openstack/deb-python-django-openstack-auth
Code Issues Proposed changes

Add is_authenticated and is_anonymous properties

Browse Source 
See
https://docs.djangoproject.com/en/1.10/releases/1.10/#using-user-is-authenticated-and-user-is-anonymous-as-methods

is_anonymous() and is_authenticated() functions are now properties, and
throw critical security warnings when using python manage.py check in
django 1.10

The duplication is just to make it explicit which code paths are being
followed. They could be refactored to remove it, but in a few months
when we move to the next LTS we would just end up removing the refactors
since there would once again be a single path.

We also removed the `margin` parameter, since it is never used anywhere.
This will be documented in a Horizon release note.

Change-Id: I7a92089ae62a9017274002648f26f13bc34709d9
This commit is contained in:
Rob Cresswell
2016-08-10 09:10:20 +01:00
parent cec7a02170
commit 00346889c9
1 changed files with 40 additions and 23 deletions
Download Patch File Download Diff File Expand all files Collapse all files

29
openstack_auth/user.py
View File

@@ -14,9 +14,11 @@
import hashlib import hashlib
import logging import logging
import django
from django.conf import settings from django.conf import settings
from django.contrib.auth import models from django.contrib.auth import models
from django.db import models as db_models from django.db import models as db_models
from django.utils import deprecation
from keystoneauth1 import exceptions as keystone_exceptions from keystoneauth1 import exceptions as keystone_exceptions
from keystoneclient.common import cms as keystone_cms from keystoneclient.common import cms as keystone_cms
import six import six
@@ -261,16 +263,32 @@ class User(models.AbstractBaseUser, models.AnonymousUser):
return None return None
return not utils.is_token_valid(self.token, margin) return not utils.is_token_valid(self.token, margin)
if django.VERSION >= (1, 10):
@property
def is_authenticated(self):
"""Checks for a valid authentication."""
if (self.token is not None and utils.is_token_valid(self.token)):
return deprecation.CallableTrue
else:
return deprecation.CallableFalse
@property
def is_anonymous(self):
"""Return if the user is not authenticated.
Returns ``True`` if not authenticated,``False`` otherwise.
"""
return deprecation.CallableBool(not self.is_authenticated)
else:
def is_authenticated(self, margin=None): def is_authenticated(self, margin=None):
"""Checks for a valid authentication. """Checks for a valid authentication.
:param margin: :param margin:
A security time margin in seconds before end of authentication. A security time margin in seconds before end of authentication.
Will return ``False`` if authentication ends in less than ``margin`` Will return ``False`` if authentication ends in less than
seconds of time. ``margin`` seconds of time.
A default margin can be set by the TOKEN_TIMEOUT_MARGIN in the A default margin can be set by the TOKEN_TIMEOUT_MARGIN in the
django settings. django settings.
""" """
return (self.token is not None and return (self.token is not None and
utils.is_token_valid(self.token, margin)) utils.is_token_valid(self.token, margin))
@@ -283,11 +301,10 @@ class User(models.AbstractBaseUser, models.AnonymousUser):
:param margin: :param margin:
A security time margin in seconds before end of an eventual A security time margin in seconds before end of an eventual
authentication. authentication.
Will return ``True`` even if authenticated but that authentication Will return ``True`` even if authenticated but that
ends in less than ``margin`` seconds of time. authentication ends in less than ``margin`` seconds of time.
A default margin can be set by the TOKEN_TIMEOUT_MARGIN in the A default margin can be set by the TOKEN_TIMEOUT_MARGIN in the
django settings. django settings.
""" """
return not self.is_authenticated(margin) return not self.is_authenticated(margin)