middleware for the synchronization of the django session and the ASTAKOS_COOKIE

if ASTAKOS_COOKIE is set and the request user is not authenticated (sessionid cookie has expired or deleted), authenticate and login the user

Refs: #2291

diff --git a/snf-astakos-app/astakos/im/middleware.py b/snf-astakos-app/astakos/im/middleware.py
new file mode 100644 (file)
index 0000000..2a801f8
--- /dev/null
+++ b/snf-astakos-app/astakos/im/middleware.py
@@ -0,0 +1,58 @@
+# Copyright 2011 GRNET S.A. All rights reserved.
+#
+# Redistribution and use in source and binary forms, with or
+# without modification, are permitted provided that the following
+# conditions are met:
+#
+#   1. Redistributions of source code must retain the above
+#      copyright notice, this list of conditions and the following
+#      disclaimer.
+#
+#   2. Redistributions in binary form must reproduce the above
+#      copyright notice, this list of conditions and the following
+#      disclaimer in the documentation and/or other materials
+#      provided with the distribution.
+#
+# THIS SOFTWARE IS PROVIDED BY GRNET S.A. ``AS IS'' AND ANY EXPRESS
+# OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
+# WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+# PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL GRNET S.A OR
+# CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+# LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF
+# USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED
+# AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+# LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN
+# ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
+# POSSIBILITY OF SUCH DAMAGE.
+#
+# The views and conclusions contained in the software and
+# documentation are those of the authors and should not be
+# interpreted as representing official policies, either expressed
+# or implied, of GRNET S.A.
+
+from urllib import unquote
+from django.contrib.auth import authenticate, login
+
+from astakos.im.settings import COOKIE_NAME
+from astakos.im.models import AstakosUser
+
+class CookieAuthenticationMiddleware(object):
+    def process_request(self, request):
+        assert hasattr(request, 'session'), "The Django authentication middleware requires session middleware to be installed. Edit your MIDDLEWARE_CLASSES setting to insert 'django.contrib.sessions.middleware.SessionMiddleware'."
+        if request.user.is_authenticated():
+            return None
+        
+        cookie = unquote(request.COOKIES.get(COOKIE_NAME, ''))
+        email, sep, auth_token = cookie.partition('|')
+        if not sep:
+            return None
+        
+        try:
+            user = authenticate(email=email, auth_token=auth_token)
+            if user:
+                request.user = user
+            login(request, user)
+        except:
+            pass
+        return None
\ No newline at end of file

diff --git a/snf-astakos-app/astakos/im/synnefo_settings.py b/snf-astakos-app/astakos/im/synnefo_settings.py
index afd1545..d698567 100644 (file)
--- a/snf-astakos-app/astakos/im/synnefo_settings.py
+++ b/snf-astakos-app/astakos/im/synnefo_settings.py
@@ -60,6 +60,7 @@ context_processors = [
 
 middlware_classes = [
     'django.contrib.auth.middleware.AuthenticationMiddleware',
+    'astakos.im.middleware.CookieAuthenticationMiddleware',
     'synnefo.lib.middleware.LoggingConfigMiddleware',
     'synnefo.lib.middleware.SecureMiddleware'
 ]