Ticket #689: httpdauth.2.py

File httpdauth.2.py, 2.8 KB (added by garthk, 14 years ago)

Revision of Ian's module; new version moves settings to the settings module

Line 
1from django.parts.auth import anonymoususers
2from django.models.auth import users, User
3import md5
4import datetime
5
6try: 
7    from django.conf.settings import \
8            REALM_DOMAINS, EMAIL_DEFAULT_TO_REALM, \
9            DEFAULT_DOMAIN, PASSWORD_SENTINEL
10except ImportError: 
11    # These settings adjust the behaviour of the httpdauth.HttpAuth middleware.
12    #
13    # To prevent email addresses from being determined, set:
14    #
15    # REALM_DOMAINS = {}
16    # EMAIL_DEFAULT_TO_REALM = False
17    # DEFAULT_DOMAIN = None
18    #
19    # Otherwise, set:
20    #
21    # REALM_DOMAINS maps Kerberos realms to email address domains.
22    REALM_DOMAINS = {} 
23
24    # If the realm lookup fails but EMAIL_DEFAULT_TO_REALM is true, a lowercase
25    # version of the realm will be used as the email address domain.
26    EMAIL_DEFAULT_TO_REALM = False
27
28    # Finally: if EMAIL_DEFAULT_TO_REALM isn't appropriate but there's a single
29    # domain where all the other addresses go, set DEFAULT_DOMAIN. Otherwise,
30    # set it to None.
31    DEFAULT_DOMAIN = None
32
33    # This sentinel is used instead of an MD5 hash in the password field of
34    # the created user record.
35    PASSWORD_SENTINEL = 'XXno_passwordXX' 
36
37class HttpAuth:
38    """
39    Grabs what the webserver thinks is the logged on user id,
40    and use that instead, creating the record if it doesn't exist in the table.
41
42    There are currently three problems with this at the moment.
43     * It doesn't update the last-login
44     * It doesn't update the session cookie
45     * It has no idea what the email address is
46    """
47    def process_request(self, request):
48        "gets REMOTE_USER and sets the userid based on that"
49        if request.user.is_anonymous(): 
50            remote_user = request.META.get('REMOTE_USER')
51            if remote_user is not None: 
52                email = email_domain = None
53                try: 
54                    username, realm = remote_user.split('@')
55                    email_domain = REALM_DOMAINS.get(realm.upper())
56                    if email_domain is None and EMAIL_DEFAULT_TO_REALM: 
57                        email_domain = realm.lower()
58                except ValueError: 
59                    username = remote_user
60                email_domain = email_domain or DEFAULT_DOMAIN
61                try:
62                    user = users.get_object(username__exact=username)
63                except (users.UserDoesNotExist):
64                    now = datetime.datetime.now()
65                    if email_domain is not None: 
66                        email = '%s@%s' % (username, email_domain)
67                    user = User(None, username,'','', email, 
68                            PASSWORD_SENTINEL, False, True, 
69                            False, now, now)
70                    user.save()
71                request.user= user
72        return None
73
Back to Top