[DOP-26758] Allow disabling SessionMiddleware

dolfinus · dolfinus · commit 7db01f35613e · 2025-11-13T14:03:15.000+03:00
diff --git a/data_rentgen/server/middlewares/session.py b/data_rentgen/server/middlewares/session.py
@@ -8,9 +8,11 @@
 
 def apply_session_middleware(app: FastAPI, settings: SessionSettings) -> FastAPI:
     """Add SessionMiddleware middleware to the application."""
+    if not settings.enabled:
+        return app
 
-    settings_dict = settings.model_dump(exclude={"secret_key"})
-    settings_dict["secret_key"] = settings.secret_key.get_secret_value()
+    settings_dict = settings.model_dump(exclude={"secret_key", "enabled"})
+    settings_dict["secret_key"] = settings.secret_key.get_secret_value()  # type: ignore[union-attr]
 
     app.add_middleware(SessionMiddleware, **settings_dict)
     return app
diff --git a/data_rentgen/server/settings/session.py b/data_rentgen/server/settings/session.py
@@ -4,14 +4,16 @@
 
 import textwrap
 
-from pydantic import BaseModel, ConfigDict, Field, SecretStr
+from pydantic import BaseModel, ConfigDict, Field, SecretStr, ValidationInfo, field_validator
 
 DEFAULT_MAX_AGE = 1_209_600
 
 
 class SessionSettings(BaseModel):
     """Session Middleware Settings.
 
+    Required for :ref:`keycloak-auth-provider`.
+
     See `SessionMiddleware <https://www.starlette.io/middleware/#sessionmiddleware>`_ documentation.
 
     .. note::
@@ -24,6 +26,7 @@ class SessionSettings(BaseModel):
 
     .. code-block:: bash
 
+        DATA_RENTGEN__SERVER__SESSION__ENABLED=True
         DATA_RENTGEN__SERVER__SESSION__SECRET_KEY=secret
         DATA_RENTGEN__SERVER__SESSION__SESSION_COOKIE=custom_cookie_name
         DATA_RENTGEN__SERVER__SESSION__MAX_AGE=None  # cookie will last as long as the browser session
@@ -33,7 +36,12 @@ class SessionSettings(BaseModel):
 
     """
 
-    secret_key: SecretStr = Field(
+    enabled: bool = Field(
+        default=False,
+        description="Set to ``True`` to enable SessionMiddleware",
+    )
+    secret_key: SecretStr | None = Field(
+        default=None,
         description=textwrap.dedent(
             """
             Secret key for encrypting cookies.
@@ -66,3 +74,11 @@ class SessionSettings(BaseModel):
     )
 
     model_config = ConfigDict(extra="allow")
+
+    @field_validator("secret_key")
+    @classmethod
+    def _validate_secret_key(cls, value: SecretStr | None, info: ValidationInfo) -> SecretStr | None:
+        if not value and info.data.get("enabled"):
+            msg = "secret_key is required"
+            raise ValueError(msg)
+        return value
diff --git a/docs/changelog/next_release/+.feature.rst b/docs/changelog/next_release/+.feature.rst
@@ -0,0 +1 @@
+Allow disabling ``SessionMiddleware``, as it only required by ``KeycloakAuthProvider``.

Original file line number	Diff line number	Diff line change
`@@ -0,0 +1 @@`
	`1`	+Allow disabling ``SessionMiddleware``, as it only required by ``KeycloakAuthProvider``.