[Django] #35971: RemoteUserMiddleware needs a get_username method

[Django]

#35971: RemoteUserMiddleware needs a get_username method
-------------------------------+-----------------------------------------
     Reporter:  adk-swisstopo  |                     Type:  Uncategorized
       Status:  new            |                Component:  contrib.auth
      Version:  dev            |                 Severity:  Normal
     Keywords:                 |             Triage Stage:  Unreviewed
    Has patch:  0              |      Needs documentation:  0
  Needs tests:  0              |  Patch needs improvement:  0
Easy pickings:  0              |                    UI/UX:  0
-------------------------------+-----------------------------------------
 As currently implemented, the only way to customise how
 RemoteUserMiddleware gets the username is through the "header" variable.
 This is then used in __call__ and __acall__ methods like this:

 {{{
             username = request.META[self.header]
 }}}

 It would be convenient to move that logic into a separate method that
 could be overridden. For example:
 {{{
 get_username(self):
     return request.META[self.header]
 }}}

 Specific use case: the proxy I have in front of Django always sets two
 specific headers (say "X-Username" and "X-Authenticated"). The value of
 "X-Username" is only valid if "X-Authenticated" is "true", otherwise it
 should be ignored (typically it ends up being a single space character). I
 use PersistentRemoteMiddleware to use X-Username but the only way I found
 to ignore it when X-Authenticated is not true is to override __call__ /
 __acall__ or clean_username. Both seem rather fragile while a small change
 to RemoteUserMiddleware would make for a much more robust, flexible and
 maintainable solution.

 With the proposed change, in my child class I could just say
 {{{
 def get_username(self):
     if request.META["X-Authenticated"].lower() != "true":
         raise KeyError
     else:
         return request.META[self.header]
 }}}

 I am happy to propose a patch if we can agree this change is desirable.
-- 
Ticket URL: <https://code.djangoproject.com/ticket/35971>
Django <https://code.djangoproject.com/>
The Web framework for perfectionists with deadlines.

-- 
You received this message because you are subscribed to the Google Groups 
"Django updates" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to django-updates+unsubscr...@googlegroups.com.
To view this discussion visit 
https://groups.google.com/d/msgid/django-updates/0107019391733cdb-efbe7a3d-f661-4bd1-90c7-6d6dd9a8f0ba-000000%40eu-central-1.amazonses.com.