mirrors/django
1
0
Fork 0
mirror of https://github.com/django/django.git synced 2025-03-06 15:32:33 +00:00
Code Issues 32 Releases Wiki Activity

[5.2.x] Fixed #36200 -- Clarified MIDDLEWARE setting updates when using a custom RemoteUserMiddleware.

Browse Source 
Backport of 87c5de3b7f2316aa17353d74f54e6ff19013d049 from main.
This commit is contained in:
Joonas Häkkinen 2025-02-19 14:36:06 +02:00 committed by Sarah Boyce
parent baea0f644e
commit aadc5c569b
1 changed files with 15 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

17
docs/howto/auth-remote-user.txt
View File

@ -76,14 +76,27 @@ regardless of ``AUTHENTICATION_BACKENDS``.
If your authentication mechanism uses a custom HTTP header and not
``REMOTE_USER``, you can subclass ``RemoteUserMiddleware`` and set the
``header`` attribute to the desired ``request.META`` key. For example::
``header`` attribute to the desired ``request.META`` key. For example:
.. code-block:: python
:caption: ``mysite/middleware.py``
from django.contrib.auth.middleware import RemoteUserMiddleware
class CustomHeaderMiddleware(RemoteUserMiddleware):
class CustomHeaderRemoteUserMiddleware(RemoteUserMiddleware):
header = "HTTP_AUTHUSER"
This custom middleware is then used in the :setting:`MIDDLEWARE` setting
instead of :class:`django.contrib.auth.middleware.RemoteUserMiddleware`::
MIDDLEWARE = [
"...",
"django.contrib.auth.middleware.AuthenticationMiddleware",
"mysite.middleware.CustomHeaderRemoteUserMiddleware",
"...",
]
.. warning::
Be very careful if using a ``RemoteUserMiddleware`` subclass with a custom