Coverage for backend/authentication/custom_drf_authentication.py: 100%

19 statements  

« prev     ^ index     » next       coverage.py v7.10.7, created at 2025-11-06 23:27 +0000

1from django.http import HttpRequest 

2from rest_framework.authentication import RemoteUserAuthentication, BaseAuthentication 

3from rest_framework.exceptions import AuthenticationFailed, APIException 

4from CoreRoot import settings 

5from authentication.user.models import BotUser 

6 

7 

8class AhuoraRemoteUserAuthentication(RemoteUserAuthentication): 

9 """Bridge Django's remote-user middleware into DRF request handling. 

10 

11 The authentication class ensures DRF looks for the same header as the 

12 AhuoraRemoteUserMiddleware middleware to authenticate an incoming request. 

13 The header is defined by `settings.REMOTE_USER_HEADER`, which is provided only 

14 by a trusted reverse proxy to identify a user already authenticated earlier in the 

15 request lifecycle at the proxy level. 

16 """ 

17 header = settings.REMOTE_USER_HEADER 

18 

19class DaprApiTokenAuthentication(BaseAuthentication): 

20 """Authenticate Dapr sidecar requests via the configured API token header.""" 

21 def authenticate(self, request: HttpRequest): 

22 """Validate the Dapr API token and return a bot user when accepted.""" 

23 token = request.META.get('HTTP_DAPR_API_TOKEN') 

24 

25 if not token: 

26 return None 

27 

28 dapr_app_token = settings.DAPR_APP_API_TOKEN 

29 if not dapr_app_token: 

30 raise APIException("Dapr API token is not configured") 

31 

32 if token != settings.DAPR_APP_API_TOKEN: 

33 raise AuthenticationFailed() 

34 

35 user = BotUser() 

36 

37 return user, None