[20.09] Allow username or email for authenticate API identity#10521
Conversation
|
Closes #10519 |
|
Should we consolidate the code here with https://github.com/galaxyproject/galaxy/blob/release_20.09/lib/galaxy/webapps/galaxy/controllers/user.py#L135-L145 , maybe in an additional function in |
|
@nsoranzo Yeah, it'd be a good idea to followup with refactoring to have a single method for this -- it would have prevented this problem in the first place. |
|
@dannon @nsoranzo what do you think about 5c7fdad ? This adds a method to |
|
@mvdbeek Looks good to me, I just added a comment on your commit page. |
Note that handling the case of more than 1 record returned is different between the 2 original methods. - The regular login retrieves just the first matching record with `.first()` while `get_api_key` raises an Exception. I've chosen to not raise an Exception since we don't do this with regular logins and this targets 20.09. We could experiment with raising an exception in dev, since that situation should hopefully not be possible. - The baseauth method did require exact email capitalization (which was a problem for some of Jen's account on usegalaxy.org and for users with particular LDAP setups, xref: galaxyproject#8602)
|
@mvdbeek I can cherrypick that here, but I think using the regex to identify the identification type is probably better than just OR'ing in the query. I'll update it. The two regexes match distinct sets and cannot overlap, so you know what kind of identity you're looking for. (the extra test is a great idea either way, thanks) |
|
Thanks @dannon! |
Also fixes an issue with double querying if it's a username non-match.
We actually do have some capitalized publicnames historically.
|
I did a quick check and there are actually public usernames with capitalization on main. |
The primary authentication mechanism behaves this way.
Fixes #10519