From 3f68c56554fabc54f4a32965dcdd5058ce55d7e5 Mon Sep 17 00:00:00 2001
From: Jason Michalski <armooo@zulip.com>
Date: Thu, 5 Feb 2015 21:00:28 -0500
Subject: [PATCH] Disable password auth for dropbox

This change disabled password auth, but the UI still shows the login
form. I will remove that once we have the new hostname.

(imported from commit 6ca119571854ac54645680b40255e346be1c1613)
---
 zproject/backends.py | 7 +++++++
 1 file changed, 7 insertions(+)

diff --git a/zproject/backends.py b/zproject/backends.py
index e7db9fcebc..ec3b475e54 100644
--- a/zproject/backends.py
+++ b/zproject/backends.py
@@ -16,6 +16,11 @@ from oauth2client.crypt import AppIdentityError
 def password_auth_enabled(realm):
     if realm.domain == 'employees.customer16.invalid':
         return False
+    elif realm.domain == 'zulip.com' and not settings.TEST_SUITE:
+        # the dropbox realm is SSO only, but the unit tests still need to be
+        # able to login
+        return False
+
     for backend in django.contrib.auth.get_backends():
          if isinstance(backend, EmailAuthBackend):
              return True
@@ -59,6 +64,8 @@ class EmailAuthBackend(ZulipAuthMixin):
 
         try:
             user_profile = get_user_profile_by_email(username)
+            if not password_auth_enabled(user_profile.realm):
+                return None
             if user_profile.check_password(password):
                 return user_profile
         except UserProfile.DoesNotExist: