From 13c82cdbf9237a94adac17f0f1fd9234fedb3846 Mon Sep 17 00:00:00 2001 From: vabene1111 Date: Wed, 10 Jun 2020 12:02:27 +0200 Subject: [PATCH] made remote auth a config setting --- .env.template | 5 +++++ recipes/settings.py | 10 +++++++--- 2 files changed, 12 insertions(+), 3 deletions(-) diff --git a/.env.template b/.env.template index 60cdf3347..d31cb01b3 100644 --- a/.env.template +++ b/.env.template @@ -19,3 +19,8 @@ POSTGRES_DB=djangodb # provided that include an additional nxginx container to handle media file serving. # If you know what you are doing turn this back on (1) to serve media files using djangos serve() method. GUNICORN_MEDIA=0 + + +# allow authentication via reverse proxy (e.g. authelia), leave of if you dont know what you are doing +# docs: https://github.com/vabene1111/recipes/tree/develop/docs/docker/nginx-proxy%20with%20proxy%20authentication +REVERSE_PROXY_AUTH=0 diff --git a/recipes/settings.py b/recipes/settings.py index 12d479a0c..c45be1073 100644 --- a/recipes/settings.py +++ b/recipes/settings.py @@ -23,6 +23,8 @@ DEBUG = bool(int(os.getenv('DEBUG', True))) GUNICORN_MEDIA = bool(int(os.getenv('GUNICORN_MEDIA', True))) +REVERSE_PROXY_AUTH = bool(int(os.getenv('REVERSE_PROXY_AUTH', False))) + ALLOWED_HOSTS = os.getenv('ALLOWED_HOSTS').split(',') if os.getenv('ALLOWED_HOSTS') else ['*'] LOGIN_REDIRECT_URL = "index" @@ -69,14 +71,16 @@ MIDDLEWARE = [ 'django.contrib.messages.middleware.MessageMiddleware', 'django.middleware.locale.LocaleMiddleware', 'django.middleware.clickjacking.XFrameOptionsMiddleware', - 'recipes.middleware.CustomRemoteUser', - ] +] AUTHENTICATION_BACKENDS = [ - 'django.contrib.auth.backends.RemoteUserBackend', 'django.contrib.auth.backends.ModelBackend', ] +if REVERSE_PROXY_AUTH: + MIDDLEWARE.append('recipes.middleware.CustomRemoteUser') + AUTHENTICATION_BACKENDS.append('django.contrib.auth.backends.RemoteUserBackend') + ROOT_URLCONF = 'recipes.urls' TEMPLATES = [