Add Django check for enabled user auth methods

bihealth / sodar-core

SODAR Core: A Django-based framework for building scientific data management web apps

MIT License

9 stars 1 forks source link

Add Django check for enabled user auth methods #1451

Closed mikkonie closed 1 month ago

mikkonie commented 2 months ago

We should add a Django set for serving the server to ensure proper user auth methods are enabled. If everything is disabled, no one expect superusers can access the site, which is not generally what we want.

The pseudocode goes something like this:

IF not PROJECTROLES_ALLOW_LOCAL_USERS
AND not ENABLE_LDAP
AND not ENABLE_OIDC
AND not PROJECTROLES_KIOSK_MODE
AND not PROJECTROLES_ALLOW_ANONYMOUS
THEN raise ImproperlyConfigured

mikkonie commented 1 month ago

Done. I decided to set it as a warning instead of error, as technically there may be cases where this is desirable, for example during development.