authentication by reverse proxy

realms/modules/auth/__init__.py

@@ -5,8 +5,10 @@ from flask_login import login_url
 
 from realms import login_manager
 
+
 modules = set()
 
+
 @login_manager.unauthorized_handler
 def unauthorized():
     if request.method == 'GET':

realms/modules/auth/models.py

@@ -17,6 +17,7 @@ from . import modules
 def load_user(auth_id):
     return Auth.load_user(auth_id)
 
+
 auth_users = {}
 
 
@@ -40,7 +41,9 @@ class Auth(object):
     def login_forms():
         forms = []
         for t in modules:
-            forms.append(Auth.get_auth_user(t).login_form())
+            form = Auth.get_auth_user(t).login_form()
+            if form:
+                forms.append(form)
         return "<hr />".join(forms)
 
 

realms/modules/auth/proxy/__init__.py

@@ -0,0 +1,5 @@
+from __future__ import absolute_import
+
+from realms.modules.auth.models import Auth
+
+Auth.register('proxy')

realms/modules/auth/proxy/models.py

@@ -0,0 +1,42 @@
+from __future__ import absolute_import
+
+from flask_login import login_user
+
+from realms.modules.auth.models import BaseUser
+
+
+users = {}
+
+
+class User(BaseUser):
+    type = 'proxy'
+
+    def __init__(self, username, email='null@localhost.local', password="dummypassword"):
+        self.id = username
+        self.username = username
+        self.email = email
+        self.password = password
+
+    @property
+    def auth_token_id(self):
+        return self.password
+
+    @staticmethod
+    def load_user(*args, **kwargs):
+        return User.get_by_id(args[0])
+
+    @staticmethod
+    def get_by_id(user_id):
+        return users.get(user_id)
+
+    @staticmethod
+    def login_form():
+        return None
+
+    @staticmethod
+    def do_login(user_id):
+        user = User(user_id)
+        users[user_id] = user
+        login_user(user, remember=True)
+        return True
+

realms/modules/auth/views.py

@@ -1,7 +1,7 @@
 from __future__ import absolute_import
 
 from flask import current_app, render_template, request, redirect, Blueprint, flash, url_for, session
-from flask_login import logout_user
+from flask_login import logout_user, current_user
 
 from .models import Auth
 
@@ -12,6 +12,8 @@ blueprint = Blueprint('auth', __name__, template_folder='templates')
 @blueprint.route("/login", methods=['GET', 'POST'])
 def login():
     next_url = request.args.get('next') or url_for(current_app.config['ROOT_ENDPOINT'])
+    if current_user.is_authenticated():
+        return redirect(next_url)
     session['next_url'] = next_url
     return render_template("auth/login.html", forms=Auth.login_forms())