Skip to content

Allow for association with session user #287

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 2 commits into
base: master
Choose a base branch
from
Open

Allow for association with session user #287

wants to merge 2 commits into from

Conversation

tacerus
Copy link
Contributor

@tacerus tacerus commented Aug 4, 2025

  1. Allow for association with session user

    In environments with multiple authentication backends it can be
    desirable to link an LDAP login with an existing user.

  2. Allow sync relation function to return user

    If existing users are associated, it can be useful to similarly compare
    an LDAP login with a model containing users created through different
    backends, and further to use a found user object instead of creating a
    new one.

tacerus added 2 commits August 4, 2025 14:52
@tacerus
Allow for association with session user
f006601 
In environments with multiple authentication backends it can be
desirable to link an LDAP login with an existing user.

Signed-off-by: Georg Pfuetzenreuter <[email protected]>
@tacerus
Allow sync relation function to return user
ab04e18 
If existing users are associated, it can be useful to similarly compare
an LDAP login with a model containing users created through different
backends, and further to use a found user object instead of creating a
new one.

Signed-off-by: Georg Pfuetzenreuter <[email protected]>
@tacerus tacerus marked this pull request as ready for review August 4, 2025 22:09
@etianen
Copy link
Owner

etianen commented Aug 10, 2025

Thanks for this!

I'm a bit confused about the use-case, however! I've implemented apps with multiple authentication backends before, and this package works with no further modification. Indeed, it's quite possible to have a User record with a working password to support the built-in ModelBackend, and also have that record associated with the LDAP backend.

I'm confused as to how request.user would be populated without using AuthenticationMiddleware. Is this to integrate with RemoteUserMiddleware or some other 3rd-party auth-style middleware?

@tacerus
Copy link
Contributor Author

tacerus commented Aug 10, 2025

Thanks for the input, I'm unfortunately slightly confused too, I am using django.contrib.auth.middleware.AuthenticationMiddleware in my application. It uses both social_core and django_python3_ldap backends. Without this patch, a user could only log in with LDAP (initiating their authenticated session) and afterwards (in the same session) with Social to keep a "relation" and the same Django user. With this patch, it additionally works if the user first logs in with Social and then with LDAP. Am I missing something (either in how I would make this work without the patch or in the question)?

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@tacerus @etianen