openstack
/
django_openstack_auth
Code Issues Proposed changes

Add is_authenticated and is_anonymous properties 

See
https://docs.djangoproject.com/en/1.10/releases/1.10/#using-user-is-authenticated-and-user-is-anonymous-as-methods

is_anonymous() and is_authenticated() functions are now properties, and
throw critical security warnings when using python manage.py check in
django 1.10

The duplication is just to make it explicit which code paths are being
followed. They could be refactored to remove it, but in a few months
when we move to the next LTS we would just end up removing the refactors
since there would once again be a single path.

We also removed the `margin` parameter, since it is never used anywhere.
This will be documented in a Horizon release note.

Change-Id: I7a92089ae62a9017274002648f26f13bc34709d9
(cherry picked from commit 00346889c9)
This commit is contained in:
Rob Cresswell 2016-08-10 09:10:20 +01:00
parent d51a0bdfd9
commit 03a6db3074
1 changed files with 40 additions and 23 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

63
openstack_auth/user.py
View File

@ -14,9 +14,11 @@
import hashlib
import logging
import django
from django.conf import settings
from django.contrib.auth import models
from django.db import models as db_models
from django.utils import deprecation
from keystoneauth1 import exceptions as keystone_exceptions
from keystoneclient.common import cms as keystone_cms
import six
@ -261,35 +263,50 @@ class User(models.AbstractBaseUser, models.AnonymousUser):
return None
return not utils.is_token_valid(self.token, margin)
def is_authenticated(self, margin=None):
"""Checks for a valid authentication.
if django.VERSION >= (1, 10):
@property
def is_authenticated(self):
"""Checks for a valid authentication."""
if (self.token is not None and utils.is_token_valid(self.token)):
return deprecation.CallableTrue
else:
return deprecation.CallableFalse
:param margin:
A security time margin in seconds before end of authentication.
Will return ``False`` if authentication ends in less than ``margin``
seconds of time.
A default margin can be set by the TOKEN_TIMEOUT_MARGIN in the
django settings.
@property
def is_anonymous(self):
"""Return if the user is not authenticated.
"""
return (self.token is not None and
utils.is_token_valid(self.token, margin))
Returns ``True`` if not authenticated,``False`` otherwise.
"""
return deprecation.CallableBool(not self.is_authenticated)
else:
def is_authenticated(self, margin=None):
"""Checks for a valid authentication.
def is_anonymous(self, margin=None):
"""Return if the user is not authenticated.
:param margin:
A security time margin in seconds before end of authentication.
Will return ``False`` if authentication ends in less than
``margin`` seconds of time.
A default margin can be set by the TOKEN_TIMEOUT_MARGIN in the
django settings.
"""
return (self.token is not None and
utils.is_token_valid(self.token, margin))
Returns ``True`` if not authenticated,``False`` otherwise.
def is_anonymous(self, margin=None):
"""Return if the user is not authenticated.
:param margin:
A security time margin in seconds before end of an eventual
authentication.
Will return ``True`` even if authenticated but that authentication
ends in less than ``margin`` seconds of time.
A default margin can be set by the TOKEN_TIMEOUT_MARGIN in the
django settings.
Returns ``True`` if not authenticated,``False`` otherwise.
"""
return not self.is_authenticated(margin)
:param margin:
A security time margin in seconds before end of an eventual
authentication.
Will return ``True`` even if authenticated but that
authentication ends in less than ``margin`` seconds of time.
A default margin can be set by the TOKEN_TIMEOUT_MARGIN in the
django settings.
"""
return not self.is_authenticated(margin)
@property
def is_active(self):