+++ /dev/null
-#############################################################################
-# from http://djangosnippets.org/snippets/243/
-
-from functools import wraps
-import base64
-
-from django.http import HttpResponse
-from django.contrib.auth import authenticate, login
-
-#
-def view_or_basicauth(view, request, test_func, realm = "", *args, **kwargs):
- """
- This is a helper function used by 'logged_in_or_basicauth' and
- 'has_perm_or_basicauth' (deleted) that does the nitty of determining if they
- are already logged in or if they have provided proper http-authorization
- and returning the view if all goes well, otherwise responding with a 401.
- """
- if test_func(request.user):
- # Already logged in, just return the view.
- #
- return view(request, *args, **kwargs)
-
- # They are not logged in. See if they provided login credentials
- #
- if 'HTTP_AUTHORIZATION' in request.META:
- auth = request.META['HTTP_AUTHORIZATION'].split()
- if len(auth) == 2:
- # NOTE: We are only support basic authentication for now.
- #
- if auth[0].lower() == "basic":
- uname, passwd = base64.b64decode(auth[1]).split(':')
- user = authenticate(username=uname, password=passwd)
- if user is not None:
- if user.is_active:
- login(request, user)
- request.user = user
- return view(request, *args, **kwargs)
-
- # Either they did not provide an authorization header or
- # something in the authorization attempt failed. Send a 401
- # back to them to ask them to authenticate.
- #
- response = HttpResponse()
- response.status_code = 401
- response['WWW-Authenticate'] = 'Basic realm="%s"' % realm
- return response
-
-
-#
-def logged_in_or_basicauth(realm = ""):
- """
- A simple decorator that requires a user to be logged in. If they are not
- logged in the request is examined for a 'authorization' header.
-
- If the header is present it is tested for basic authentication and
- the user is logged in with the provided credentials.
-
- If the header is not present a http 401 is sent back to the
- requestor to provide credentials.
-
- The purpose of this is that in several django projects I have needed
- several specific views that need to support basic authentication, yet the
- web site as a whole used django's provided authentication.
-
- The uses for this are for urls that are access programmatically such as
- by rss feed readers, yet the view requires a user to be logged in. Many rss
- readers support supplying the authentication credentials via http basic
- auth (and they do NOT support a redirect to a form where they post a
- username/password.)
-
- Use is simple:
-
- @logged_in_or_basicauth
- def your_view:
- ...
-
- You can provide the name of the realm to ask for authentication within.
- """
- def view_decorator(func):
- def wrapper(request, *args, **kwargs):
- return view_or_basicauth(func, request,
- lambda u: u.is_authenticated(),
- realm, *args, **kwargs)
- return wrapper
- return view_decorator
-
-
-#############################################################################
-
-
-def factory_decorator(decorator):
- """ generates a decorator for a function factory class
- if A(*) == f, factory_decorator(D)(A)(*) == D(f)
- """
- def fac_dec(func):
- @wraps(func)
- def wrapper(*args, **kwargs):
- return decorator(func(*args, **kwargs))
- return wrapper
- return fac_dec
fnp / wolnelektury.git / blobdiff