# or implied, of GRNET S.A.
from xml.dom import minidom
+from urllib import unquote
from django.conf import settings
from django.http import HttpResponse
from django.utils.encoding import smart_str
from django.views.decorators.csrf import csrf_exempt
-from pithos.lib.user import get_user
-from pithos.lib.filter import parse_filters
+from synnefo.lib.astakos import get_user
from pithos.api.faults import (Fault, NotModified, BadRequest, Unauthorized, Forbidden, ItemNotFound, Conflict,
LengthRequired, PreconditionFailed, RequestEntityTooLarge, RangeNotSatisfiable, UnprocessableEntity)
validate_modification_preconditions, validate_matching_preconditions, split_container_object_string,
copy_or_move_object, get_int_parameter, get_content_length, get_content_range, socket_read_iterator,
SaveToBackendHandler, object_data_response, put_object_block, hashmap_md5, simple_list_response, api_method)
+from pithos.api.settings import AUTHENTICATION_URL, AUTHENTICATION_USERS, COOKIE_NAME
+
from pithos.backends.base import NotAllowedError, QuotaError
-from pithos.api.settings import AUTHENTICATION_URL, AUTHENTICATION_USERS
+from pithos.backends.filter import parse_filters
import logging
import hashlib
@csrf_exempt
def object_demux(request, v_account, v_container, v_object):
- get_user(request, AUTHENTICATION_URL, AUTHENTICATION_USERS)
+ # Helper to avoid placing the token in the URL when loading objects from a browser.
+ token = None
+ if request.method in ('HEAD', 'GET') and COOKIE_NAME in request.COOKIES:
+ cookie_value = unquote(request.COOKIES.get(COOKIE_NAME, ''))
+ if cookie_value and '|' in cookie_value:
+ token = cookie_value.split('|', 1)[1]
+ get_user(request, AUTHENTICATION_URL, AUTHENTICATION_USERS, token)
if request.method == 'HEAD':
return object_meta(request, v_account, v_container, v_object)
elif request.method == 'GET':