From 507f0d060da30a8f65bec8b2ac1f08837d536b4c Mon Sep 17 00:00:00 2001
From: cbdev <cb@cbcdn.com>
Date: Mon, 4 Jul 2022 19:21:34 +0200
Subject: Implement authentication modules for admin panel

---
 backend/ExternalAuth.py | 22 ++++++++++++++++++++++
 1 file changed, 22 insertions(+)
 create mode 100644 backend/ExternalAuth.py

(limited to 'backend/ExternalAuth.py')

diff --git a/backend/ExternalAuth.py b/backend/ExternalAuth.py
new file mode 100644
index 0000000..e6837ec
--- /dev/null
+++ b/backend/ExternalAuth.py
@@ -0,0 +1,22 @@
+import config
+import utils
+
+# This authentication provider assumes that the actual authentication is done in
+# an upstream component such as the serving httpd.
+# The authorized user is expected to be passed in the uwsgi environment variable REMOTE_USER.
+
+def login(env, post):
+	user = get(env)
+	if not User:
+		return utils.redirect(config.homepage)
+
+	utils.ensure_user(user["user"])
+	return utils.redirect("/admin")
+
+def get(env):
+	if env.get('REMOTE_USER', ''):
+		return {"user": env.get('REMOTE_USER', ''), "expire": None}
+	return None
+
+def logout():
+	return False
-- 
cgit v1.2.3