From d1de4b3b5df8a1f773b060edb15c8c49d7484376 Mon Sep 17 00:00:00 2001
From: Tanner Prestegard <tanner.prestegard@ligo.org>
Date: Thu, 31 Jan 2019 10:20:39 -0600
Subject: [PATCH] Rework URL check in shibboleth auth middleware

---
 gracedb/core/http.py           | 16 ----------------
 gracedb/ligoauth/middleware.py |  6 +++---
 2 files changed, 3 insertions(+), 19 deletions(-)

diff --git a/gracedb/core/http.py b/gracedb/core/http.py
index 9236c12ec..f3b961837 100644
--- a/gracedb/core/http.py
+++ b/gracedb/core/http.py
@@ -77,19 +77,3 @@ def check_and_serve_file(request, file_path, ResponseClass=HttpResponse):
         response = serve_file(file_path, ResponseClass)
 
     return response
-
-
-def request_is_for_view(viewname, request):
-    """
-    Returns True/False depending on whether the request is directed to
-    the view function corresponding to viewname.
-    """
-    try:
-        resolver_match = resolve(request.path)
-    except Resolver404:
-        return None
-
-    if (resolver_match.view_name == viewname):
-        return True
-    else:
-        return False
diff --git a/gracedb/ligoauth/middleware.py b/gracedb/ligoauth/middleware.py
index b7156d614..3b43f5474 100644
--- a/gracedb/ligoauth/middleware.py
+++ b/gracedb/ligoauth/middleware.py
@@ -6,8 +6,7 @@ from django.contrib import auth
 from django.contrib.auth.middleware import PersistentRemoteUserMiddleware
 from django.contrib.auth.models import Group
 from django.core.exceptions import ImproperlyConfigured
-
-from core.http import request_is_for_view
+from django.urls import reverse_lazy
 
 # Set up logger
 logger = logging.getLogger(__name__)
@@ -27,12 +26,13 @@ class ShibbolethWebAuthMiddleware(PersistentRemoteUserMiddleware):
     user_header = getattr(settings, 'SHIB_USER_HEADER', 'REMOTE_USER')
     group_header = getattr(settings, 'SHIB_GROUPS_HEADER', 'isMemberOf')
     group_delimiter = ';'
+    active_url = reverse_lazy('post-login')
 
     def process_request(self, request):
 
         # This middleware should *only* be active at the post-login URL
         # where shibboleth is also active.
-        if not request_is_for_view('post-login', request):
+        if not (request.path == self.active_url):
             return
 
         # AuthenticationMiddleware is required so that request.user exists.
-- 
GitLab