Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Move authentication backend class to separate module. #18542

Merged
merged 3 commits into from
Jul 10, 2018
Merged
Changes from 1 commit
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
Next Next commit
Move authentication backend class to separate module.
Douglas Hall committed Jul 9, 2018
commit 8ce412ed6f9b69f4cde84872b73a27740e9f111a
4 changes: 3 additions & 1 deletion lms/envs/common.py
Original file line number Diff line number Diff line change
@@ -649,7 +649,9 @@ def _add_microsite_dirs_to_default_template_engine(settings):

###############################################################################################

AUTHENTICATION_BACKENDS = ['openedx.core.djangoapps.oauth_dispatch.dot_overrides.validators.EdxRateLimitedAllowAllUsersModelBackend']
AUTHENTICATION_BACKENDS = [
'openedx.core.djangoapps.oauth_dispatch.dot_overrides.backends.EdxRateLimitedAllowAllUsersModelBackend'
]
STUDENT_FILEUPLOAD_MAX_SIZE = 4 * 1000 * 1000 # 4 MB
MAX_FILEUPLOADS_PER_INPUT = 20

18 changes: 18 additions & 0 deletions openedx/core/djangoapps/oauth_dispatch/dot_overrides/backends.py
Original file line number Diff line number Diff line change
@@ -0,0 +1,18 @@
"""
Custom authentication backends.
"""
from django.contrib.auth.backends import AllowAllUsersModelBackend as UserModelBackend
from ratelimitbackend.backends import RateLimitMixin


class EdxRateLimitedAllowAllUsersModelBackend(RateLimitMixin, UserModelBackend):
"""
Authentication backend needed to incorporate rate limiting of login attempts - but also
enabling users with is_active of False in the Django auth_user model to still authenticate.
This is necessary for mobile users using 3rd party auth who have not activated their accounts,
Inactive users who use 1st party auth (username/password auth) will still fail login attempts,
just at a higher layer, in the login_user view.

See: https://openedx.atlassian.net/browse/TNL-4516
"""
pass
15 changes: 0 additions & 15 deletions openedx/core/djangoapps/oauth_dispatch/dot_overrides/validators.py
Original file line number Diff line number Diff line change
@@ -6,14 +6,12 @@
from datetime import datetime

from django.contrib.auth import authenticate, get_user_model
from django.contrib.auth.backends import AllowAllUsersModelBackend as UserModelBackend
from django.db.models.signals import pre_save
from django.dispatch import receiver
from oauth2_provider.models import AccessToken
from oauth2_provider.oauth2_validators import OAuth2Validator
from oauth2_provider.scopes import get_scopes_backend
from pytz import utc
from ratelimitbackend.backends import RateLimitMixin

from ..models import RestrictedApplication

@@ -27,19 +25,6 @@ def on_access_token_presave(sender, instance, *args, **kwargs): # pylint: disab
instance.expires = datetime(1970, 1, 1, tzinfo=utc)


class EdxRateLimitedAllowAllUsersModelBackend(RateLimitMixin, UserModelBackend):
"""
Authentication backend needed to incorporate rate limiting of login attempts - but also
enabling users with is_active of False in the Django auth_user model to still authenticate.
This is necessary for mobile users using 3rd party auth who have not activated their accounts,
Inactive users who use 1st party auth (username/password auth) will still fail login attempts,
just at a higher layer, in the login_user view.

See: https://openedx.atlassian.net/browse/TNL-4516
"""
pass


class EdxOAuth2Validator(OAuth2Validator):
"""
Validator class that implements edX-specific custom behavior: