# This file is part of k4ever, a point-of-sale system # Contact............ # Website............ http://k4ever.someserver.de/ # Bug tracker........ http://k4ever.someserver.de/report # # Licensed under GNU Affero General Public License v3 or later from django.conf import settings from django.contrib.auth import REDIRECT_FIELD_NAME from django.http import HttpResponse, HttpResponseRedirect from django.utils.http import urlquote class DjangoAuthentication(object): """ Authenticate against djangos own authentication backend """ def is_authenticated(self, request): """ Check, if user is already authenticated. From piston docs: `is_authenticated`: Will be called when checking for authentication. Receives a `request` object, please set your `User` object on `request.user`, otherwise return False (or something that evaluates to False.) """ self.request = request return request.user.is_authenticated() def challenge(self): """ Redirect unauthenticated requests to login form From piston docs `challenge`: In cases where `is_authenticated` returns False, the result of this method will be returned. This will usually be a `HttpResponse` object with some kind of challenge headers and 401 code on it. """ loginPage = "%s?%s=%s" % ( settings.LOGIN_URL, REDIRECT_FIELD_NAME, urlquote(self.request.get_full_path()), ) return HttpResponseRedirect(loginPage) class MultiAuthentication(object): """ """ def __init__(self, authenticators): if len(authenticators) ==0: raise ValueError("MultiAuthentication needs at least one authenticator in list") self.authenticators = authenticators self.currentAuthenticator = self.authenticators[0] def is_authenticated(self, request): """ Try to authenticate against all given authenticators. """ for authenticator in self.authenticators: if authenticator.is_authenticated(request): # success! self.currentAuthenticator = authenticator return True return False def challenge(self): """ Return challenge for current or default authenticator. """ return self.currentAuthenticator.challenge()