in experimenter/experimenter/openidc/middleware.py [0:0]
def __call__(self, request):
try:
resolved = resolve(request.path)
if resolved.url_name in settings.OPENIDC_AUTH_WHITELIST and self.get_response:
return self.get_response(request)
except Resolver404:
pass
default_email = settings.DEV_USER_EMAIL if settings.DEBUG else None
openidc_email = request.META.get(
settings.OPENIDC_EMAIL_HEADER,
# The header may be prepended by `HTTP_` in tests
request.META.get(f"HTTP_{settings.OPENIDC_EMAIL_HEADER}", default_email),
)
if openidc_email is None:
# If a user has bypassed the OpenIDC flow entirely and no header
# is set then we reject the request entirely
return HttpResponse("Please login using OpenID Connect", status=401)
try:
user = User.objects.get(username=openidc_email)
except User.DoesNotExist:
user = User(username=openidc_email, email=openidc_email)
if user.email == settings.DEV_USER_EMAIL and settings.DEBUG:
user.is_superuser = True
user.is_staff = True
user.save()
request.user = user
if self.get_response:
return self.get_response(request)