openstack/horizon
Code Issues Proposed changes
4a8d00d463
horizon/openstack_auth/tests/settings.py
Mathieu Gagné 0d16361326 Fix django.contrib.auth.middleware monkey patching 
The "request" attribute is not available in
openstack_auth.backend.KeystoneBackend.get_user when session data is restored
and it's the first request to happen after a server restart.

As stated by the function document, the "request" attribute needs to be
monkey-patched by openstack_auth.utils.patch_middleware_get_user
for this function to work properly.

This should happen in openstack_auth.urls at import time. But there is nowhere
in Horizon where this module is imported at startup. It's only introspected
by openstack_dashboard.urls due to AUTHENTICATION_URLS setting.

Without this monkey-patching, the whole authentication mechanism falls back
to "AnonymousUser" and you will get redirected to the login page due
to horizon.exceptions.NotAuthenticated being raised by
horizon.decorators.require_auth as request.user.is_authenticated will be False.

But if a user requests a page under auth/, it will have the side-effect of
monkey-patching django.contrib.auth.middleware as expected. This means that
once this request is completed, all following requests to pages other than
the ones under auth/ will have there sessions properly restored and
you will be properly authenticated.

Therefore this change introduces a dummy middleware which sole purpose is
to perform this monkey-patching as early as possible.

There is also some cleanup to get rid of the previous attempts at
monkeypatching.

Closes-bug: #1764622
Change-Id: Ib9912090a87b716e7f5710f6f360b0df168ec2e3
2018-11-06 21:36:45 +00:00

116 lines
2.8 KiB
Python
Raw Blame History

# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
# implied.
# See the License for the specific language governing permissions and
# limitations under the License.
import os
ALLOWED_HOSTS = ['*']
DATABASES = {'default': {'ENGINE': 'django.db.backends.sqlite3'}}
INSTALLED_APPS = [
'django',
'django.contrib.contenttypes',
'django.contrib.auth',
'django.contrib.sessions',
'django.contrib.messages',
'openstack_auth',
'openstack_auth.tests'
]
MIDDLEWARE = [
'openstack_auth.middleware.OpenstackAuthMonkeyPatchMiddleware',
'django.middleware.common.CommonMiddleware',
'django.middleware.csrf.CsrfViewMiddleware',
'django.contrib.sessions.middleware.SessionMiddleware',
'django.contrib.auth.middleware.AuthenticationMiddleware',
'django.contrib.messages.middleware.MessageMiddleware'
]
AUTHENTICATION_BACKENDS = ['openstack_auth.backend.KeystoneBackend']
OPENSTACK_KEYSTONE_URL = "http://localhost:5000/v3"
ROOT_URLCONF = 'openstack_auth.tests.urls'
LOGIN_REDIRECT_URL = '/'
SECRET_KEY = 'badcafe'
OPENSTACK_API_VERSIONS = {
"identity": 3
}
USE_TZ = True
OPENSTACK_KEYSTONE_MULTIDOMAIN_SUPPORT = False
OPENSTACK_KEYSTONE_DEFAULT_DOMAIN = 'domain'
# NOTE(saschpe): The openstack_auth.user.Token object isn't
# JSON-serializable ATM
SESSION_SERIALIZER = 'django.contrib.sessions.serializers.PickleSerializer'
TEST_DIR = os.path.dirname(os.path.abspath(__file__))
POLICY_FILES_PATH = os.path.join(TEST_DIR, "conf")
POLICY_FILES = {
'identity': 'keystone_policy.json',
'compute': 'nova_policy.json'
}
TEMPLATES = [
{
'BACKEND': 'django.template.backends.django.DjangoTemplates',
'APP_DIRS': True,
},
]
LOGGING = {
'version': 1,
'disable_existing_loggers': False,
'handlers': {
'null': {
'level': 'DEBUG',
'class': 'logging.NullHandler',
},
'test': {
'level': 'ERROR',
'class': 'logging.StreamHandler',
}
},
'loggers': {
'openstack_auth': {
'handlers': ['test'],
'propagate': False,
},
}
}
AUTH_USER_MODEL = 'openstack_auth.User'
LOGGING = {
'version': 1,
'disable_existing_loggers': False,
'handlers': {
'test': {
'level': 'ERROR',
'class': 'logging.StreamHandler',
}
},
'loggers': {
'openstack_auth': {
'handlers': ['test'],
'propagate': False,
},
}
}
View Git Blame Copy Permalink