The "request" attribute is not available in
openstack_auth.backend.KeystoneBackend.get_user when session data is restored
and it's the first request to happen after a server restart.
As stated by the function document, the "request" attribute needs to be
monkey-patched by openstack_auth.utils.patch_middleware_get_user
for this function to work properly.
This should happen in openstack_auth.urls at import time. But there is nowhere
in Horizon where this module is imported at startup. It's only introspected
by openstack_dashboard.urls due to AUTHENTICATION_URLS setting.
Without this monkey-patching, the whole authentication mechanism falls back
to "AnonymousUser" and you will get redirected to the login page due
to horizon.exceptions.NotAuthenticated being raised by
horizon.decorators.require_auth as request.user.is_authenticated will be False.
But if a user requests a page under auth/, it will have the side-effect of
monkey-patching django.contrib.auth.middleware as expected. This means that
once this request is completed, all following requests to pages other than
the ones under auth/ will have there sessions properly restored and
you will be properly authenticated.
Therefore this change introduces a dummy middleware which sole purpose is
to perform this monkey-patching as early as possible.
There is also some cleanup to get rid of the previous attempts at
monkeypatching.
Reviewed: https:/ /review. openstack. org/618997 /git.openstack. org/cgit/ openstack/ horizon/ commit/ ?id=8851866aad5 b3826f0a3d56940 5707bffa593c80
Committed: https:/
Submitter: Zuul
Branch: stable/rocky
commit 8851866aad5b382 6f0a3d569405707 bffa593c80
Author: Mathieu Gagné <email address hidden>
Date: Wed Oct 31 22:24:31 2018 -0400
Fix django. contrib. auth.middleware monkey patching
The "request" attribute is not available in auth.backend. KeystoneBackend .get_user when session data is restored
openstack_
and it's the first request to happen after a server restart.
As stated by the function document, the "request" attribute needs to be auth.utils. patch_middlewar e_get_user
monkey-patched by openstack_
for this function to work properly.
This should happen in openstack_auth.urls at import time. But there is nowhere dashboard. urls due to AUTHENTICATION_URLS setting.
in Horizon where this module is imported at startup. It's only introspected
by openstack_
Without this monkey-patching, the whole authentication mechanism falls back exceptions. NotAuthenticate d being raised by decorators. require_ auth as request. user.is_ authenticated will be False.
to "AnonymousUser" and you will get redirected to the login page due
to horizon.
horizon.
But if a user requests a page under auth/, it will have the side-effect of contrib. auth.middleware as expected. This means that
monkey-patching django.
once this request is completed, all following requests to pages other than
the ones under auth/ will have there sessions properly restored and
you will be properly authenticated.
Therefore this change introduces a dummy middleware which sole purpose is
to perform this monkey-patching as early as possible.
There is also some cleanup to get rid of the previous attempts at
monkeypatching.
Closes-bug: #1764622
Conflicts: dashboard/ settings. py dashboard/ test/helpers. py
openstack_
openstack_
Change-Id: Ib9912090a87b71 6e7f5710f6f360b 0df168ec2e3 818fe567793a4fc 88fe140d4a)
(cherry picked from commit 0d163613265e036