Opened 14 hours ago

Last modified 11 hours ago

#35971 new New feature

RemoteUserMiddleware needs a get_username method

Reported by: Adrien Kunysz Owned by:
Component: contrib.auth Version: 5.0
Severity: Normal Keywords:
Cc: Adrien Kunysz Triage Stage: Unreviewed
Has patch: no Needs documentation: no
Needs tests: no Patch needs improvement: no
Easy pickings: no UI/UX: no

Description (last modified by Adrien Kunysz)

As currently implemented, the only way to customise how RemoteUserMiddleware gets the username is through the "header" variable. This is then used in call and acall methods like this:

            username = request.META[self.header]

It would be convenient to move that logic into a separate method that could be overridden. For example:

get_username(self, request, header_name):
    return request.META[header_name]    

Specific use case: the proxy I have in front of Django always sets two specific headers (say "X-Username" and "X-Authenticated"). The value of "X-Username" is only valid if "X-Authenticated" is "true", otherwise it should be ignored (typically it ends up being a single space character). I use PersistentRemoteMiddleware to use X-Username but the only way I found to ignore it when X-Authenticated is not true is to override call / acall , which seems rather fragile while a small change to RemoteUserMiddleware would make for a much more robust, flexible and maintainable solution.

With the proposed change, in my child class I could just say

def get_username(self, request, header_name):
    if request.META["X-Authenticated"].lower() != "true":
        raise KeyError
    return request.META[header_name]

I am happy to propose a patch if we can agree this change is desirable.

The analysis above is for the latest version on github. I have marked this feature request as 5.0 because that's the version I currently use and backporting the proposed change seems easy enough.

Change History (4)

comment:1 by Adrien Kunysz, 14 hours ago

Type: UncategorizedNew feature

comment:2 by Adrien Kunysz, 11 hours ago

Version: dev5.0

comment:3 by Adrien Kunysz, 11 hours ago

Description: modified (diff)

comment:4 by Adrien Kunysz, 11 hours ago

Description: modified (diff)
Note: See TracTickets for help on using tickets.
Back to Top