mirror of
https://github.com/YunoHost-Apps/django_example_ynh.git
synced 2024-09-03 18:26:21 +02:00
commit
eb3fe62cac
7 changed files with 31 additions and 18 deletions
|
@ -121,8 +121,10 @@ Notes:
|
||||||
|
|
||||||
## history
|
## history
|
||||||
|
|
||||||
* [compare v0.1.4...master](https://github.com/YunoHost-Apps/django_ynh/compare/v0.1.4...master) **dev**
|
* [compare v0.1.5...master](https://github.com/YunoHost-Apps/django_ynh/compare/v0.1.5...master) **dev**
|
||||||
* tbc
|
* tbc
|
||||||
|
* [v0.1.5 - 19.01.2021](https://github.com/YunoHost-Apps/django_ynh/compare/v0.1.4...v0.1.5)
|
||||||
|
* Make some deps `gunicorn`, `psycopg2-binary`, `django-redis`, `django-axes` optional
|
||||||
* [v0.1.4 - 08.01.2021](https://github.com/YunoHost-Apps/django_ynh/compare/v0.1.3...v0.1.4)
|
* [v0.1.4 - 08.01.2021](https://github.com/YunoHost-Apps/django_ynh/compare/v0.1.3...v0.1.4)
|
||||||
* Bugfix [CSRF verification failed on POST requests #7](https://github.com/YunoHost-Apps/django_ynh/issues/7)
|
* Bugfix [CSRF verification failed on POST requests #7](https://github.com/YunoHost-Apps/django_ynh/issues/7)
|
||||||
* [v0.1.3 - 08.01.2021](https://github.com/YunoHost-Apps/django_ynh/compare/v0.1.2...v0.1.3)
|
* [v0.1.3 - 08.01.2021](https://github.com/YunoHost-Apps/django_ynh/compare/v0.1.2...v0.1.3)
|
||||||
|
|
|
@ -1 +1 @@
|
||||||
__version__ = '0.1.4'
|
__version__ = '0.1.5'
|
||||||
|
|
|
@ -1,12 +1,17 @@
|
||||||
import base64
|
import base64
|
||||||
import logging
|
import logging
|
||||||
|
|
||||||
from axes.exceptions import AxesBackendPermissionDenied
|
|
||||||
from django.conf import settings
|
from django.conf import settings
|
||||||
from django.contrib import auth
|
from django.contrib import auth
|
||||||
from django.contrib.auth import get_user_model
|
from django.contrib.auth import get_user_model
|
||||||
from django.contrib.auth.middleware import RemoteUserMiddleware
|
from django.contrib.auth.middleware import RemoteUserMiddleware
|
||||||
|
|
||||||
|
|
||||||
|
try:
|
||||||
|
from axes.exceptions import AxesBackendPermissionDenied as SuspiciousOperation # log to Axes DB models
|
||||||
|
except ImportError:
|
||||||
|
from django.core.exceptions import SuspiciousOperation
|
||||||
|
|
||||||
from django_ynh.sso_auth.user_profile import call_setup_user, update_user_profile
|
from django_ynh.sso_auth.user_profile import call_setup_user, update_user_profile
|
||||||
|
|
||||||
|
|
||||||
|
@ -50,38 +55,38 @@ class SSOwatRemoteUserMiddleware(RemoteUserMiddleware):
|
||||||
else:
|
else:
|
||||||
# emits a signal indicating user login failed, which is processed by
|
# emits a signal indicating user login failed, which is processed by
|
||||||
# axes.signals.log_user_login_failed which logs and flags the failed request.
|
# axes.signals.log_user_login_failed which logs and flags the failed request.
|
||||||
raise AxesBackendPermissionDenied('Cookie missing')
|
raise SuspiciousOperation('Cookie missing')
|
||||||
else:
|
else:
|
||||||
logger.info('SSOwat username from cookies: %r', username)
|
logger.info('SSOwat username from cookies: %r', username)
|
||||||
if username != user.username:
|
if username != user.username:
|
||||||
raise AxesBackendPermissionDenied('Wrong username')
|
raise SuspiciousOperation('Wrong username')
|
||||||
|
|
||||||
# Compare with HTTP_AUTH_USER
|
# Compare with HTTP_AUTH_USER
|
||||||
try:
|
try:
|
||||||
username = request.META['HTTP_AUTH_USER']
|
username = request.META['HTTP_AUTH_USER']
|
||||||
except KeyError:
|
except KeyError:
|
||||||
logger.error('HTTP_AUTH_USER missing!')
|
logger.error('HTTP_AUTH_USER missing!')
|
||||||
raise AxesBackendPermissionDenied('No HTTP_AUTH_USER')
|
raise SuspiciousOperation('No HTTP_AUTH_USER')
|
||||||
|
|
||||||
if username != user.username:
|
if username != user.username:
|
||||||
raise AxesBackendPermissionDenied('Wrong HTTP_AUTH_USER username')
|
raise SuspiciousOperation('Wrong HTTP_AUTH_USER username')
|
||||||
|
|
||||||
# Also check 'HTTP_AUTHORIZATION', but only the username ;)
|
# Also check 'HTTP_AUTHORIZATION', but only the username ;)
|
||||||
try:
|
try:
|
||||||
authorization = request.META['HTTP_AUTHORIZATION']
|
authorization = request.META['HTTP_AUTHORIZATION']
|
||||||
except KeyError:
|
except KeyError:
|
||||||
logger.error('HTTP_AUTHORIZATION missing!')
|
logger.error('HTTP_AUTHORIZATION missing!')
|
||||||
raise AxesBackendPermissionDenied('No HTTP_AUTHORIZATION')
|
raise SuspiciousOperation('No HTTP_AUTHORIZATION')
|
||||||
|
|
||||||
scheme, creds = authorization.split(' ', 1)
|
scheme, creds = authorization.split(' ', 1)
|
||||||
if scheme.lower() != 'basic':
|
if scheme.lower() != 'basic':
|
||||||
logger.error('HTTP_AUTHORIZATION with %r not supported', scheme)
|
logger.error('HTTP_AUTHORIZATION with %r not supported', scheme)
|
||||||
raise AxesBackendPermissionDenied('HTTP_AUTHORIZATION scheme not supported')
|
raise SuspiciousOperation('HTTP_AUTHORIZATION scheme not supported')
|
||||||
|
|
||||||
creds = str(base64.b64decode(creds), encoding='utf-8')
|
creds = str(base64.b64decode(creds), encoding='utf-8')
|
||||||
username = creds.split(':', 1)[0]
|
username = creds.split(':', 1)[0]
|
||||||
if username != user.username:
|
if username != user.username:
|
||||||
raise AxesBackendPermissionDenied('Wrong HTTP_AUTHORIZATION username')
|
raise SuspiciousOperation('Wrong HTTP_AUTHORIZATION username')
|
||||||
|
|
||||||
if not was_authenticated:
|
if not was_authenticated:
|
||||||
# First request, after login -> update user informations
|
# First request, after login -> update user informations
|
||||||
|
|
|
@ -5,7 +5,7 @@
|
||||||
"description": {
|
"description": {
|
||||||
"en": "Glue code to package django projects as yunohost apps."
|
"en": "Glue code to package django projects as yunohost apps."
|
||||||
},
|
},
|
||||||
"version": "0.1.4~ynh1",
|
"version": "0.1.5~ynh1",
|
||||||
"url": "https://github.com/jedie/django_ynh",
|
"url": "https://github.com/jedie/django_ynh",
|
||||||
"license": "GPL-3.0",
|
"license": "GPL-3.0",
|
||||||
"maintainer": {
|
"maintainer": {
|
||||||
|
|
|
@ -1,6 +1,6 @@
|
||||||
[tool.poetry]
|
[tool.poetry]
|
||||||
name = "django_ynh"
|
name = "django_ynh"
|
||||||
version = "0.1.4"
|
version = "0.1.5"
|
||||||
description = "Glue code to package django projects as yunohost apps."
|
description = "Glue code to package django projects as yunohost apps."
|
||||||
authors = ["JensDiemer <git@jensdiemer.de>"]
|
authors = ["JensDiemer <git@jensdiemer.de>"]
|
||||||
license = "GPL"
|
license = "GPL"
|
||||||
|
@ -14,12 +14,14 @@ packages = [
|
||||||
[tool.poetry.dependencies]
|
[tool.poetry.dependencies]
|
||||||
python = ">=3.7,<4.0.0"
|
python = ">=3.7,<4.0.0"
|
||||||
django = "*"
|
django = "*"
|
||||||
gunicorn = "*"
|
# The follogin extra packages are used for install "django_ynh" as YunoHost app:
|
||||||
django-axes = "*" # https://github.com/jazzband/django-axes
|
gunicorn = { version = "*", optional = true }
|
||||||
psycopg2-binary = "*"
|
psycopg2-binary = { version = "*", optional = true }
|
||||||
django-redis = "*"
|
django-redis = { version = "*", optional = true }
|
||||||
|
django-axes = { version = "*", optional = true } # https://github.com/jazzband/django-axes
|
||||||
|
|
||||||
[tool.poetry.dev-dependencies]
|
[tool.poetry.dev-dependencies]
|
||||||
|
django-axes = "*" # https://github.com/jazzband/django-axes
|
||||||
poetry-publish = "*" # https://github.com/jedie/poetry-publish
|
poetry-publish = "*" # https://github.com/jedie/poetry-publish
|
||||||
bx_py_utils = "*"
|
bx_py_utils = "*"
|
||||||
tox = "*"
|
tox = "*"
|
||||||
|
@ -33,6 +35,10 @@ flynt = "*"
|
||||||
black = "*"
|
black = "*"
|
||||||
pyupgrade = "*"
|
pyupgrade = "*"
|
||||||
|
|
||||||
|
[tool.poetry.extras]
|
||||||
|
ynh = ["gunicorn", "psycopg2-binary", "django-redis", "django-axes"] # install as YunoHost app
|
||||||
|
|
||||||
|
|
||||||
[build-system]
|
[build-system]
|
||||||
requires = ["poetry-core>=1.0.0"]
|
requires = ["poetry-core>=1.0.0"]
|
||||||
build-backend = "poetry.core.masonry.api"
|
build-backend = "poetry.core.masonry.api"
|
||||||
|
|
|
@ -28,7 +28,7 @@ log_file="${log_path}/django_ynh.log"
|
||||||
pkg_dependencies="build-essential python3-dev python3-pip python3-venv git postgresql postgresql-contrib"
|
pkg_dependencies="build-essential python3-dev python3-pip python3-venv git postgresql postgresql-contrib"
|
||||||
|
|
||||||
# To install/upgrade this project via pip:
|
# To install/upgrade this project via pip:
|
||||||
pip_install_string="django_ynh==0.1.4"
|
pip_install_string="django_ynh[ynh]==0.1.5"
|
||||||
|
|
||||||
#=================================================
|
#=================================================
|
||||||
# Redis HELPERS
|
# Redis HELPERS
|
||||||
|
|
|
@ -32,7 +32,7 @@ def test_version(package_root=None, version=None):
|
||||||
assert_file_contains_string(file_path=Path(package_root, 'pyproject.toml'), string=f'version = "{version}"')
|
assert_file_contains_string(file_path=Path(package_root, 'pyproject.toml'), string=f'version = "{version}"')
|
||||||
assert_file_contains_string(file_path=Path(package_root, 'manifest.json'), string=f'"version": "{version}~ynh')
|
assert_file_contains_string(file_path=Path(package_root, 'manifest.json'), string=f'"version": "{version}~ynh')
|
||||||
assert_file_contains_string(
|
assert_file_contains_string(
|
||||||
file_path=Path(package_root, 'scripts', '_common.sh'), string=f'"django_ynh=={version}"'
|
file_path=Path(package_root, 'scripts', '_common.sh'), string=f'"django_ynh[ynh]=={version}"'
|
||||||
)
|
)
|
||||||
|
|
||||||
|
|
||||||
|
|
Loading…
Reference in a new issue