diff --git a/matchminer/custom.py b/matchminer/custom.py index f683aab..78dcd1c 100644 --- a/matchminer/custom.py +++ b/matchminer/custom.py @@ -10,7 +10,6 @@ from urllib.parse import urlparse from bson import ObjectId -from onelogin.saml2.auth import OneLogin_Saml2_Auth import simplejson as json import oncotreenx from requests import post, get @@ -653,6 +652,7 @@ def init_saml_auth(req): json_data_file.close() # create auth object with required settings. + from onelogin.saml2.auth import OneLogin_Saml2_Auth auth = OneLogin_Saml2_Auth(req, settings_data) # return it diff --git a/matchminer/security.py b/matchminer/security.py index 169d55b..f5905c8 100644 --- a/matchminer/security.py +++ b/matchminer/security.py @@ -19,7 +19,7 @@ from bson.objectid import ObjectId from matchminer import database -from matchminer.settings import ONCORE_CURATION_AUTH_TOKEN +from matchminer.settings import ONCORE_CURATION_AUTH_TOKEN, DISABLE_ONCORE_AUTH logging.basicConfig(level=logging.INFO, format='[%(levelname)s] %(message)s', ) @@ -129,6 +129,10 @@ def authorize_oncore_curation(request): :return: {bool} True if user is not authenticated. False if user is authenticated """ + if DISABLE_ONCORE_AUTH: + logging.info("Curation UI auth disabled") + return False + user_id = request.cookies.get('user_id') if user_id is None: return True diff --git a/matchminer/settings.py b/matchminer/settings.py index 5c96bb2..146a25e 100644 --- a/matchminer/settings.py +++ b/matchminer/settings.py @@ -21,6 +21,7 @@ SLS_URL = "" SAML_SETTINGS = "" NO_AUTH = "" +DISABLE_ONCORE_AUTH = False WELCOME_EMAIL = "" API_PORT = "" API_TOKEN = ""