Trying remote-auth

2025-07-06 17:14:07 +00:00 · 2024-10-27 23:37:02 +00:00
parent 7585fb94a1
commit b6ad6e8578
2 changed files with 9 additions and 36 deletions
--- a/mysite/middleware.py
+++ b/mysite/middleware.py
@ -1,5 +1,6 @@
 from django.urls import resolve
 from django.http import Http404, HttpResponseNotFound
+from django.contrib.auth.middleware import RemoteUserMiddleware

 class RequestLogger:
    def __init__(self, get_response):
@ -14,37 +15,5 @@ class RequestLogger:
        return response


-from django.contrib.auth import get_user_model
-from django.contrib.auth import login
-from django.contrib.auth.models import Group
-
-class AutoLoginMiddleware:
-    def __init__(self, get_response):
-        self.get_response = get_response
-
-    def __call__(self, request):
-        if not request.user.is_authenticated:
-            user_email = request.META.get('HTTP_X_AUTHENTIK_EMAIL')
-            user_name = request.META.get('HTTP_X_AUTHENTIK_USERNAME')
-            user_groups = request.META.get('HTTP_X_AUTHENTIK_GROUPS')
-            
-            if user_email and user_name:
-                User = get_user_model()
-                try:
-                    user = User.objects.get(email=user_email)
-                except User.DoesNotExist:
-                    user = User.objects.create_user(
-                        username=user_name,
-                        email=user_email
-                    )
-                
-                if user_groups:
-                    groups_list = user_groups.split(',')
-                    for group_name in groups_list:
-                        group, created = Group.objects.get_or_create(name=group_name.strip())
-                        user.groups.add(group)
-                
-                login(request, user)
-        
-        response = self.get_response(request)
-        return response
+class AutoLoginMiddleware(RemoteUserMiddleware):
+    header = "HTTP_X_AUTHENTIK_USERNAME"
--- a/mysite/settings.py
+++ b/mysite/settings.py
@ -109,7 +109,9 @@ INSTALLED_APPS = [
    'vpn',
 ]

-
+AUTHENTICATION_BACKENDS = [
+    "django.contrib.auth.backends.RemoteUserBackend",
+]

 MIDDLEWARE = [
    'django.middleware.security.SecurityMiddleware',
@ -118,10 +120,12 @@ MIDDLEWARE = [
    'django.middleware.common.CommonMiddleware',
    'django.middleware.csrf.CsrfViewMiddleware',
    'django.contrib.auth.middleware.AuthenticationMiddleware',
+    'django.contrib.auth.middleware.RemoteUserMiddleware',
+    'mysite.middleware.AutoLoginMiddleware',
    'django.contrib.messages.middleware.MessageMiddleware',
    'django.middleware.clickjacking.XFrameOptionsMiddleware',
    'corsheaders.middleware.CorsMiddleware',
-    #'mysite.middleware.AutoLoginMiddleware',
+
 ]

 ROOT_URLCONF = 'mysite.urls'