1 | from django.parts.auth import anonymoususers |
---|
2 | from django.models.auth import users, User |
---|
3 | import md5 |
---|
4 | import datetime |
---|
5 | |
---|
6 | DEFAULT_DOMAIN = 'example.com' # added to user ID to create email address |
---|
7 | PASSWORD_SENTINEL = 'XXno_passwordXX' # indicates no real password |
---|
8 | |
---|
9 | class HttpAuth: |
---|
10 | """ |
---|
11 | Grabs what the webserver thinks is the logged on user id, |
---|
12 | and use that instead, creating the record if it doesn't exist in the table. |
---|
13 | |
---|
14 | There are currently three problems with this at the moment. |
---|
15 | * It doesn't update the last-login |
---|
16 | * It doesn't update the session cookie |
---|
17 | * It has no idea what the email address is |
---|
18 | """ |
---|
19 | def process_request(self, request): |
---|
20 | "gets REMOTE_USER and sets the userid based on that" |
---|
21 | if request.user.is_anonymous(): |
---|
22 | remote_user = request.META.get('REMOTE_USER') |
---|
23 | if remote_user is not None: |
---|
24 | try: |
---|
25 | username, realm = remote_user.split('@') |
---|
26 | except ValueError: |
---|
27 | username = remote_user |
---|
28 | try: |
---|
29 | user = users.get_object(username__exact=username) |
---|
30 | except (users.UserDoesNotExist): |
---|
31 | now = datetime.datetime.now() |
---|
32 | email = '%s@%s' % (username, DEFAULT_DOMAIN) |
---|
33 | user = User(None, username,'','', email, |
---|
34 | PASSWORD_SENTINEL, False, True, |
---|
35 | False, now, now) |
---|
36 | user.save() |
---|
37 | request.user= user |
---|
38 | return None |
---|
39 | |
---|