From 571d33e660680951921861bf7459a33119d4866e Mon Sep 17 00:00:00 2001
From: Austin de Coup-Crank <94914780+decoupca@users.noreply.github.com>
Date: Tue, 28 Mar 2023 07:44:24 -0500
Subject: [PATCH] Fixes #11977: Multiple remote authentication backends
 (#12012)

* Add suppport for REMOTE_AUTH_BACKEND as iterable

* Closes #11977: Support for multiple auth backends

* Tweak list casting

---------

Co-authored-by: jeremystretch <jstretch@netboxlabs.com>
---
 docs/configuration/remote-authentication.md | 2 +-
 netbox/netbox/settings.py                   | 4 +++-
 2 files changed, 4 insertions(+), 2 deletions(-)

diff --git a/docs/configuration/remote-authentication.md b/docs/configuration/remote-authentication.md
index 07adf5c6a..1fda8d0d3 100644
--- a/docs/configuration/remote-authentication.md
+++ b/docs/configuration/remote-authentication.md
@@ -16,7 +16,7 @@ If true, NetBox will automatically create local accounts for users authenticated
 
 Default: `'netbox.authentication.RemoteUserBackend'`
 
-This is the Python path to the custom [Django authentication backend](https://docs.djangoproject.com/en/stable/topics/auth/customizing/) to use for external user authentication. NetBox provides two built-in backends (listed below), though custom authentication backends may also be provided by other packages or plugins.
+This is the Python path to the custom [Django authentication backend](https://docs.djangoproject.com/en/stable/topics/auth/customizing/) to use for external user authentication. NetBox provides two built-in backends (listed below), though custom authentication backends may also be provided by other packages or plugins. Provide a string for a single backend, or an iterable for multiple backends, which will be attempted in the order given.
 
 * `netbox.authentication.RemoteUserBackend`
 * `netbox.authentication.LDAPBackend`
diff --git a/netbox/netbox/settings.py b/netbox/netbox/settings.py
index 45fe32841..cf2b06a8b 100644
--- a/netbox/netbox/settings.py
+++ b/netbox/netbox/settings.py
@@ -396,8 +396,10 @@ TEMPLATES = [
 ]
 
 # Set up authentication backends
+if type(REMOTE_AUTH_BACKEND) not in (list, tuple):
+    REMOTE_AUTH_BACKEND = [REMOTE_AUTH_BACKEND]
 AUTHENTICATION_BACKENDS = [
-    REMOTE_AUTH_BACKEND,
+    *REMOTE_AUTH_BACKEND,
     'netbox.authentication.ObjectPermissionBackend',
 ]