o {,h+@sddlmZddlmZddlmZmZddlmZddl m Z ddl m Z m Z ddlmZddlmZdd lmZdd lmZdd lmZdd lmZd dZddZGdddeZGdddeZGdddZGdddeZdS))partial)urlsplit)iscoroutinefunctionmarkcoroutinefunction)settings)auth)REDIRECT_FIELD_NAME load_backend)RemoteUserBackend)redirect_to_login)ImproperlyConfigured) resolve_url)MiddlewareMixin)SimpleLazyObjectcCst|ds t||_|jS)N _cached_user)hasattrrget_userrrequestrT/var/www/html/rh/venv/lib/python3.10/site-packages/django/contrib/auth/middleware.pyrs  rcs$t|dst|IdH|_|jS)N _acached_user)rr aget_userrrrrrausers rc@seZdZddZdS)AuthenticationMiddlewarecs4tds tdtfdd_tt_dS)NsessionzThe Django authentication middleware requires session middleware to be installed. Edit your MIDDLEWARE setting to insert 'django.contrib.sessions.middleware.SessionMiddleware' before 'django.contrib.auth.middleware.AuthenticationMiddleware'.cstS)N)rrrrr'sz:AuthenticationMiddleware.process_request..)rr ruserrr)selfrrrrprocess_requests z(AuthenticationMiddleware.process_requestN)__name__ __module__ __qualname__rrrrrrs rc@s4eZdZdZeZddZddZddZdd Z d S) LoginRequiredMiddlewarez Middleware that redirects all unauthenticated requests to a login page. Views using the login_not_required decorator will not be redirected. cCs(|jjrdSt|ddsdS|||S)Nlogin_requiredT)ris_authenticatedgetattrhandle_no_permission)rr view_func view_args view_kwargsrrr process_view4s   z$LoginRequiredMiddleware.process_viewcCs&t|ddptj}|stdt|S)N login_urlzNo login URL to redirect to. Define settings.LOGIN_URL or provide a login_url via the 'django.contrib.auth.decorators.login_required' decorator.)r&r LOGIN_URLr str)rr(r,rrr get_login_url=s z%LoginRequiredMiddleware.get_login_urlcCst|d|jS)Nredirect_field_name)r&r0)rr(rrrget_redirect_field_nameGsz/LoginRequiredMiddleware.get_redirect_field_namec Csp|}t||}t|dd\}}t|dd\}}|r%||kr/|r+||kr/|}t||||S)N)build_absolute_urir r/r get_full_pathr r1) rrr(pathresolved_login_url login_scheme login_netloccurrent_schemecurrent_netlocrrrr'Js z,LoginRequiredMiddleware.handle_no_permissionN) r r!r"__doc__rr0r+r/r1r'rrrrr#+s  r#csXeZdZdZdZdZfddZdZdZddZ dd Z d d Z d d Z ddZ ZS)RemoteUserMiddlewarea Middleware for utilizing web-server-provided authentication. If request.user is not authenticated, then this middleware attempts to authenticate the username from the ``REMOTE_USER`` key in ``request.META``, an environment variable commonly set by the webserver. If authentication is successful, the user is automatically logged in to persist the user in the session. The ``request.META`` key is configurable and defaults to ``REMOTE_USER``. Subclass this class and change the ``header`` attribute if you need to use a different key from ``request.META``, for example a HTTP request header. Tcs<|durtd||_t||_|jrt|tdS)Nzget_response must be provided.) ValueError get_responseris_asyncrsuper__init__)rr> __class__rrrAqs zRemoteUserMiddleware.__init__ REMOTE_USERcCs|jr||St|dstdz|j|j}Wnty3|jr,|jj r,| || |YSw|jj rM|j | ||krH| |S| |tj||d}|r_||_t||| |S)NrThe Django remote user auth middleware requires the authentication middleware to be installed. Edit your MIDDLEWARE setting to insert 'django.contrib.auth.middleware.AuthenticationMiddleware' before the RemoteUserMiddleware class. remote_user)r? __acall__rr METAheaderKeyErrorforce_logout_if_no_headerrr%_remove_invalid_userr> get_usernameclean_usernamer authenticateloginrrusernamerrrr__call__s,         zRemoteUserMiddleware.__call__cst|ds tdz |jd|j}Wn&ty:|jr0|IdH}|jr0||IdH| |IdHYSw|IdH}|jr_| | ||krW| |IdHS||IdHt j ||dIdH}|rw||_t ||IdH| |IdHS)NrrEHTTP_rF)rr rIrJrKrLrr%_aremove_invalid_userr>rNrOr aauthenticateraloginrRrrrrHs0   zRemoteUserMiddleware.__acall__cCs<|jtj}t|}z||}W|StyY|Sw)zr Allow the backend to clean the username, if the backend defines a clean_username method. )rrBACKEND_SESSION_KEYr rOAttributeError)rrSr backend_strbackendrrrrOs    z#RemoteUserMiddleware.clean_usernamecCsTz t|jtjd}Wntyt|YdSwt|tr(t|dSdSz Remove the current authenticated user in the request which is invalid but only if the user is authenticated via the RemoteUserBackend. N) r rgetrrY ImportErrorlogout isinstancer rrstored_backendrrrrMs  z)RemoteUserMiddleware._remove_invalid_usercshzt|jtjdIdH}Wnty"t|IdHYdSwt|tr2t|IdHdSdSr]) r ragetrrYr`alogoutrbr rcrrrrVs  z*RemoteUserMiddleware._aremove_invalid_user)r r!r"r; sync_capable async_capablerArJrLrTrHrOrMrV __classcell__rrrBrr<]s  *, r<c@seZdZdZdZdS)PersistentRemoteUserMiddlewarea Middleware for web-server provided authentication on logon pages. Like RemoteUserMiddleware but keeps the user authenticated even if the ``request.META`` key is not found in the request. Useful for setups when the external authentication is only expected to happen on some "logon" URL and the rest of the application wants to use Django's authentication mechanism. FN)r r!r"r;rLrrrrrjs rjN) functoolsr urllib.parser asgiref.syncrr django.confrdjango.contribrdjango.contrib.authrr django.contrib.auth.backendsr django.contrib.auth.viewsr django.core.exceptionsr django.shortcutsr django.utils.deprecationrdjango.utils.functionalrrrrr#r<rjrrrrs&         2(