codemicro/analytics
Archived
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Switch back to using proxy-based authentication

Browse source 
Signed-off-by: AKP <tom@tdpain.net>
This commit is contained in:
akp 2023-04-05 17:52:44 +01:00
parent cef2f8421e
commit ff5ed1348c
No known key found for this signature in database
GPG key ID: AA5726202C8879B7
1 changed files with 14 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

14
datasette_plugin/analytics.py
View file

@ -29,6 +29,20 @@ def is_actor_authed(actor):
return required_user_group in actor.get("groups", {}) return required_user_group in actor.get("groups", {})
@hookimpl
def actor_from_request(request):
# This is designed to convert Authentik proxy provider headers into an actor.
# We're assuming every request is authenticated because that's how that provider works.
rh = request.headers
return {
"id": rh.get("x-authentik-uid"),
"name": rh.get("x-authentik-name"),
"username": rh.get("x-authentik-username"),
"email": rh.get("x-authentik-email"),
"groups": rh.get("x-authentik-groups", "").split("|"),
}
@hookimpl @hookimpl
def permission_allowed(actor, action): def permission_allowed(actor, action):
if action == "execute-sql" or action == "permissions-debug" or action == "debug-menu": if action == "execute-sql" or action == "permissions-debug" or action == "debug-menu":