Browse Source

Rewrote parts with licensing issues

master
Sebastian Lohff 10 years ago
parent
commit
b98648db19
  1. 78
      k4ever/api2/authentication.py
  2. 12
      k4ever/api2/urls.py

78
k4ever/api2/authentication.py

@ -10,66 +10,60 @@ from django.contrib.auth import REDIRECT_FIELD_NAME @@ -10,66 +10,60 @@ from django.contrib.auth import REDIRECT_FIELD_NAME
from django.http import HttpResponse, HttpResponseRedirect
from django.utils.http import urlquote
# taken and modified from
# https://bitbucket.org/yml/django-piston/src/dfb826a31ca8/piston/authentication.py
class DjangoAuthentication(object):
"""
Django authentication.
Authenticate against djangos own authentication backend
"""
def __init__(self, login_url=None, redirect_field_name=REDIRECT_FIELD_NAME):
if not login_url:
login_url = settings.LOGIN_URL
self.login_url = login_url
self.redirect_field_name = redirect_field_name
self.request = None
def is_authenticated(self, request):
"""
This method call the `is_authenticated` method of django
User in django.contrib.auth.models.
""" Check, if user is already authenticated.
From piston docs:
`is_authenticated`: Will be called when checking for
authentication. It returns True if the user is authenticated
False otherwise.
authentication. Receives a `request` object, please
set your `User` object on `request.user`, otherwise
return False (or something that evaluates to False.)
"""
self.request = request
return request.user.is_authenticated()
def challenge(self):
"""
""" Redirect unauthenticated requests to login form
From piston docs
`challenge`: In cases where `is_authenticated` returns
False, the result of this method will be returned.
This will usually be a `HttpResponse` object with
some kind of challenge headers and 401 code on it.
"""
path = urlquote(self.request.get_full_path())
tup = self.login_url, self.redirect_field_name, path
return HttpResponseRedirect('%s?%s=%s' %tup)
# taken from
# http://staer.github.com/2011/01/21/piston-multi-auth.html
loginPage = "%s?%s=%s" % (
settings.LOGIN_URL,
REDIRECT_FIELD_NAME,
urlquote(self.request.get_full_path()),
)
return HttpResponseRedirect(loginPage)
class MultiAuthentication(object):
""" Authenticated Django-Piston against multiple types of authentication """
def __init__(self, auth_types):
""" Takes a list of authenication objects to try against, the default
authentication type to try is the first in the list. """
self.auth_types = auth_types
self.selected_auth = auth_types[0]
""" """
def __init__(self, authenticators):
if len(authenticators) ==0:
raise ValueError("MultiAuthentication needs at least one authenticator in list")
self.authenticators = authenticators
self.currentAuthenticator = self.authenticators[0]
def is_authenticated(self, request):
""" Try each authentication type in order and use the first that succeeds """
authenticated = False
for auth in self.auth_types:
authenticated = auth.is_authenticated(request)
if authenticated:
selected_auth = auth
break
return authenticated
""" Try to authenticate against all given authenticators. """
for authenticator in self.authenticators:
if authenticator.is_authenticated(request):
# success!
self.currentAuthenticator = authenticator
return True
return False
def challenge(self):
""" Return the challenge for whatever the selected auth type is (or the default
auth type which is the first in the list)"""
return self.selected_auth.challenge()
""" Return challenge for current or default authenticator. """
return self.currentAuthenticator.challenge()

12
k4ever/api2/urls.py

@ -17,15 +17,13 @@ import piston.utils @@ -17,15 +17,13 @@ import piston.utils
piston.utils.Mimer.content_type = fix_mime(piston.utils.Mimer.content_type)
class CsrfExemptResource(Resource):
""" Except a :class:`Resource` from djangos CSRF-Framework.
This idea is taken from
http://www.robertshady.com/content/creating-very-basic-api-using-python-django-and-piston
"""
Exempt a :class:`Resource` from django's CSRF checking.
"""
def __init__(self, handler, authentication = None):
super( CsrfExemptResource, self ).__init__( handler, authentication )
self.csrf_exempt = getattr( self.handler, 'csrf_exempt', True )
Resource.__init__(handler, authentication)
self.csrf_exempt = getattr(self.handler, 'csrf_exempt', True)
# build authenticatiooors
basicAuth = HttpBasicAuthentication(realm="Freitagsrundenkassensystemapi")

Loading…
Cancel
Save