Merge b3adf67b49
into becb84a73d
This commit is contained in:
commit
478d9bee9c
|
@ -1818,6 +1818,8 @@ def _configuration_update_helper():
|
|||
# Reverse proxy login configuration
|
||||
_config_checkbox(to_save, "config_allow_reverse_proxy_header_login")
|
||||
_config_string(to_save, "config_reverse_proxy_login_header_name")
|
||||
_config_checkbox(to_save, "config_reverse_proxy_create_users")
|
||||
_config_string(to_save, "config_reverse_proxy_email_header_name")
|
||||
|
||||
# OAuth configuration
|
||||
if config.config_login_type == constants.LOGIN_OAUTH:
|
||||
|
|
|
@ -82,7 +82,7 @@ class _Settings(_Base):
|
|||
config_random_books = Column(Integer, default=4)
|
||||
config_authors_max = Column(Integer, default=0)
|
||||
config_read_column = Column(Integer, default=0)
|
||||
config_title_regex = Column(String, default=r'^(A|The|An|Der|Die|Das|Den|Ein|Eine|Einen|Dem|Des|Einem|Eines|Le|La|Les|L\'|Un|Une)\s+')
|
||||
config_title_regex = Column(String, default=r'^(A|The|An|Der|Die|Das|Den|Ein|Eine|Einen|Dem|Des|Einem|Eines|Le|La|Les|L\'|Un|Une)\s+')
|
||||
config_theme = Column(Integer, default=0)
|
||||
|
||||
config_log_level = Column(SmallInteger, default=logger.DEFAULT_LOG_LEVEL)
|
||||
|
@ -152,6 +152,8 @@ class _Settings(_Base):
|
|||
|
||||
config_reverse_proxy_login_header_name = Column(String)
|
||||
config_allow_reverse_proxy_header_login = Column(Boolean, default=False)
|
||||
config_reverse_proxy_create_users = Column(Boolean, default=False)
|
||||
config_reverse_proxy_email_header_name = Column(String)
|
||||
|
||||
schedule_start_time = Column(Integer, default=4)
|
||||
schedule_duration = Column(Integer, default=10)
|
||||
|
|
|
@ -154,6 +154,14 @@
|
|||
<div class="col-xs-6 col-sm-7">{{_('Reverse Proxy Header Name')}}</div>
|
||||
<div class="col-xs-6 col-sm-5">{{ config.config_reverse_proxy_login_header_name }}</div>
|
||||
</div>
|
||||
<div class="row">
|
||||
<div class="col-xs-6 col-sm-7">{{_('Create Reverse Proxy Users')}}</div>
|
||||
<div class="col-xs-6 col-sm-5">{{ display_bool_setting(config.config_reverse_proxy_create_users) }}</div>
|
||||
</div>
|
||||
<div class="row">
|
||||
<div class="col-xs-6 col-sm-7">{{_('Reverse Proxy Email Header Name')}}</div>
|
||||
<div class="col-xs-6 col-sm-5">{{ config.config_reverse_proxy_email_header_name }}</div>
|
||||
</div>
|
||||
{% endif %}
|
||||
</div>
|
||||
<a class="btn btn-default" id="db_config" href="{{url_for('admin.db_configuration')}}">{{_('Edit Calibre Database Configuration')}}</a>
|
||||
|
|
|
@ -177,6 +177,14 @@
|
|||
<label for="config_reverse_proxy_login_header_name">{{_('Reverse Proxy Header Name')}}</label>
|
||||
<input type="text" class="form-control" id="config_reverse_proxy_login_header_name" name="config_reverse_proxy_login_header_name" value="{% if config.config_reverse_proxy_login_header_name != None %}{{ config.config_reverse_proxy_login_header_name }}{% endif %}" autocomplete="off">
|
||||
</div>
|
||||
<div class="form-group">
|
||||
<input type="checkbox" id="config_reverse_proxy_create_users" name="config_reverse_proxy_create_users" {% if config.config_reverse_proxy_create_users %}checked{% endif %}>
|
||||
<label for="config_reverse_proxy_create_users">{{_('Create Reverse Proxy Users')}}</label>
|
||||
</div>
|
||||
<div class="form-group">
|
||||
<label for="config_reverse_proxy_email_header_name">{{_('Reverse Proxy Email Header Name')}}</label>
|
||||
<input type="text" class="form-control" id="config_reverse_proxy_email_header_name" name="config_reverse_proxy_email_header_name" value="{% if config.config_reverse_proxy_email_header_name != None %}{{ config.config_reverse_proxy_email_header_name }}{% endif %}" autocomplete="off">
|
||||
</div>
|
||||
</div>
|
||||
{% if not config.config_is_initial %}
|
||||
{% if feature_support['ldap'] or feature_support['oauth'] %}
|
||||
|
|
|
@ -25,6 +25,8 @@ from flask import request, Response
|
|||
|
||||
from . import lm, ub, config, constants, services, logger, limiter
|
||||
|
||||
from .helper import generate_random_password, generate_password_hash, check_email
|
||||
|
||||
log = logger.create()
|
||||
|
||||
def login_required_if_no_ano(func):
|
||||
|
@ -103,9 +105,51 @@ def load_user_from_reverse_proxy_header(req):
|
|||
rp_header_username = req.headers.get(rp_header_name)
|
||||
if rp_header_username:
|
||||
user = _fetch_user_by_name(rp_header_username)
|
||||
if not user and config.config_reverse_proxy_create_users:
|
||||
create_user_from_reverse_proxy_header(req)
|
||||
user = _fetch_user_by_name(rp_header_username)
|
||||
|
||||
if user:
|
||||
[limiter.limiter.storage.clear(k.key) for k in limiter.current_limits]
|
||||
login_user(user)
|
||||
return user
|
||||
return None
|
||||
|
||||
|
||||
def create_user_from_reverse_proxy_header(req):
|
||||
rp_header_name = config.config_reverse_proxy_login_header_name
|
||||
username = req.headers.get(rp_header_name)
|
||||
|
||||
# does the user have an email address in the headers?
|
||||
rp_email_header_name = config.config_reverse_proxy_email_header_name
|
||||
if rp_email_header_name:
|
||||
try:
|
||||
email = check_email(req.headers.get(rp_email_header_name))
|
||||
except Exception:
|
||||
log.debug('No email address found in Reverse Proxy headers')
|
||||
email = username + '@localhost'
|
||||
|
||||
# generate a random password
|
||||
password = generate_random_password(config.config_password_min_length)
|
||||
pwhash = generate_password_hash(password)
|
||||
|
||||
user = ub.User()
|
||||
user.name = username
|
||||
user.password = pwhash
|
||||
user.email = email
|
||||
user.default_language = config.config_default_language
|
||||
user.locale = config.config_default_locale
|
||||
user.role = config.config_default_role
|
||||
user.sidebar_view = config.config_default_show
|
||||
user.allowed_tags = config.config_allowed_tags
|
||||
user.denied_tags = config.config_denied_tags
|
||||
user.allowed_column_value = config.config_allowed_column_value
|
||||
user.denied_column_value = config.config_denied_column_value
|
||||
|
||||
# save the user
|
||||
ub.session.add(user)
|
||||
try:
|
||||
ub.session.commit()
|
||||
except Exception as ex:
|
||||
log.warning("Failed to create Reverse Proxy user: %s - %s", username, ex)
|
||||
ub.session.rollback()
|
||||
|
|
|
@ -1674,6 +1674,14 @@ msgstr ""
|
|||
msgid "Reverse Proxy Header Name"
|
||||
msgstr ""
|
||||
|
||||
#: cps/templates/admin.html:158 cps/templates/config_edit.html:178
|
||||
msgid "Create Reverse Proxy Users"
|
||||
msgstr ""
|
||||
|
||||
#: cps/templates/admin.html:162 cps/templates/config_edit.html:181
|
||||
msgid "Reverse Proxy Email Header Name"
|
||||
msgstr ""
|
||||
|
||||
#: cps/templates/admin.html:159
|
||||
msgid "Edit Calibre Database Configuration"
|
||||
msgstr ""
|
||||
|
|
Loading…
Reference in New Issue