mirrors/django
1
0
Fork 0
mirror of https://github.com/django/django.git synced 2024-12-22 17:16:24 +00:00
Code Issues 25 Releases Wiki Activity

Fixed #36002 -- Referred to request.Meta key in Persistent/RemoteUserMiddleware comments.

Browse Source 
Changed the docstrings and code comments to better reflect where the default value
comes from (an environment variable, not request header).
This commit is contained in:
Anders Einar Hilden 2024-12-11 18:59:57 +01:00 committed by Sarah Boyce
parent 7e41a7a47d
commit a8b70aeffd
1 changed files with 14 additions and 11 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

25
django/contrib/auth/middleware.py
View File

@ -95,13 +95,16 @@ class RemoteUserMiddleware:
Middleware for utilizing web-server-provided authentication. Middleware for utilizing web-server-provided authentication.
If request.user is not authenticated, then this middleware attempts to If request.user is not authenticated, then this middleware attempts to
authenticate the username passed in the ``REMOTE_USER`` request header. authenticate the username from the ``REMOTE_USER`` key in ``request.META``,
an environment variable commonly set by the webserver.
If authentication is successful, the user is automatically logged in to If authentication is successful, the user is automatically logged in to
persist the user in the session. persist the user in the session.
The header used is configurable and defaults to ``REMOTE_USER``. Subclass The ``request.META`` key is configurable and defaults to ``REMOTE_USER``.
this class and change the ``header`` attribute if you need to use a Subclass this class and change the ``header`` attribute if you need to
different header. use a different key from ``request.META``, for example a HTTP request
header.
""" """
sync_capable = True sync_capable = True
@ -116,9 +119,9 @@ class RemoteUserMiddleware:
markcoroutinefunction(self) markcoroutinefunction(self)
super().__init__() super().__init__()
# Name of request header to grab username from. This will be the key as # Name of request.META key to grab username from. Note that for
# used in the request.META dictionary, i.e. the normalization of headers to # request headers, normalization to all uppercase and the addition
# all uppercase and the addition of "HTTP_" prefix apply. # of a "HTTP_" prefix apply.
header = "REMOTE_USER" header = "REMOTE_USER"
force_logout_if_no_header = True force_logout_if_no_header = True
@ -259,10 +262,10 @@ class PersistentRemoteUserMiddleware(RemoteUserMiddleware):
Middleware for web-server provided authentication on logon pages. Middleware for web-server provided authentication on logon pages.
Like RemoteUserMiddleware but keeps the user authenticated even if Like RemoteUserMiddleware but keeps the user authenticated even if
the header (``REMOTE_USER``) is not found in the request. Useful the ``request.META`` key is not found in the request. Useful for
for setups when the external authentication via ``REMOTE_USER`` setups when the external authentication is only expected to happen
is only expected to happen on some "logon" URL and the rest of on some "logon" URL and the rest of the application wants to use
the application wants to use Django's authentication mechanism. Django's authentication mechanism.
""" """
force_logout_if_no_header = False force_logout_if_no_header = False