Rewrote parts with licensing issues

This commit is contained in:
Sebastian Lohff 2012-05-26 17:55:46 +02:00
parent 06ce64172e
commit b98648db19
2 changed files with 43 additions and 51 deletions

View File

@ -10,66 +10,60 @@ from django.contrib.auth import REDIRECT_FIELD_NAME
from django.http import HttpResponse, HttpResponseRedirect from django.http import HttpResponse, HttpResponseRedirect
from django.utils.http import urlquote from django.utils.http import urlquote
# taken and modified from
# https://bitbucket.org/yml/django-piston/src/dfb826a31ca8/piston/authentication.py
class DjangoAuthentication(object): class DjangoAuthentication(object):
""" """
Django authentication. Authenticate against djangos own authentication backend
""" """
def __init__(self, login_url=None, redirect_field_name=REDIRECT_FIELD_NAME):
if not login_url:
login_url = settings.LOGIN_URL
self.login_url = login_url
self.redirect_field_name = redirect_field_name
self.request = None
def is_authenticated(self, request): def is_authenticated(self, request):
""" """ Check, if user is already authenticated.
This method call the `is_authenticated` method of django
User in django.contrib.auth.models.
From piston docs:
`is_authenticated`: Will be called when checking for `is_authenticated`: Will be called when checking for
authentication. It returns True if the user is authenticated authentication. Receives a `request` object, please
False otherwise. set your `User` object on `request.user`, otherwise
return False (or something that evaluates to False.)
""" """
self.request = request self.request = request
return request.user.is_authenticated() return request.user.is_authenticated()
def challenge(self): def challenge(self):
""" """ Redirect unauthenticated requests to login form
From piston docs
`challenge`: In cases where `is_authenticated` returns `challenge`: In cases where `is_authenticated` returns
False, the result of this method will be returned. False, the result of this method will be returned.
This will usually be a `HttpResponse` object with This will usually be a `HttpResponse` object with
some kind of challenge headers and 401 code on it. some kind of challenge headers and 401 code on it.
""" """
path = urlquote(self.request.get_full_path())
tup = self.login_url, self.redirect_field_name, path
return HttpResponseRedirect('%s?%s=%s' %tup)
# taken from loginPage = "%s?%s=%s" % (
# http://staer.github.com/2011/01/21/piston-multi-auth.html settings.LOGIN_URL,
REDIRECT_FIELD_NAME,
urlquote(self.request.get_full_path()),
)
return HttpResponseRedirect(loginPage)
class MultiAuthentication(object): class MultiAuthentication(object):
""" Authenticated Django-Piston against multiple types of authentication """ """ """
def __init__(self, authenticators):
def __init__(self, auth_types): if len(authenticators) ==0:
""" Takes a list of authenication objects to try against, the default raise ValueError("MultiAuthentication needs at least one authenticator in list")
authentication type to try is the first in the list. """ self.authenticators = authenticators
self.auth_types = auth_types self.currentAuthenticator = self.authenticators[0]
self.selected_auth = auth_types[0]
def is_authenticated(self, request): def is_authenticated(self, request):
""" Try each authentication type in order and use the first that succeeds """ """ Try to authenticate against all given authenticators. """
authenticated = False for authenticator in self.authenticators:
for auth in self.auth_types: if authenticator.is_authenticated(request):
authenticated = auth.is_authenticated(request) # success!
if authenticated: self.currentAuthenticator = authenticator
selected_auth = auth return True
break return False
return authenticated
def challenge(self): def challenge(self):
""" Return the challenge for whatever the selected auth type is (or the default """ Return challenge for current or default authenticator. """
auth type which is the first in the list)""" return self.currentAuthenticator.challenge()
return self.selected_auth.challenge()

View File

@ -17,14 +17,12 @@ import piston.utils
piston.utils.Mimer.content_type = fix_mime(piston.utils.Mimer.content_type) piston.utils.Mimer.content_type = fix_mime(piston.utils.Mimer.content_type)
class CsrfExemptResource(Resource): class CsrfExemptResource(Resource):
""" Except a :class:`Resource` from djangos CSRF-Framework. """
Exempt a :class:`Resource` from django's CSRF checking.
This idea is taken from
http://www.robertshady.com/content/creating-very-basic-api-using-python-django-and-piston
""" """
def __init__(self, handler, authentication = None): def __init__(self, handler, authentication = None):
super( CsrfExemptResource, self ).__init__( handler, authentication ) Resource.__init__(handler, authentication)
self.csrf_exempt = getattr(self.handler, 'csrf_exempt', True) self.csrf_exempt = getattr(self.handler, 'csrf_exempt', True)
# build authenticatiooors # build authenticatiooors