Commit d1de4b3b authored by Tanner Prestegard's avatar Tanner Prestegard Committed by GraceDB

Rework URL check in shibboleth auth middleware

parent 30824721
......@@ -77,19 +77,3 @@ def check_and_serve_file(request, file_path, ResponseClass=HttpResponse):
response = serve_file(file_path, ResponseClass)
return response
def request_is_for_view(viewname, request):
Returns True/False depending on whether the request is directed to
the view function corresponding to viewname.
resolver_match = resolve(request.path)
except Resolver404:
return None
if (resolver_match.view_name == viewname):
return True
return False
......@@ -6,8 +6,7 @@ from django.contrib import auth
from django.contrib.auth.middleware import PersistentRemoteUserMiddleware
from django.contrib.auth.models import Group
from django.core.exceptions import ImproperlyConfigured
from core.http import request_is_for_view
from django.urls import reverse_lazy
# Set up logger
logger = logging.getLogger(__name__)
......@@ -27,12 +26,13 @@ class ShibbolethWebAuthMiddleware(PersistentRemoteUserMiddleware):
user_header = getattr(settings, 'SHIB_USER_HEADER', 'REMOTE_USER')
group_header = getattr(settings, 'SHIB_GROUPS_HEADER', 'isMemberOf')
group_delimiter = ';'
active_url = reverse_lazy('post-login')
def process_request(self, request):
# This middleware should *only* be active at the post-login URL
# where shibboleth is also active.
if not request_is_for_view('post-login', request):
if not (request.path == self.active_url):
# AuthenticationMiddleware is required so that request.user exists.
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment