Closed andersk closed 1 year ago
(Rebased onto master
so this isn’t entangled with #84.)
@andersk Thanks so much for this change, one of the things I wanted to address in order to use this library was not adding a site-wide middleware, and it looks like you've already beaten me to it!
@logston Is there a release schedule for when these changes might be made available on PyPI? I'd love to take advantage of them! I can install from the git repo at a specific hash for now, but would be a bit harder to manage updates that way.
Yep, just pushed. @caleb15 do you mind reviewing this: https://github.com/15five/django-scim2/pull/95
This way, the user no longer needs to install our middleware in their project settings; this simplifies configuration and avoids a performance penalty for all non-SCIM requests.
Additionally, since
SCIMView
now has a guarantee thatSCIMAuthCheckMiddleware
is being used (unless the newAUTH_CHECK_MIDDLEWARE
setting is explicitly overridden), it no longer needs to perform its own redundant version of the check.With the redundant check removed, we could go further and remove the
GET_IS_AUTHENTICATED_PREDICATE
setting, since the same effect can be achieved by setting theAUTH_CHECK_MIDDLEWARE
setting to a custom subclass ofSCIMAuthCheckMiddleware
.@logston What do you think about this strategy?