.0.5
-#####
+=====
 
 * Added support for image files as documents (png, jpg, gif, tiff)
 * Added a crude means of HTTP POST for document imports
@@ -677,7 +687,7 @@ bulk of the work on this big change.
 * Documentation for the above as well as data migration
 
 0.0.4
-#####
+=====
 
 * Added automated tagging basted on keyword matching
 * Cleaned up the document listing page
@@ -685,19 +695,19 @@ bulk of the work on this big change.
 * Added ``pytz`` to the list of requirements
 
 0.0.3
-#####
+=====
 
 * Added basic tagging
 
 0.0.2
-#####
+=====
 
 * Added language detection
 * Added datestamps to ``document_exporter``.
 * Changed ``settings.TESSERACT_LANGUAGE`` to ``settings.OCR_LANGUAGE``.
 
 0.0.1
-#####
+=====
 
 * Initial release
 

docs/configuration.rst

@@ -35,22 +35,22 @@ PAPERLESS_DBHOST=<hostname>
 
 PAPERLESS_DBPORT=<port>
     Adjust port if necessary.
-    
+
     Default is 5432.
 
 PAPERLESS_DBNAME=<name>
     Database name in PostgreSQL.
-    
+
     Defaults to "paperless".
 
 PAPERLESS_DBUSER=<name>
     Database user in PostgreSQL.
-    
+
     Defaults to "paperless".
 
 PAPERLESS_DBPASS=<password>
     Database password for PostgreSQL.
-    
+
     Defaults to "paperless".
 
 
@@ -113,7 +113,7 @@ PAPERLESS_ALLOWED_HOSTS<comma-separated-list>
     really should set this value to the domain name you're using.  Failing to do
     so leaves you open to HTTP host header attacks:
     https://docs.djangoproject.com/en/3.1/topics/security/#host-header-validation
-    
+
     Just remember that this is a comma-separated list, so "example.com" is fine,
     as is "example.com,www.example.com", but NOT " example.com" or "example.com,"
 
@@ -132,15 +132,25 @@ PAPERLESS_FORCE_SCRIPT_NAME=<path>
     .. note::
 
         I don't know if this works in paperless-ng. Probably not.
-    
+
     Defaults to none, which hosts paperless at "/".
 
 PAPERLESS_STATIC_URL=<path>
     Override the STATIC_URL here.  Unless you're hosting Paperless off a
     subdomain like /paperless/, you probably don't need to change this.
-    
+
     Defaults to "/static/".
 
+PAPERLESS_AUTO_LOGIN_USERNAME=<username>
+    Specify a username here so that paperless will automatically perform login
+    with the selected user.
+
+    .. danger::
+
+        Do not use this when exposing paperless on the internet. There are no
+        checks in place that would prevent you from doing this.
+
+    Defaults to none, which disables this feature.
 
 Software tweaks
 ###############
@@ -156,11 +166,11 @@ PAPERLESS_THREADS_PER_WORKER=<num>
     in parallel on a single document.
 
     .. caution::
-        
+
         Ensure that the product
-        
+
             PAPERLESS_TASK_WORKERS * PAPERLESS_THREADS_PER_WORKER
-        
+
         does not exceed your CPU core count or else paperless will be extremely slow.
         If you want paperless to process many documents in parallel, choose a high
         worker count. If you want paperless to process very large documents faster,
@@ -197,10 +207,10 @@ PAPERLESS_OCR_PAGES=<num>
 PAPERLESS_OCR_LANGUAGE=<lang>
     Customize the default language that tesseract will attempt to use when
     parsing documents. The default language is used whenever
-    
+
     * No language could be detected on a document
     * No tesseract data files are available for the detected language
-    
+
     It should be a 3-letter language code consistent with ISO
     639: https://www.loc.gov/standards/iso639-2/php/code_list.php
 
@@ -234,7 +244,7 @@ PAPERLESS_CONVERT_MEMORY_LIMIT=<num>
     such cases, try setting this to a reasonably low value, like 32.  The
     default is to use whatever is necessary to do everything without writing to
     disk, and units are in megabytes.
-    
+
     For more information on how to use this value, you should search
     the web for "MAGICK_MEMORY_LIMIT".
 
@@ -245,7 +255,7 @@ PAPERLESS_CONVERT_TMPDIR=<path>
     /tmp as tmpfs, you should set this to a path that's on a physical disk, like
     /home/your_user/tmp or something.  ImageMagick will use this as scratch space
     when crunching through very large documents.
-    
+
     For more information on how to use this value, you should search
     the web for "MAGICK_TMPDIR".
 
@@ -282,7 +292,7 @@ PAPERLESS_FILENAME_DATE_ORDER=<format>
     Use this setting to enable checking the document filename for date
     information. The date order can be set to any option as specified in
     https://dateparser.readthedocs.io/en/latest/settings.html#date-order.
-    The filename will be checked first, and if nothing is found, the document 
+    The filename will be checked first, and if nothing is found, the document
     text will be checked as normal.
 
     Defaults to none, which disables this feature.

paperless.conf.example

@@ -29,6 +29,7 @@
 #PAPERLESS_CORS_ALLOWED_HOSTS=localhost:8080,example.com,localhost:8000
 #PAPERLESS_FORCE_SCRIPT_NAME=
 #PAPERLESS_STATIC_URL=/static/
+#PAPERLESS_AUTO_LOGIN_USERNAME=
 
 # Software tweaks
 

src/paperless/auth.py

@@ -1,8 +1,18 @@
 from django.conf import settings
 from django.contrib.auth.models import User
+from django.utils.deprecation import MiddlewareMixin
 from rest_framework import authentication
 
 
+class AutoLoginMiddleware(MiddlewareMixin):
+
+    def process_request(self, request):
+        try:
+            request.user = User.objects.get(username=settings.AUTO_LOGIN_USERNAME)
+        except User.DoesNotExist:
+            pass
+
+
 class AngularApiAuthenticationOverride(authentication.BaseAuthentication):
     """ This class is here to provide authentication to the angular dev server
         during development. This is disabled in production.

src/paperless/settings.py

@@ -144,6 +144,15 @@ TEMPLATES = [
 # Security                                                                    #
 ###############################################################################
 
+AUTO_LOGIN_USERNAME = os.getenv("PAPERLESS_AUTO_LOGIN_USERNAME")
+
+if AUTO_LOGIN_USERNAME:
+    _index = MIDDLEWARE.index('django.contrib.auth.middleware.AuthenticationMiddleware')
+    # This overrides everything the auth middleware is doing but still allows
+    # regular login in case the provided user does not exist.
+    MIDDLEWARE.insert(_index+1, 'paperless.auth.AutoLoginMiddleware')
+
+
 if DEBUG:
     X_FRAME_OPTIONS = ''
     # this should really be 'allow-from uri' but its not supported in any mayor