Techsystech
/
server-tools
mirror of https://github.com/OCA/server-tools.git
3
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

auth_http_remote_user: test if already authenticated based on login instead of uid 

Avoids a database query unless authentication is actually required.
pull/34/head
Stéphane Bidoul 2014-08-05 09:24:50 +02:00
parent 5e79ce29dc
commit c2fec40d13
1 changed files with 8 additions and 9 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

17
auth_from_http_remote_user/controllers/main.py
View File

@ -74,22 +74,21 @@ class Home(main.Home):
# continue usual behavior # continue usual behavior
return return
res_users = registry.get('res.users') request_login = request.session.login
if request_login:
if request_login == login:
# already authenticated
return
else:
request.session.logout(keep_db=True)
res_users = registry.get('res.users')
user_id = self._search_user(res_users, login, cr) user_id = self._search_user(res_users, login, cr)
if not user_id: if not user_id:
# HTTP_REMOTE_USER login not found in database # HTTP_REMOTE_USER login not found in database
request.session.logout(keep_db=True) request.session.logout(keep_db=True)
raise http.AuthenticationError() raise http.AuthenticationError()
request_uid = request.session.uid
if request_uid:
if request_uid == user_id:
# already authenticated
return
else:
request.session.logout(keep_db=True)
# generate a specific key for authentication # generate a specific key for authentication
key = randomString(utils.KEY_LENGTH, '0123456789abcdef') key = randomString(utils.KEY_LENGTH, '0123456789abcdef')
res_users.write(cr, SUPERUSER_ID, [user_id], {'sso_key': key}) res_users.write(cr, SUPERUSER_ID, [user_id], {'sso_key': key})