Skip to content
This repository has been archived by the owner on Jul 24, 2021. It is now read-only.

Commit

Permalink
Add is_authenticated and is_anonymous properties
Browse files Browse the repository at this point in the history 
See
https://docs.djangoproject.com/en/1.10/releases/1.10/#using-user-is-authenticated-and-user-is-anonymous-as-methods

is_anonymous() and is_authenticated() functions are now properties, and
throw critical security warnings when using python manage.py check in
django 1.10

The duplication is just to make it explicit which code paths are being
followed. They could be refactored to remove it, but in a few months
when we move to the next LTS we would just end up removing the refactors
since there would once again be a single path.

We also removed the `margin` parameter, since it is never used anywhere.
This will be documented in a Horizon release note.

Change-Id: I7a92089ae62a9017274002648f26f13bc34709d9
  • Loading branch information
Rob Cresswell committed Sep 16, 2016
1 parent cec7a02 commit 0034688
Showing 1 changed file with 46 additions and 29 deletions.
75 changes: 46 additions & 29 deletions openstack_auth/user.py
View file
Expand Up @@ -14,9 +14,11 @@
import hashlib
import logging

import django
from django.conf import settings
from django.contrib.auth import models
from django.db import models as db_models
from django.utils import deprecation
from keystoneauth1 import exceptions as keystone_exceptions
from keystoneclient.common import cms as keystone_cms
import six
Expand Down Expand Up @@ -261,35 +263,50 @@ def is_token_expired(self, margin=None):
return None
return not utils.is_token_valid(self.token, margin)

def is_authenticated(self, margin=None):
"""Checks for a valid authentication.
:param margin:
A security time margin in seconds before end of authentication.
Will return ``False`` if authentication ends in less than ``margin``
seconds of time.
A default margin can be set by the TOKEN_TIMEOUT_MARGIN in the
django settings.
"""
return (self.token is not None and
utils.is_token_valid(self.token, margin))

def is_anonymous(self, margin=None):
"""Return if the user is not authenticated.
Returns ``True`` if not authenticated,``False`` otherwise.
:param margin:
A security time margin in seconds before end of an eventual
authentication.
Will return ``True`` even if authenticated but that authentication
ends in less than ``margin`` seconds of time.
A default margin can be set by the TOKEN_TIMEOUT_MARGIN in the
django settings.
"""
return not self.is_authenticated(margin)
if django.VERSION >= (1, 10):
@property
def is_authenticated(self):
"""Checks for a valid authentication."""
if (self.token is not None and utils.is_token_valid(self.token)):
return deprecation.CallableTrue
else:
return deprecation.CallableFalse

@property
def is_anonymous(self):
"""Return if the user is not authenticated.
Returns ``True`` if not authenticated,``False`` otherwise.
"""
return deprecation.CallableBool(not self.is_authenticated)
else:
def is_authenticated(self, margin=None):
"""Checks for a valid authentication.
:param margin:
A security time margin in seconds before end of authentication.
Will return ``False`` if authentication ends in less than
``margin`` seconds of time.
A default margin can be set by the TOKEN_TIMEOUT_MARGIN in the
django settings.
"""
return (self.token is not None and
utils.is_token_valid(self.token, margin))

def is_anonymous(self, margin=None):
"""Return if the user is not authenticated.
Returns ``True`` if not authenticated,``False`` otherwise.
:param margin:
A security time margin in seconds before end of an eventual
authentication.
Will return ``True`` even if authenticated but that
authentication ends in less than ``margin`` seconds of time.
A default margin can be set by the TOKEN_TIMEOUT_MARGIN in the
django settings.
"""
return not self.is_authenticated(margin)

@property
def is_active(self):
Expand Down

0 comments on commit 0034688

Please sign in to comment.