set authenticaton for api resources

[wolnelektury.git] / src / api / piston_patch.py

diff --git a/src/api/piston_patch.py b/src/api/piston_patch.py
index 4bf9b61..fb3987b 100644 (file)
--- a/src/api/piston_patch.py
+++ b/src/api/piston_patch.py
@@ -15,6 +15,10 @@ from piston import oauth
 from piston.authentication import initialize_server_request, INVALID_PARAMS_RESPONSE, send_oauth_error
 
 
+class HttpResponseAppRedirect(HttpResponseRedirect):
+    allowed_schemes = HttpResponseRedirect.allowed_schemes + ['wolnelekturyapp']
+
+
 class OAuthAuthenticationForm(forms.Form):
     oauth_token = forms.CharField(widget=forms.HiddenInput)
     oauth_callback = forms.CharField(widget=forms.HiddenInput)  # changed from URLField - too strict
@@ -52,6 +56,7 @@ class OAuthAuthenticationForm(forms.Form):
 
 
 # The only thing changed in the views below is the form used
+# and also the Http Redirect class
 
 
 def oauth_auth_view(request, token, callback, params):
@@ -102,7 +107,7 @@ def oauth_user_auth(request):
                 callback = getattr(settings, 'OAUTH_CALLBACK_VIEW')
                 return get_callable(callback)(request, token)
 
-            response = HttpResponseRedirect(callback + args)
+            response = HttpResponseAppRedirect(callback + args)
 
         except oauth.OAuthError, err:
             response = send_oauth_error(err)