From fb0cf53f123239c17f721b7567f7fc70f9a48f06 Mon Sep 17 00:00:00 2001
From: =?utf-8?q?C=C3=A9lestin=20Matte?= <gitlab@cmatte.me>
Date: Fri, 14 Apr 2023 14:31:49 +0200
Subject: [PATCH] Always load auth, even when using PUBLIC_ARCHIVES=True

Even in public archives mode, auth is necessary as an antispam feature for
downloading mbox, raw messages etc.
Add a (always true) USE_PG_COMMUNITY_AUTH conditional on the model of pglister.
Move MIDDLEWARE definitions to static array.
---
 django/archives/settings.py | 15 ++++++---------
 django/archives/urls.py     | 19 +++++++++----------
 2 files changed, 15 insertions(+), 19 deletions(-)

diff --git a/django/archives/settings.py b/django/archives/settings.py
index 24861a9..bd1b89d 100644
--- a/django/archives/settings.py
+++ b/django/archives/settings.py
@@ -81,6 +81,10 @@ SECRET_KEY = '7j9q&&!g26rkh!=g%1zb@20b^k^gmzy4=!mhzu2wesxb9b%16m'

 MIDDLEWARE = [
     'django.middleware.common.CommonMiddleware',
+    'django.contrib.sessions.middleware.SessionMiddleware',
+    'django.contrib.auth.middleware.AuthenticationMiddleware',
+    'django.middleware.csrf.CsrfViewMiddleware',
+    'archives.mailarchives.redirecthandler.RedirectMiddleware',
 ]

 ROOT_URLCONF = 'archives.urls'
@@ -144,6 +148,7 @@ SEARCH_CLIENTS = ('127.0.0.1',)
 API_CLIENTS = ('127.0.0.1',)
 PUBLIC_ARCHIVES = False
 # pgauth configuration if using private archives
+USE_PG_COMMUNITY_AUTH = True
 PGAUTH_REDIRECT = "http://localhost:8000/account/auth/12/"
 PGAUTH_KEY = "encryption_key"
 ALLOW_RESEND = False
@@ -155,15 +160,7 @@ try:
 except ImportError:
     pass

-# If this is a non-public site, enable middleware for handling logins etc
-if ALLOW_RESEND or not PUBLIC_ARCHIVES:
-    MIDDLEWARE = [
-        'django.contrib.sessions.middleware.SessionMiddleware',
-        'django.contrib.auth.middleware.AuthenticationMiddleware',
-        'django.middleware.csrf.CsrfViewMiddleware',
-    ] + MIDDLEWARE
-    MIDDLEWARE.append('archives.mailarchives.redirecthandler.RedirectMiddleware')
-
+if USE_PG_COMMUNITY_AUTH:
     INSTALLED_APPS = [
         'django.contrib.sessions',
     ] + INSTALLED_APPS
diff --git a/django/archives/urls.py b/django/archives/urls.py
index bc8a18d..6744c37 100644
--- a/django/archives/urls.py
+++ b/django/archives/urls.py
@@ -63,13 +63,12 @@ urlpatterns = [
     url(r'^dyncss/(?P<css>base|docs).css$', archives.mailarchives.views.dynamic_css),
 ]

-if settings.ALLOW_RESEND or not settings.PUBLIC_ARCHIVES:
-    import archives.auth
-
-    urlpatterns += [
-        # For non-public archives, support login
-        url(r'^(?:list/_auth/)?accounts/login/?$', archives.auth.login),
-        url(r'^(?:list/_auth/)?accounts/logout/?$', archives.auth.logout),
-        url(r'^(?:list/_auth/)?auth_receive/$', archives.auth.auth_receive),
-        url(r'^(?:list/_auth/)?auth_api/$', archives.auth.auth_api),
-    ]
+import archives.auth
+
+urlpatterns += [
+    # For non-public archives, support login
+    url(r'^(?:list/_auth/)?accounts/login/?$', archives.auth.login),
+    url(r'^(?:list/_auth/)?accounts/logout/?$', archives.auth.logout),
+    url(r'^(?:list/_auth/)?auth_receive/$', archives.auth.auth_receive),
+    url(r'^(?:list/_auth/)?auth_api/$', archives.auth.auth_api),
+]
-- 
2.40.0