diff --git a/realms/__init__.py b/realms/__init__.py
index e04c122..bdb1640 100644
--- a/realms/__init__.py
+++ b/realms/__init__.py
@@ -27,9 +27,8 @@ from werkzeug.exceptions import HTTPException
 from sqlalchemy.ext.declarative import declarative_base
 
 from realms.modules.search.models import Search
-from realms.lib.util import to_canonical, remove_ext, mkdir_safe, gravatar_url, to_dict
+from realms.lib.util import to_canonical, remove_ext, mkdir_safe, gravatar_url, to_dict, is_su, in_virtualenv
 from realms.lib.hook import HookModelMeta, HookMixin
-from realms.lib.util import is_su, in_virtualenv
 from realms.version import __version__
 
 
@@ -216,22 +215,6 @@ def create_app(config=None):
         if app.config.get('DB_URI'):
             db.metadata.create_all(db.get_engine(app))
 
-    if app.config["AUTH_PROXY"]:
-        logger = logging.getLogger("realms.auth")
-
-        @app.before_request
-        def proxy_auth():
-            from realms.modules.auth.proxy.models import User as ProxyUser
-            remote_user = request.headers.get(app.config["AUTH_PROXY_HEADER_NAME"])
-            if remote_user:
-                if current_user.is_authenticated:
-                    if current_user.id == remote_user:
-                        return
-                    logger.info("login in realms and login by proxy are different: '{}'/'{}'".format(
-                        current_user.id, remote_user))
-                    logout_user()
-                logger.info("User logged in by proxy as '{}'".format(remote_user))
-                ProxyUser.do_login(remote_user)
 
     return app
 
diff --git a/realms/config/__init__.py b/realms/config/__init__.py
index 3c5da25..860837f 100644
--- a/realms/config/__init__.py
+++ b/realms/config/__init__.py
@@ -160,6 +160,8 @@ class Config(object):
             self.MODULES.append('auth.oauth')
         if hasattr(self, 'LDAP'):
             self.MODULES.append('auth.ldap')
+        if hasattr(self, "AUTH_PROXY"):
+            self.MODULES.append('auth.proxy')
         if in_vagrant():
             self.USE_X_SENDFILE = False
         if self.ENV == "DEV":
diff --git a/realms/modules/auth/proxy/hooks.py b/realms/modules/auth/proxy/hooks.py
new file mode 100644
index 0000000..e7dcae4
--- /dev/null
+++ b/realms/modules/auth/proxy/hooks.py
@@ -0,0 +1,25 @@
+from __future__ import absolute_import
+
+import logging
+
+from flask import request, current_app
+from flask_login import current_user, logout_user
+
+from .models import User as ProxyUser
+
+
+logger = logging.getLogger("realms.auth")
+
+
+def before_request():
+    header_name = current_app.config["AUTH_PROXY_HEADER_NAME"]
+    remote_user = request.headers.get(header_name)
+    if remote_user:
+        if current_user.is_authenticated:
+            if current_user.id == remote_user:
+                return
+            logger.info("login in realms and login by proxy are different: '{}'/'{}'".format(
+                current_user.id, remote_user))
+            logout_user()
+        logger.info("User logged in by proxy as '{}'".format(remote_user))
+        ProxyUser.do_login(remote_user)