Skip to content

Improve compatibility with multiple auth methods #55

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
tobiasge wants to merge 2 commits into
base: main
Choose a base branch
from
Open

Improve compatibility with multiple auth methods #55

tobiasge wants to merge 2 commits into from

Conversation

@tobiasge
Copy link
Contributor

@tobiasge tobiasge commented Feb 26, 2025

When using multiple authentication methods in Django it must be possible to direct the users to a login page where they can select the needed authentication method.

@tobiasge
Improve compatibility with multiple auth methods
5d60cb3 
When using multiple authentication methods in Django it must be possible
to direct the users to a login page where they can select the needed
authentication method.
@tobiasge
Compatibility with Django LoginRequiredMiddleware
e7d1362 
Django 5.1 introduced the LoginRequiredMiddleware that automatically
requires an authenticated user on all views except those marked as
not requiring a login.
regoawt
regoawt requested changes Feb 28, 2025
View reviewed changes
Copy link
Collaborator

@regoawt regoawt left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I see what you're trying to do here but I just want to assure myself that this is the best way of implementing it.

azure_auth/middleware.py
return self.get_response(request)
elif active_auth_backend != "azure_auth.auth_backends.AzureBackend":
# User is handled by another backend
return self.get_response(request)
Copy link
Collaborator

@regoawt regoawt Feb 28, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Shouldn't there be a check on self.request.user.is_authenticated before returning?

Copy link
Contributor Author

@tobiasge tobiasge Mar 2, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I'm not sure. In our case we have a second middleware together with a second authentication backend. So each middleware is only checking the accounts that belong to it's backend. But checking self.request.user.is_authenticated here is probably equally valid.

azure_auth/decorators.py
return func(request, *args, **kwargs)
elif active_auth_backend != "azure_auth.auth_backends.AzureBackend":
# User is handled by another backend
return func(request, *args, **kwargs)
Copy link
Collaborator

@regoawt regoawt Feb 28, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Same as for in the middleware - shouldn't there be a check on self.request.user.is_authenticated before returning?

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@regoawt regoawt regoawt requested changes

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@tobiasge @regoawt