Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

feat: ✨ update auth middlewares to allow other auth middlewares #469

Open
wants to merge 1 commit into
base: master
Choose a base branch
from
Open

feat: ✨ update auth middlewares to allow other auth middlewares #469

wants to merge 1 commit into from

Conversation

goztrk
Copy link
Contributor

@goztrk goztrk commented Feb 12, 2025
edited
Loading

Description

The main purpose of this PR is to give room to custom authentication middlewares in the projects.

The middlewares were cutting off the execution and giving forbidden errors other than the Bearer and Basic auth token types.

Also getting the token_type and token from HTTP_AUTHORIZATION is made a utility function to keep the code DRY.

@goztrk goztrk self-assigned this Feb 12, 2025
jontsai
jontsai requested changes Feb 12, 2025
View reviewed changes
apps/accounts/middleware.py
Comment on lines +127 to +128
"""Custom Authentication Middleware to attempt logging in with a securely generated
token
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Suggested change
"""Custom Authentication Middleware to attempt logging in with a securely generated
token
"""Custom Authentication Middleware to attempt logging in with
a securely generated token

Can we break the text differently? Break before the phrase

apps/accounts/middleware.py
Comment on lines +169 to +170
However, if user is logged in when the exception occurred, it is a connection
failure. Therefore, always go to account settings page or equivalent
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Suggested change
However, if user is logged in when the exception occurred, it is a connection
failure. Therefore, always go to account settings page or equivalent
However, if user is logged in when the exception occurred,
it is a connection failure.
Therefore, always go to account settings page or equivalent

Let's break the text differently. New sentence on new line...

apps/accounts/utils/general.py
@@ -95,10 +100,10 @@ def set_random_password(user, password_length=16):

def email_to_username_hash(email):
"""Convert emails to hashed versions where we store them in the username field
We can't just store them directly, or we'd be limited to Django's username <= 30 chars limit,
which is really too small for arbitrary emails
We can't just store them directly, or we'd be limited to Django's username <= 30
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

please revert, this is breaking docstrings in the middle of the thought/phrase, and makes the docstring harder to understand.

apps/accounts/utils/general.py
@@ -175,7 +180,7 @@ def get_user_by_email(email):
)
except UserModel.MultipleObjectsReturned:
user = None
request = get_current_request()
request = get_current_request() # noqa: F841
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I don't think F841 is the right one. Why?

I think below needs to get updated to:

rollbar.report_exc_info(request=request) ?

Let's double check against other places.

apps/accounts/utils/general.py
except:
request = get_current_request()
except Exception:
request = get_current_request() # noqa: F841
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

same, change below to rollbar.report_exc_info(request=request)

apps/accounts/utils/general.py
@@ -304,7 +309,7 @@ def get_user_email(user, email, is_confirmed=True):
return user_email


def associate_user_email(
def associate_user_email( # noqa: C901
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This is nuts

https://www.flake8rules.com/rules/C901.html

In other teams we have ignored rule C901

apps/accounts/middleware.py
else:
# No authentication token provided via available methods
token = None
# and give a chance for other auth middlewares to work
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Suggested change
# and give a chance for other auth middlewares to work
# give a chance for other auth middlewares to work

apps/accounts/middleware.py
# unexpected authorization value
token = None
auth_user = authenticate(request=request, token=token)

elif 'token' in request.GET:
# implicit authenication token using URL params
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Suggested change
# implicit authenication token using URL params
# implicit authentication token using URL params

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@jontsai jontsai jontsai requested changes

Requested changes must be addressed to merge this pull request.

Assignees

@goztrk goztrk

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@goztrk @jontsai