mirror of
https://github.com/paperless-ngx/paperless-ngx.git
synced 2025-08-12 00:19:48 +00:00
edb8c06e2a
* Chore(deps): Bump the django group across 1 directory with 9 updates Bumps the django group with 9 updates in the / directory: | Package | From | To | | --- | --- | --- | | [django](https://github.com/django/django) | `5.1.8` | `5.2.5` | | [django-auditlog](https://github.com/jazzband/django-auditlog) | `3.1.2` | `3.2.1` | | [django-guardian](https://github.com/django-guardian/django-guardian) | `2.4.0` | `3.0.3` | | [django-multiselectfield](https://github.com/goinnn/django-multiselectfield) | `0.1.13` | `1.0.1` | | [django-soft-delete](https://github.com/san4ezy/django_softdelete) | `1.0.18` | `1.0.19` | | [djangorestframework](https://github.com/encode/django-rest-framework) | `3.16.0` | `3.16.1` | | [djangorestframework-guardian](https://github.com/rpkilby/django-rest-framework-guardian) | `0.3.0` | `0.4.0` | | [drf-spectacular-sidecar](https://github.com/tfranzel/drf-spectacular-sidecar) | `2025.4.1` | `2025.8.1` | | [pytest-django](https://github.com/pytest-dev/pytest-django) | `4.10.0` | `4.11.1` | Updates `django` from 5.1.8 to 5.2.5 - [Commits](https://github.com/django/django/compare/5.1.8...5.2.5) Updates `django-auditlog` from 3.1.2 to 3.2.1 - [Release notes](https://github.com/jazzband/django-auditlog/releases) - [Changelog](https://github.com/jazzband/django-auditlog/blob/master/CHANGELOG.md) - [Commits](https://github.com/jazzband/django-auditlog/compare/v3.1.2...v3.2.1) Updates `django-guardian` from 2.4.0 to 3.0.3 - [Release notes](https://github.com/django-guardian/django-guardian/releases) - [Commits](https://github.com/django-guardian/django-guardian/compare/v2.4.0...3.0.3) Updates `django-multiselectfield` from 0.1.13 to 1.0.1 - [Release notes](https://github.com/goinnn/django-multiselectfield/releases) - [Changelog](https://github.com/goinnn/django-multiselectfield/blob/master/CHANGES.rst) - [Commits](https://github.com/goinnn/django-multiselectfield/compare/v0.1.13...v1.0.1) Updates `django-soft-delete` from 1.0.18 to 1.0.19 - [Changelog](https://github.com/san4ezy/django_softdelete/blob/master/CHANGELOG.md) - [Commits](https://github.com/san4ezy/django_softdelete/commits) Updates `djangorestframework` from 3.16.0 to 3.16.1 - [Release notes](https://github.com/encode/django-rest-framework/releases) - [Commits](https://github.com/encode/django-rest-framework/compare/3.16.0...3.16.1) Updates `djangorestframework-guardian` from 0.3.0 to 0.4.0 - [Changelog](https://github.com/rpkilby/django-rest-framework-guardian/blob/master/CHANGELOG) - [Commits](https://github.com/rpkilby/django-rest-framework-guardian/compare/0.3.0...0.4.0) Updates `drf-spectacular-sidecar` from 2025.4.1 to 2025.8.1 - [Commits](https://github.com/tfranzel/drf-spectacular-sidecar/compare/2025.4.1...2025.8.1) Updates `pytest-django` from 4.10.0 to 4.11.1 - [Release notes](https://github.com/pytest-dev/pytest-django/releases) - [Changelog](https://github.com/pytest-dev/pytest-django/blob/main/docs/changelog.rst) - [Commits](https://github.com/pytest-dev/pytest-django/compare/v4.10.0...v4.11.1) --- updated-dependencies: - dependency-name: django dependency-version: 5.2.5 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: django - dependency-name: django-auditlog dependency-version: 3.2.1 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: django - dependency-name: django-guardian dependency-version: 3.0.3 dependency-type: direct:production update-type: version-update:semver-major dependency-group: django - dependency-name: django-multiselectfield dependency-version: 1.0.1 dependency-type: direct:production update-type: version-update:semver-major dependency-group: django - dependency-name: django-soft-delete dependency-version: 1.0.19 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: django - dependency-name: djangorestframework dependency-version: 3.16.1 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: django - dependency-name: djangorestframework-guardian dependency-version: 0.4.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: django - dependency-name: drf-spectacular-sidecar dependency-version: 2025.8.1 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: django - dependency-name: pytest-django dependency-version: 4.11.1 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: django ... Signed-off-by: dependabot[bot] <support@github.com> * Fix log matches related to newlines, add newlines to stdout.writelines * Fix disable api remote auth test, Django 5.2 no longer uses process_request * Remove postgres version check * Update administration.md * Handle django-multiselectfield v1.0 changes * Update administration.md --------- Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: shamoon <4887959+shamoon@users.noreply.github.com>
86 lines
3.0 KiB
Python
86 lines
3.0 KiB
Python
import logging
|
|
|
|
from allauth.mfa.adapter import get_adapter as get_mfa_adapter
|
|
from django.conf import settings
|
|
from django.contrib import auth
|
|
from django.contrib.auth.middleware import PersistentRemoteUserMiddleware
|
|
from django.contrib.auth.models import User
|
|
from django.http import HttpRequest
|
|
from django.utils.deprecation import MiddlewareMixin
|
|
from rest_framework import authentication
|
|
from rest_framework import exceptions
|
|
|
|
logger = logging.getLogger("paperless.auth")
|
|
|
|
|
|
class AutoLoginMiddleware(MiddlewareMixin):
|
|
def process_request(self, request: HttpRequest):
|
|
# Dont use auto-login with token request
|
|
if request.path.startswith("/api/token/") and request.method == "POST":
|
|
return None
|
|
try:
|
|
request.user = User.objects.get(username=settings.AUTO_LOGIN_USERNAME)
|
|
auth.login(
|
|
request=request,
|
|
user=request.user,
|
|
backend="django.contrib.auth.backends.ModelBackend",
|
|
)
|
|
except User.DoesNotExist:
|
|
pass
|
|
|
|
|
|
class AngularApiAuthenticationOverride(authentication.BaseAuthentication):
|
|
"""This class is here to provide authentication to the angular dev server
|
|
during development. This is disabled in production.
|
|
"""
|
|
|
|
def authenticate(self, request):
|
|
if (
|
|
settings.DEBUG
|
|
and "Referer" in request.headers
|
|
and request.headers["Referer"].startswith("http://localhost:4200/")
|
|
):
|
|
user = User.objects.filter(is_staff=True).first()
|
|
logger.debug(f"Auto-Login with user {user}")
|
|
return (user, None)
|
|
else:
|
|
return None
|
|
|
|
|
|
class HttpRemoteUserMiddleware(PersistentRemoteUserMiddleware):
|
|
"""This class allows authentication via HTTP_REMOTE_USER which is set for
|
|
example by certain SSO applications.
|
|
"""
|
|
|
|
header = settings.HTTP_REMOTE_USER_HEADER_NAME
|
|
|
|
def __call__(self, request: HttpRequest) -> None:
|
|
# If remote user auth is enabled only for the frontend, not the API,
|
|
# then we need dont want to authenticate the user for API requests.
|
|
if (
|
|
"/api/" in request.path
|
|
and "paperless.auth.PaperlessRemoteUserAuthentication"
|
|
not in settings.REST_FRAMEWORK["DEFAULT_AUTHENTICATION_CLASSES"]
|
|
):
|
|
return self.get_response(request)
|
|
return super().__call__(request)
|
|
|
|
|
|
class PaperlessRemoteUserAuthentication(authentication.RemoteUserAuthentication):
|
|
"""
|
|
REMOTE_USER authentication for DRF which overrides the default header.
|
|
"""
|
|
|
|
header = settings.HTTP_REMOTE_USER_HEADER_NAME
|
|
|
|
|
|
class PaperlessBasicAuthentication(authentication.BasicAuthentication):
|
|
def authenticate(self, request):
|
|
user_tuple = super().authenticate(request)
|
|
user = user_tuple[0] if user_tuple else None
|
|
mfa_adapter = get_mfa_adapter()
|
|
if user and mfa_adapter.is_mfa_enabled(user):
|
|
raise exceptions.AuthenticationFailed("MFA required")
|
|
|
|
return user_tuple
|