diff --git a/k4ever/api2/authentication.py b/k4ever/api2/authentication.py index 7368fe4..2f8f75c 100644 --- a/k4ever/api2/authentication.py +++ b/k4ever/api2/authentication.py @@ -10,66 +10,60 @@ from django.contrib.auth import REDIRECT_FIELD_NAME from django.http import HttpResponse, HttpResponseRedirect from django.utils.http import urlquote -# taken and modified from -# https://bitbucket.org/yml/django-piston/src/dfb826a31ca8/piston/authentication.py class DjangoAuthentication(object): """ - Django authentication. + Authenticate against djangos own authentication backend """ - def __init__(self, login_url=None, redirect_field_name=REDIRECT_FIELD_NAME): - if not login_url: - login_url = settings.LOGIN_URL - self.login_url = login_url - self.redirect_field_name = redirect_field_name - self.request = None - + def is_authenticated(self, request): - """ - This method call the `is_authenticated` method of django - User in django.contrib.auth.models. + """ Check, if user is already authenticated. + From piston docs: `is_authenticated`: Will be called when checking for - authentication. It returns True if the user is authenticated - False otherwise. + authentication. Receives a `request` object, please + set your `User` object on `request.user`, otherwise + return False (or something that evaluates to False.) """ self.request = request return request.user.is_authenticated() - + def challenge(self): - """ + """ Redirect unauthenticated requests to login form + + From piston docs `challenge`: In cases where `is_authenticated` returns False, the result of this method will be returned. This will usually be a `HttpResponse` object with some kind of challenge headers and 401 code on it. """ - path = urlquote(self.request.get_full_path()) - tup = self.login_url, self.redirect_field_name, path - return HttpResponseRedirect('%s?%s=%s' %tup) -# taken from -# http://staer.github.com/2011/01/21/piston-multi-auth.html + loginPage = "%s?%s=%s" % ( + settings.LOGIN_URL, + REDIRECT_FIELD_NAME, + urlquote(self.request.get_full_path()), + ) + return HttpResponseRedirect(loginPage) + + class MultiAuthentication(object): - """ Authenticated Django-Piston against multiple types of authentication """ - - def __init__(self, auth_types): - """ Takes a list of authenication objects to try against, the default - authentication type to try is the first in the list. """ - self.auth_types = auth_types - self.selected_auth = auth_types[0] - - def is_authenticated(self, request): - """ Try each authentication type in order and use the first that succeeds """ - authenticated = False - for auth in self.auth_types: - authenticated = auth.is_authenticated(request) - if authenticated: - selected_auth = auth - break - return authenticated - - def challenge(self): - """ Return the challenge for whatever the selected auth type is (or the default - auth type which is the first in the list)""" - return self.selected_auth.challenge() + """ """ + def __init__(self, authenticators): + if len(authenticators) ==0: + raise ValueError("MultiAuthentication needs at least one authenticator in list") + self.authenticators = authenticators + self.currentAuthenticator = self.authenticators[0] + + def is_authenticated(self, request): + """ Try to authenticate against all given authenticators. """ + for authenticator in self.authenticators: + if authenticator.is_authenticated(request): + # success! + self.currentAuthenticator = authenticator + return True + return False + + def challenge(self): + """ Return challenge for current or default authenticator. """ + return self.currentAuthenticator.challenge() diff --git a/k4ever/api2/urls.py b/k4ever/api2/urls.py index 7ccb64f..538625a 100644 --- a/k4ever/api2/urls.py +++ b/k4ever/api2/urls.py @@ -17,15 +17,13 @@ import piston.utils piston.utils.Mimer.content_type = fix_mime(piston.utils.Mimer.content_type) class CsrfExemptResource(Resource): - """ Except a :class:`Resource` from djangos CSRF-Framework. - - This idea is taken from - http://www.robertshady.com/content/creating-very-basic-api-using-python-django-and-piston """ - + Exempt a :class:`Resource` from django's CSRF checking. + """ + def __init__(self, handler, authentication = None): - super( CsrfExemptResource, self ).__init__( handler, authentication ) - self.csrf_exempt = getattr( self.handler, 'csrf_exempt', True ) + Resource.__init__(handler, authentication) + self.csrf_exempt = getattr(self.handler, 'csrf_exempt', True) # build authenticatiooors basicAuth = HttpBasicAuthentication(realm="Freitagsrundenkassensystemapi")