|
|
|
@ -10,66 +10,60 @@ from django.contrib.auth import REDIRECT_FIELD_NAME
|
|
|
|
from django.http import HttpResponse, HttpResponseRedirect
|
|
|
|
from django.http import HttpResponse, HttpResponseRedirect
|
|
|
|
from django.utils.http import urlquote
|
|
|
|
from django.utils.http import urlquote
|
|
|
|
|
|
|
|
|
|
|
|
# taken and modified from
|
|
|
|
|
|
|
|
# https://bitbucket.org/yml/django-piston/src/dfb826a31ca8/piston/authentication.py
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
class DjangoAuthentication(object):
|
|
|
|
class DjangoAuthentication(object):
|
|
|
|
"""
|
|
|
|
"""
|
|
|
|
Django authentication.
|
|
|
|
Authenticate against djangos own authentication backend
|
|
|
|
"""
|
|
|
|
"""
|
|
|
|
def __init__(self, login_url=None, redirect_field_name=REDIRECT_FIELD_NAME):
|
|
|
|
|
|
|
|
if not login_url:
|
|
|
|
|
|
|
|
login_url = settings.LOGIN_URL
|
|
|
|
|
|
|
|
self.login_url = login_url
|
|
|
|
|
|
|
|
self.redirect_field_name = redirect_field_name
|
|
|
|
|
|
|
|
self.request = None
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
def is_authenticated(self, request):
|
|
|
|
def is_authenticated(self, request):
|
|
|
|
"""
|
|
|
|
""" Check, if user is already authenticated.
|
|
|
|
This method call the `is_authenticated` method of django
|
|
|
|
|
|
|
|
User in django.contrib.auth.models.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
From piston docs:
|
|
|
|
`is_authenticated`: Will be called when checking for
|
|
|
|
`is_authenticated`: Will be called when checking for
|
|
|
|
authentication. It returns True if the user is authenticated
|
|
|
|
authentication. Receives a `request` object, please
|
|
|
|
False otherwise.
|
|
|
|
set your `User` object on `request.user`, otherwise
|
|
|
|
|
|
|
|
return False (or something that evaluates to False.)
|
|
|
|
"""
|
|
|
|
"""
|
|
|
|
self.request = request
|
|
|
|
self.request = request
|
|
|
|
return request.user.is_authenticated()
|
|
|
|
return request.user.is_authenticated()
|
|
|
|
|
|
|
|
|
|
|
|
def challenge(self):
|
|
|
|
def challenge(self):
|
|
|
|
"""
|
|
|
|
""" Redirect unauthenticated requests to login form
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
From piston docs
|
|
|
|
`challenge`: In cases where `is_authenticated` returns
|
|
|
|
`challenge`: In cases where `is_authenticated` returns
|
|
|
|
False, the result of this method will be returned.
|
|
|
|
False, the result of this method will be returned.
|
|
|
|
This will usually be a `HttpResponse` object with
|
|
|
|
This will usually be a `HttpResponse` object with
|
|
|
|
some kind of challenge headers and 401 code on it.
|
|
|
|
some kind of challenge headers and 401 code on it.
|
|
|
|
"""
|
|
|
|
"""
|
|
|
|
path = urlquote(self.request.get_full_path())
|
|
|
|
|
|
|
|
tup = self.login_url, self.redirect_field_name, path
|
|
|
|
|
|
|
|
return HttpResponseRedirect('%s?%s=%s' %tup)
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
# taken from
|
|
|
|
loginPage = "%s?%s=%s" % (
|
|
|
|
# http://staer.github.com/2011/01/21/piston-multi-auth.html
|
|
|
|
settings.LOGIN_URL,
|
|
|
|
|
|
|
|
REDIRECT_FIELD_NAME,
|
|
|
|
|
|
|
|
urlquote(self.request.get_full_path()),
|
|
|
|
|
|
|
|
)
|
|
|
|
|
|
|
|
return HttpResponseRedirect(loginPage)
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
class MultiAuthentication(object):
|
|
|
|
class MultiAuthentication(object):
|
|
|
|
""" Authenticated Django-Piston against multiple types of authentication """
|
|
|
|
""" """
|
|
|
|
|
|
|
|
def __init__(self, authenticators):
|
|
|
|
def __init__(self, auth_types):
|
|
|
|
if len(authenticators) ==0:
|
|
|
|
""" Takes a list of authenication objects to try against, the default
|
|
|
|
raise ValueError("MultiAuthentication needs at least one authenticator in list")
|
|
|
|
authentication type to try is the first in the list. """
|
|
|
|
self.authenticators = authenticators
|
|
|
|
self.auth_types = auth_types
|
|
|
|
self.currentAuthenticator = self.authenticators[0]
|
|
|
|
self.selected_auth = auth_types[0]
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
def is_authenticated(self, request):
|
|
|
|
def is_authenticated(self, request):
|
|
|
|
""" Try each authentication type in order and use the first that succeeds """
|
|
|
|
""" Try to authenticate against all given authenticators. """
|
|
|
|
authenticated = False
|
|
|
|
for authenticator in self.authenticators:
|
|
|
|
for auth in self.auth_types:
|
|
|
|
if authenticator.is_authenticated(request):
|
|
|
|
authenticated = auth.is_authenticated(request)
|
|
|
|
# success!
|
|
|
|
if authenticated:
|
|
|
|
self.currentAuthenticator = authenticator
|
|
|
|
selected_auth = auth
|
|
|
|
return True
|
|
|
|
break
|
|
|
|
return False
|
|
|
|
return authenticated
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
def challenge(self):
|
|
|
|
def challenge(self):
|
|
|
|
""" Return the challenge for whatever the selected auth type is (or the default
|
|
|
|
""" Return challenge for current or default authenticator. """
|
|
|
|
auth type which is the first in the list)"""
|
|
|
|
return self.currentAuthenticator.challenge()
|
|
|
|
return self.selected_auth.challenge()
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
