From f4013b134323215e167868964746bdf6f0f828b6 Mon Sep 17 00:00:00 2001 From: Jonas Winkler Date: Mon, 23 Nov 2020 22:50:02 +0100 Subject: [PATCH] added setting PAPERLESS_AUTO_LOGIN_USERNAME --- docs/changelog.rst | 84 ++++++++++++++++++++++----------------- docs/configuration.rst | 40 ++++++++++++------- paperless.conf.example | 1 + src/paperless/auth.py | 10 +++++ src/paperless/settings.py | 9 +++++ 5 files changed, 92 insertions(+), 52 deletions(-) diff --git a/docs/changelog.rst b/docs/changelog.rst index 9ef3f4326..7a1b1c374 100644 --- a/docs/changelog.rst +++ b/docs/changelog.rst @@ -5,6 +5,13 @@ Changelog ********* +next +#### + +* Setting ``PAPERLESS_AUTO_LOGIN_USERNAME`` replaces ``PAPERLESS_DISABLE_LOGIN``. + You have to specify your username. + + paperless-ng 0.9.2 ################## @@ -138,8 +145,11 @@ paperless-ng 0.9.0 * Many more small changes here and there. The usual stuff. +Paperless +######### + 2.7.0 -##### +===== * `syntonym`_ submitted a pull request to catch IMAP connection errors `#475`_. * `Stéphane Brunner`_ added ``psycopg2`` to the Pipfile `#489`_. He also fixed @@ -156,7 +166,7 @@ paperless-ng 0.9.0 2.6.1 -##### +===== * We now have a logo, complete with a favicon :-) * Removed some problematic tests. @@ -168,7 +178,7 @@ paperless-ng 0.9.0 2.6.0 -##### +===== * Allow an infinite number of logs to be deleted. Thanks to `Ulli`_ for noting the problem in `#433`_. @@ -189,7 +199,7 @@ paperless-ng 0.9.0 2.5.0 -##### +===== * **New dependency**: Paperless now optimises thumbnail generation with `optipng`_, so you'll need to install that somewhere in your PATH or declare @@ -233,7 +243,7 @@ paperless-ng 0.9.0 2.4.0 -##### +===== * A new set of actions are now available thanks to `jonaswinkler`_'s very first pull request! You can now do nifty things like tag documents in bulk, or set @@ -254,7 +264,7 @@ paperless-ng 0.9.0 2.3.0 -##### +===== * Support for consuming plain text & markdown documents was added by `Joshua Taillon`_! This was a long-requested feature, and it's addition is @@ -272,14 +282,14 @@ paperless-ng 0.9.0 2.2.1 -##### +===== * `Kyle Lucy`_ reported a bug quickly after the release of 2.2.0 where we broke the ``DISABLE_LOGIN`` feature: `#392`_. 2.2.0 -##### +===== * Thanks to `dadosch`_, `Wolfgang Mader`_, and `Tim Brooks`_ this is the first version of Paperless that supports Django 2.0! As a result of their hard @@ -296,7 +306,7 @@ paperless-ng 0.9.0 2.1.0 -##### +===== * `Enno Lohmeier`_ added three simple features that make Paperless a lot more user (and developer) friendly: @@ -315,7 +325,7 @@ paperless-ng 0.9.0 2.0.0 -##### +===== This is a big release as we've changed a core-functionality of Paperless: we no longer encrypt files with GPG by default. @@ -347,7 +357,7 @@ Special thanks to `erikarvstedt`_, `matthewmoto`_, and `mcronce`_ who did the bulk of the work on this big change. 1.4.0 -##### +===== * `Quentin Dawans`_ has refactored the document consumer to allow for some command-line options. Notably, you can now direct it to consume from a @@ -382,7 +392,7 @@ bulk of the work on this big change. to some excellent work from `erikarvstedt`_ on `#351`_ 1.3.0 -##### +===== * You can now run Paperless without a login, though you'll still have to create at least one user. This is thanks to a pull-request from `matthewmoto`_: @@ -405,7 +415,7 @@ bulk of the work on this big change. problem and helping me find where to fix it. 1.2.0 -##### +===== * New Docker image, now based on Alpine, thanks to the efforts of `addadi`_ and `Pit`_. This new image is dramatically smaller than the Debian-based @@ -424,7 +434,7 @@ bulk of the work on this big change. in the document text. 1.1.0 -##### +===== * Fix for `#283`_, a redirect bug which broke interactions with paperless-desktop. Thanks to `chris-aeviator`_ for reporting it. @@ -434,7 +444,7 @@ bulk of the work on this big change. `Dan Panzarella`_ 1.0.0 -##### +===== * Upgrade to Django 1.11. **You'll need to run ``pip install -r requirements.txt`` after the usual ``git pull`` to @@ -453,14 +463,14 @@ bulk of the work on this big change. `Lukas Winkler`_'s issue `#278`_ 0.8.0 -##### +===== * Paperless can now run in a subdirectory on a host (``/paperless``), rather than always running in the root (``/``) thanks to `maphy-psd`_'s work on `#255`_. 0.7.0 -##### +===== * **Potentially breaking change**: As per `#235`_, Paperless will no longer automatically delete documents attached to correspondents when those @@ -472,7 +482,7 @@ bulk of the work on this big change. `Kusti Skytén`_ for posting the correct solution in the Github issue. 0.6.0 -##### +===== * Abandon the shared-secret trick we were using for the POST API in favour of BasicAuth or Django session. @@ -486,7 +496,7 @@ bulk of the work on this big change. the help with this feature. 0.5.0 -##### +===== * Support for fuzzy matching in the auto-tagger & auto-correspondent systems thanks to `Jake Gysland`_'s patch `#220`_. @@ -504,13 +514,13 @@ bulk of the work on this big change. * Amended the Django Admin configuration to have nice headers (`#230`_) 0.4.1 -##### +===== * Fix for `#206`_ wherein the pluggable parser didn't recognise files with all-caps suffixes like ``.PDF`` 0.4.0 -##### +===== * Introducing reminders. See `#199`_ for more information, but the short explanation is that you can now attach simple notes & times to documents @@ -520,7 +530,7 @@ bulk of the work on this big change. like to make use of this feature in his project. 0.3.6 -##### +===== * Fix for `#200`_ (!!) where the API wasn't configured to allow updating the correspondent or the tags for a document. @@ -534,7 +544,7 @@ bulk of the work on this big change. documentation is on its way. 0.3.5 -##### +===== * A serious facelift for the documents listing page wherein we drop the tabular layout in favour of a tiled interface. @@ -545,7 +555,7 @@ bulk of the work on this big change. consumption. 0.3.4 -##### +===== * Removal of django-suit due to a licensing conflict I bumped into in 0.3.3. Note that you *can* use Django Suit with Paperless, but only in a @@ -558,26 +568,26 @@ bulk of the work on this big change. API thanks to @thomasbrueggemann. See `#179`_. 0.3.3 -##### +===== * Thumbnails in the UI and a Django-suit -based face-lift courtesy of @ekw! * Timezone, items per page, and default language are now all configurable, also thanks to @ekw. 0.3.2 -##### +===== * Fix for `#172`_: defaulting ALLOWED_HOSTS to ``["*"]`` and allowing the user to set her own value via ``PAPERLESS_ALLOWED_HOSTS`` should the need arise. 0.3.1 -##### +===== * Added a default value for ``CONVERT_BINARY`` 0.3.0 -##### +===== * Updated to using django-filter 1.x * Added some system checks so new users aren't confused by misconfigurations. @@ -590,7 +600,7 @@ bulk of the work on this big change. ``PAPERLESS_SHARED_SECRET`` respectively instead. 0.2.0 -##### +===== * `#150`_: The media root is now a variable you can set in ``paperless.conf``. @@ -618,7 +628,7 @@ bulk of the work on this big change. to `Martin Honermeyer`_ and `Tim White`_ for working with me on this. 0.1.1 -##### +===== * Potentially **Breaking Change**: All references to "sender" in the code have been renamed to "correspondent" to better reflect the nature of the @@ -642,7 +652,7 @@ bulk of the work on this big change. to be imported but made unavailable. 0.1.0 -##### +===== * Docker support! Big thanks to `Wayne Werner`_, `Brian Conn`_, and `Tikitu de Jager`_ for this one, and especially to `Pit`_ @@ -661,14 +671,14 @@ bulk of the work on this big change. * Added tox with pep8 checking 0.0.6 -##### +===== * Added support for parallel OCR (significant work from `Pit`_) * Sped up the language detection (significant work from `Pit`_) * Added simple logging 0.0.5 -##### +===== * Added support for image files as documents (png, jpg, gif, tiff) * Added a crude means of HTTP POST for document imports @@ -677,7 +687,7 @@ bulk of the work on this big change. * Documentation for the above as well as data migration 0.0.4 -##### +===== * Added automated tagging basted on keyword matching * Cleaned up the document listing page @@ -685,19 +695,19 @@ bulk of the work on this big change. * Added ``pytz`` to the list of requirements 0.0.3 -##### +===== * Added basic tagging 0.0.2 -##### +===== * Added language detection * Added datestamps to ``document_exporter``. * Changed ``settings.TESSERACT_LANGUAGE`` to ``settings.OCR_LANGUAGE``. 0.0.1 -##### +===== * Initial release diff --git a/docs/configuration.rst b/docs/configuration.rst index e3f0c0e9f..c3f01c2ca 100644 --- a/docs/configuration.rst +++ b/docs/configuration.rst @@ -35,22 +35,22 @@ PAPERLESS_DBHOST= PAPERLESS_DBPORT= Adjust port if necessary. - + Default is 5432. PAPERLESS_DBNAME= Database name in PostgreSQL. - + Defaults to "paperless". PAPERLESS_DBUSER= Database user in PostgreSQL. - + Defaults to "paperless". PAPERLESS_DBPASS= Database password for PostgreSQL. - + Defaults to "paperless". @@ -113,7 +113,7 @@ PAPERLESS_ALLOWED_HOSTS really should set this value to the domain name you're using. Failing to do so leaves you open to HTTP host header attacks: https://docs.djangoproject.com/en/3.1/topics/security/#host-header-validation - + Just remember that this is a comma-separated list, so "example.com" is fine, as is "example.com,www.example.com", but NOT " example.com" or "example.com," @@ -132,15 +132,25 @@ PAPERLESS_FORCE_SCRIPT_NAME= .. note:: I don't know if this works in paperless-ng. Probably not. - + Defaults to none, which hosts paperless at "/". PAPERLESS_STATIC_URL= Override the STATIC_URL here. Unless you're hosting Paperless off a subdomain like /paperless/, you probably don't need to change this. - + Defaults to "/static/". +PAPERLESS_AUTO_LOGIN_USERNAME= + Specify a username here so that paperless will automatically perform login + with the selected user. + + .. danger:: + + Do not use this when exposing paperless on the internet. There are no + checks in place that would prevent you from doing this. + + Defaults to none, which disables this feature. Software tweaks ############### @@ -156,11 +166,11 @@ PAPERLESS_THREADS_PER_WORKER= in parallel on a single document. .. caution:: - + Ensure that the product - + PAPERLESS_TASK_WORKERS * PAPERLESS_THREADS_PER_WORKER - + does not exceed your CPU core count or else paperless will be extremely slow. If you want paperless to process many documents in parallel, choose a high worker count. If you want paperless to process very large documents faster, @@ -197,10 +207,10 @@ PAPERLESS_OCR_PAGES= PAPERLESS_OCR_LANGUAGE= Customize the default language that tesseract will attempt to use when parsing documents. The default language is used whenever - + * No language could be detected on a document * No tesseract data files are available for the detected language - + It should be a 3-letter language code consistent with ISO 639: https://www.loc.gov/standards/iso639-2/php/code_list.php @@ -234,7 +244,7 @@ PAPERLESS_CONVERT_MEMORY_LIMIT= such cases, try setting this to a reasonably low value, like 32. The default is to use whatever is necessary to do everything without writing to disk, and units are in megabytes. - + For more information on how to use this value, you should search the web for "MAGICK_MEMORY_LIMIT". @@ -245,7 +255,7 @@ PAPERLESS_CONVERT_TMPDIR= /tmp as tmpfs, you should set this to a path that's on a physical disk, like /home/your_user/tmp or something. ImageMagick will use this as scratch space when crunching through very large documents. - + For more information on how to use this value, you should search the web for "MAGICK_TMPDIR". @@ -282,7 +292,7 @@ PAPERLESS_FILENAME_DATE_ORDER= Use this setting to enable checking the document filename for date information. The date order can be set to any option as specified in https://dateparser.readthedocs.io/en/latest/settings.html#date-order. - The filename will be checked first, and if nothing is found, the document + The filename will be checked first, and if nothing is found, the document text will be checked as normal. Defaults to none, which disables this feature. diff --git a/paperless.conf.example b/paperless.conf.example index 4749151e7..4962c1567 100644 --- a/paperless.conf.example +++ b/paperless.conf.example @@ -29,6 +29,7 @@ #PAPERLESS_CORS_ALLOWED_HOSTS=localhost:8080,example.com,localhost:8000 #PAPERLESS_FORCE_SCRIPT_NAME= #PAPERLESS_STATIC_URL=/static/ +#PAPERLESS_AUTO_LOGIN_USERNAME= # Software tweaks diff --git a/src/paperless/auth.py b/src/paperless/auth.py index 83279ef36..faf3104bc 100644 --- a/src/paperless/auth.py +++ b/src/paperless/auth.py @@ -1,8 +1,18 @@ from django.conf import settings from django.contrib.auth.models import User +from django.utils.deprecation import MiddlewareMixin from rest_framework import authentication +class AutoLoginMiddleware(MiddlewareMixin): + + def process_request(self, request): + try: + request.user = User.objects.get(username=settings.AUTO_LOGIN_USERNAME) + except User.DoesNotExist: + pass + + class AngularApiAuthenticationOverride(authentication.BaseAuthentication): """ This class is here to provide authentication to the angular dev server during development. This is disabled in production. diff --git a/src/paperless/settings.py b/src/paperless/settings.py index 0d64efa57..1432dc5ec 100644 --- a/src/paperless/settings.py +++ b/src/paperless/settings.py @@ -144,6 +144,15 @@ TEMPLATES = [ # Security # ############################################################################### +AUTO_LOGIN_USERNAME = os.getenv("PAPERLESS_AUTO_LOGIN_USERNAME") + +if AUTO_LOGIN_USERNAME: + _index = MIDDLEWARE.index('django.contrib.auth.middleware.AuthenticationMiddleware') + # This overrides everything the auth middleware is doing but still allows + # regular login in case the provided user does not exist. + MIDDLEWARE.insert(_index+1, 'paperless.auth.AutoLoginMiddleware') + + if DEBUG: X_FRAME_OPTIONS = '' # this should really be 'allow-from uri' but its not supported in any mayor