mirror of
				https://github.com/paperless-ngx/paperless-ngx.git
				synced 2025-10-26 00:02:35 -04:00 
			
		
		
		
	Merge pull request #3516 from ajgon/fix/http-remote-user-api
Fix: KeyError error on unauthenticated API calls
This commit is contained in:
		
						commit
						569165371c
					
				| @ -1,6 +1,6 @@ | ||||
| from django.conf import settings | ||||
| from django.contrib import auth | ||||
| from django.contrib.auth.middleware import RemoteUserMiddleware | ||||
| from django.contrib.auth.middleware import PersistentRemoteUserMiddleware | ||||
| from django.contrib.auth.models import User | ||||
| from django.utils.deprecation import MiddlewareMixin | ||||
| from rest_framework import authentication | ||||
| @ -37,7 +37,7 @@ class AngularApiAuthenticationOverride(authentication.BaseAuthentication): | ||||
|             return None | ||||
| 
 | ||||
| 
 | ||||
| class HttpRemoteUserMiddleware(RemoteUserMiddleware): | ||||
| class HttpRemoteUserMiddleware(PersistentRemoteUserMiddleware): | ||||
|     """This class allows authentication via HTTP_REMOTE_USER which is set for | ||||
|     example by certain SSO applications. | ||||
|     """ | ||||
|  | ||||
| @ -12,22 +12,21 @@ def handle_failed_login(sender, credentials, request, **kwargs): | ||||
|     client_ip, _ = ipware.get_client_ip( | ||||
|         meta=request.META, | ||||
|     ) | ||||
|     username = credentials.get("username") | ||||
|     log_output = ( | ||||
|         "No authentication provided" | ||||
|         if username is None | ||||
|         else f"Login failed for user `{username}`" | ||||
|     ) | ||||
| 
 | ||||
|     if client_ip is None: | ||||
|         logger.info( | ||||
|             f"Login failed for user `{credentials['username']}`." | ||||
|             " Unable to determine IP address.", | ||||
|         ) | ||||
|         log_output += ". Unable to determine IP address." | ||||
|     else: | ||||
|         if client_ip.is_global: | ||||
|             # We got the client's IP address | ||||
|             logger.info( | ||||
|                 f"Login failed for user `{credentials['username']}`" | ||||
|                 f" from IP `{client_ip}.`", | ||||
|             ) | ||||
|             log_output += f" from IP `{client_ip}.`" | ||||
|         else: | ||||
|             # The client's IP address is private | ||||
|             logger.info( | ||||
|                 f"Login failed for user `{credentials['username']}`" | ||||
|                 f" from private IP `{client_ip}.`", | ||||
|             ) | ||||
|             log_output += f" from private IP `{client_ip}.`" | ||||
| 
 | ||||
|     logger.info(log_output) | ||||
|  | ||||
| @ -12,6 +12,26 @@ class TestFailedLoginLogging(TestCase): | ||||
|             "username": "john lennon", | ||||
|         } | ||||
| 
 | ||||
|     def test_unauthenticated(self): | ||||
|         """ | ||||
|         GIVEN: | ||||
|             - Request with no authentication provided | ||||
|         WHEN: | ||||
|             - Request provided to signal handler | ||||
|         THEN: | ||||
|             - Unable to determine logged for unauthenticated user | ||||
|         """ | ||||
|         request = HttpRequest() | ||||
|         request.META = {} | ||||
|         with self.assertLogs("paperless.auth") as logs: | ||||
|             handle_failed_login(None, {}, request) | ||||
|             self.assertEqual( | ||||
|                 logs.output, | ||||
|                 [ | ||||
|                     "INFO:paperless.auth:No authentication provided. Unable to determine IP address.", | ||||
|                 ], | ||||
|             ) | ||||
| 
 | ||||
|     def test_none(self): | ||||
|         """ | ||||
|         GIVEN: | ||||
|  | ||||
		Loading…
	
	
			
			x
			
			
		
	
		Reference in New Issue
	
	Block a user