usso 0.24.2__py3-none-any.whl → 0.24.4__py3-none-any.whl

usso/django/middleware.py

@@ -19,18 +19,14 @@ class USSOAuthenticationMiddleware(MiddlewareMixin):
         Middleware to authenticate users by JWT token and create or return a user in the database.
         """
         try:
-            logger.debug("Processing request in USSO authentication middleware")
-
-            # Extract and verify JWT from Authorization header or cookies
-            user_data = self.jwt_access_security(request)
+            if hasattr(request, "user") and request.user.is_authenticated:
+                return
 
+            user_data = self.jwt_access_security_none(request)
             if user_data:
-                # Check database for the user or create a new one
                 user = self.get_or_create_user(user_data)
-                # Attach the user to the request
                 request.user = user
-            else:
-                return None
+                request._dont_enforce_csrf_checks = True
         except USSOException as e:
             # Handle any errors raised by USSO authentication
             return JsonResponse({"error": str(e)}, status=401)
@@ -46,6 +42,15 @@ class USSOAuthenticationMiddleware(MiddlewareMixin):
 
         return request.COOKIES.get("usso_access_token")
 
+    def jwt_access_security_none(self, request: HttpRequest) -> UserData | None:
+        """Return the user associated with a token value."""
+        token = self.get_request_token(request)
+        if not token:
+            return None
+        return Usso(jwks_url=settings.USSO_JWK_URL).user_data_from_token(
+            token, raise_exception=False
+        )
+
     def jwt_access_security(self, request: HttpRequest) -> UserData | None:
         """Return the user associated with a token value."""
         token = self.get_request_token(request)

{usso-0.24.2.dist-info → usso-0.24.4.dist-info}/METADATA

@@ -1,6 +1,6 @@
 Metadata-Version: 2.1
 Name: usso
-Version: 0.24.2
+Version: 0.24.4
 Summary: A plug-and-play client for integrating universal single sign-on (SSO) with Python frameworks, enabling secure and seamless authentication across microservices.
 Author-email: Mahdi Kiani <mahdikiany@gmail.com>
 Maintainer-email: Mahdi Kiani <mahdikiany@gmail.com>

{usso-0.24.2.dist-info → usso-0.24.4.dist-info}/RECORD

@@ -8,12 +8,12 @@ usso/exceptions.py,sha256=hawOAuVbvQtjgRfwp1KFZ4SmV7fh720y5Gom9JVA8W8,504
 usso/package_data.dat,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
 usso/session.py,sha256=S3dFXzar0Pcwxj5TGqadKwGdmzmzgp4H2W3brfOwJ6A,1184
 usso/django/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
-usso/django/middleware.py,sha256=GXorowWoPXRqFNp6KkXjd5NXszik-pUFR_cECz8E2As,3040
+usso/django/middleware.py,sha256=EEEpHvMQ6QiWw2HY8zQ2Aec0RCATcLWsCKeyiPWJKio,3245
 usso/fastapi/__init__.py,sha256=TRTDVJo8bwZQDAuCQFhh-g1XbIspf6TdFYXGAO5cgAU,130
 usso/fastapi/integration.py,sha256=Lt3qRwQ59K7GCDHgB0dE0hpc18gYZEjwMb_xS4qsGg0,1651
-usso-0.24.2.dist-info/LICENSE.txt,sha256=ceC9ZJOV9H6CtQDcYmHOS46NA3dHJ_WD4J9blH513pc,1081
-usso-0.24.2.dist-info/METADATA,sha256=6VZqL6bLF1h4muBRx2HZZcab4RZSiPbJQ5yjKmns_0U,4231
-usso-0.24.2.dist-info/WHEEL,sha256=GV9aMThwP_4oNCtvEC2ec3qUYutgWeAzklro_0m4WJQ,91
-usso-0.24.2.dist-info/entry_points.txt,sha256=4Zgpm5ELaAWPf0jPGJFz1_X69H7un8ycT3WdGoJ0Vvk,35
-usso-0.24.2.dist-info/top_level.txt,sha256=g9Jf6h1Oyidh0vPiFni7UHInTJjSvu6cUalpLTIvthg,5
-usso-0.24.2.dist-info/RECORD,,
+usso-0.24.4.dist-info/LICENSE.txt,sha256=ceC9ZJOV9H6CtQDcYmHOS46NA3dHJ_WD4J9blH513pc,1081
+usso-0.24.4.dist-info/METADATA,sha256=cUhJmktVNYhlVXcUQO13nAipxE0367c72bL0sxVMW4s,4231
+usso-0.24.4.dist-info/WHEEL,sha256=GV9aMThwP_4oNCtvEC2ec3qUYutgWeAzklro_0m4WJQ,91
+usso-0.24.4.dist-info/entry_points.txt,sha256=4Zgpm5ELaAWPf0jPGJFz1_X69H7un8ycT3WdGoJ0Vvk,35
+usso-0.24.4.dist-info/top_level.txt,sha256=g9Jf6h1Oyidh0vPiFni7UHInTJjSvu6cUalpLTIvthg,5
+usso-0.24.4.dist-info/RECORD,,