[PATCH] pgarchives: Always load auth, even when using PUBLIC_ARCHIVES=True

There's an issue in pgarchives with auth when using PUBLIC_ARCHIVES=True.
Even in public archives mode, auth is necessary as an antispam feature for downloading mbox, raw messages etc.
However, in public archives mode, auth is not loaded, except when setting ALLOW_RESEND=True. But that variable has a different purpose and the semantics is unclear.
Several solutions exist:
- adding a variable in settings to allow auth for these purposes
- always loading auth. This is the solution I used in attached patch.
--
Célestin Matte

On Sat, Apr 1, 2023 at 11:38 PM Célestin Matte <celestin(dot)matte(at)cmatte(dot)me> wrote:
>
> There's an issue in pgarchives with auth when using PUBLIC_ARCHIVES=True.
> Even in public archives mode, auth is necessary as an antispam feature for downloading mbox, raw messages etc.
> However, in public archives mode, auth is not loaded, except when setting ALLOW_RESEND=True. But that variable has a different purpose and the semantics is unclear.
> Several solutions exist:
> - adding a variable in settings to allow auth for these purposes
> - always loading auth. This is the solution I used in attached patch.

Ouch. That is definitely a think-o when I changed it to use this type
of auth for antispam. Oops.

I think at this point it would be more clear to just merge the changes
up to where they are originally instead of adding them later, that is
include things in MIDDLEWARE already in the static array.

It might be, for cleanliness perspective and possible future
expansion, good to keep the PGAUTH specific parts under an "if PGAUTH"
or something like that, and then just hardcode that one to True for
now. But things like session and authentication middleware are going
to be needed regardless of which authentication method i sused.

--
Magnus Hagander
Me: https://www.hagander.net/
Work: https://www.redpill-linpro.com/

Like this? (attached)

On 11/04/2023 11:13, Magnus Hagander wrote:
> On Sat, Apr 1, 2023 at 11:38 PM Célestin Matte <celestin(dot)matte(at)cmatte(dot)me> wrote:
>>
>> There's an issue in pgarchives with auth when using PUBLIC_ARCHIVES=True.
>> Even in public archives mode, auth is necessary as an antispam feature for downloading mbox, raw messages etc.
>> However, in public archives mode, auth is not loaded, except when setting ALLOW_RESEND=True. But that variable has a different purpose and the semantics is unclear.
>> Several solutions exist:
>> - adding a variable in settings to allow auth for these purposes
>> - always loading auth. This is the solution I used in attached patch.
>
>
> Ouch. That is definitely a think-o when I changed it to use this type
> of auth for antispam. Oops.
>
> I think at this point it would be more clear to just merge the changes
> up to where they are originally instead of adding them later, that is
> include things in MIDDLEWARE already in the static array.
>
> It might be, for cleanliness perspective and possible future
> expansion, good to keep the PGAUTH specific parts under an "if PGAUTH"
> or something like that, and then just hardcode that one to True for
> now. But things like session and authentication middleware are going
> to be needed regardless of which authentication method i sused.
>

--
Célestin Matte