6ae1f5e21d
The "request" attribute is not available in openstack_auth.backend.KeystoneBackend.get_user when session data is restored and it's the first request to happen after a server restart. As stated by the function document, the "request" attribute needs to be monkey-patched by openstack_auth.utils.patch_middleware_get_user for this function to work properly. This should happen in openstack_auth.urls at import time. But there is nowhere in Horizon where this module is imported at startup. It's only introspected by openstack_dashboard.urls due to AUTHENTICATION_URLS setting. Without this monkey-patching, the whole authentication mechanism falls back to "AnonymousUser" and you will get redirected to the login page due to horizon.exceptions.NotAuthenticated being raised by horizon.decorators.require_auth as request.user.is_authenticated will be False. But if a user requests a page under auth/, it will have the side-effect of monkey-patching django.contrib.auth.middleware as expected. This means that once this request is completed, all following requests to pages other than the ones under auth/ will have there sessions properly restored and you will be properly authenticated. Therefore this change introduces a dummy middleware which sole purpose is to perform this monkey-patching as early as possible. There is also some cleanup to get rid of the previous attempts at monkeypatching. Closes-bug: #1764622 [backport specific notice] Queens horizon supports Django 1.8 and 1.11. The key point is Django 2.0 is not supported. Django 2.0 dropped the legacy Django middleware interface and the new interface is not supported in Django 1.8. Thus, this backport changes OpenstackAuthMonkeyPatchMiddleware in openstack_auth/middlware.py to use the legacy middleware interface. Conflicts: openstack_dashboard/settings.py openstack_dashboard/test/helpers.py Change-Id: Ib9912090a87b716e7f5710f6f360b0df168ec2e3 (cherry picked from commit0d16361326
) (cherry picked from commit8851866aad
)
21 lines
733 B
Python
21 lines
733 B
Python
# Licensed under the Apache License, Version 2.0 (the "License"); you may
|
|
# not use this file except in compliance with the License. You may obtain
|
|
# a copy of the License at
|
|
#
|
|
# http://www.apache.org/licenses/LICENSE-2.0
|
|
#
|
|
# Unless required by applicable law or agreed to in writing, software
|
|
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
|
|
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
|
|
# License for the specific language governing permissions and limitations
|
|
# under the License.
|
|
|
|
from openstack_auth import utils
|
|
|
|
# NOTE: The main role of this middleware is to call this.
|
|
utils.patch_middleware_get_user()
|
|
|
|
|
|
class OpenstackAuthMonkeyPatchMiddleware(object):
|
|
pass
|