Issue #60: Explicitly trigger addition of a user when using container-based authentication

Reported by:	Stefan Walter
State:	closed
Created on:	2014-11-28 08:57
Updated on:	2015-08-03 15:44

Description

With the Kallithea instance I'm hosting, authentication is done by an Apache HTTPD proxying to Kallithea. Kallithea creates a new user if the authenticated one does not exist, yet. That works fine, but it still requires that in order to set up access permissions for a new user, that user first needs to log in at least once. It would be nice if there was a simple way for me to trigger the creation of the Kallithea user account without requiring the user to log in, either via a script or via the web interface.

Attachments

Comments

Comment by Mads Kiilerich, on 2014-11-28 14:41

You might be able to do it with the API and polling.

I don't know how a generic solution to that would look like. You can perhaps come up with something that works for you and then we can see if we can generalize it to something upstream.

Comment by Søren Løvborg, on 2015-06-11 20:57

Not sure if I'm missing a subtlety in the question, but when using reverse proxy container authentication as described, simulating a user login is easy. Hence, to create a user, just run the following on the Kallithea server (here assuming default configuration):

curl -H "X-Forwarded-User: john.d.username" http://127.0.0.1:5000/_admin/login

or in Python:

import urllib2
urllib2.urlopen(urllib2.Request('http://127.0.0.1:5000/_admin/login', headers={'X-Forwarded-User': 'john.d.username'}))

Note that this sends a request directly to Kallithea, bypassing Apache and its authentication.

Comment by Stefan Walter, on 2015-06-22 11:56

Thank you for your suggestion, @kwi. In my case, Kallithea is run via mod_wsgi, so that solution might not apply here.

I'll see if I can find some time to dig into Kallithea's API and come up with a potential solution...

Comment by Søren Løvborg, on 2015-06-22 18:45

Alright then, if that's how you run, it can also be done directly against the WSGI layer. :-)

from paste.deploy import loadapp

kallithea = loadapp('config:/full/path/to/kallithea.ini')

def create_user(username):
    def dummy_start_response(*args):
        pass

    kallithea({
        'REMOTE_USER': username,
        'REQUEST_METHOD': 'GET',
        'SERVER_NAME': 'localhost',
        'SERVER_PORT': '80',
        'SCRIPT_NAME': '',
        'PATH_INFO': '/_admin/login',
        'wsgi.version': (1, 0),
        'wsgi.url_scheme': 'http'
    }, dummy_start_response)

create_user('alice')
create_user('bob')

Comment by Stefan Walter, on 2015-06-24 07:31

Ah, OK. I'll try that as soon as I get to it and will provide feedback here. Thank you!

Comment by Thomas De Schampheleire, on 2015-07-27 20:19

@swltr Any feedback already?

Comment by Stefan Walter, on 2015-08-03 15:44

Sorry for the delay - I finally got to test it. Looks like the script that @kwi posted helps. Thanks!

Kallithea issues archive