Add a dummy authentication middleware

The username - token mapping is stored statically in settings.py

You will need to update your settings.py after this commit.

diff --git a/pithos/api/auth.py b/pithos/api/auth.py
new file mode 100644 (file)
index 0000000..cffb57e
--- /dev/null
+++ b/pithos/api/auth.py
@@ -0,0 +1,40 @@
+# Copyright 2011 GRNET S.A. All rights reserved.
+# 
+# Redistribution and use in source and binary forms, with or
+# without modification, are permitted provided that the following
+# conditions are met:
+# 
+#   1. Redistributions of source code must retain the above
+#      copyright notice, this list of conditions and the following
+#      disclaimer.
+# 
+#   2. Redistributions in binary form must reproduce the above
+#      copyright notice, this list of conditions and the following
+#      disclaimer in the documentation and/or other materials
+#      provided with the distribution.
+# 
+# THIS SOFTWARE IS PROVIDED BY GRNET S.A. ``AS IS'' AND ANY EXPRESS
+# OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
+# WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+# PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL GRNET S.A OR
+# CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+# LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF
+# USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED
+# AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+# LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN
+# ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
+# POSSIBILITY OF SUCH DAMAGE.
+# 
+# The views and conclusions contained in the software and
+# documentation are those of the authors and should not be
+# interpreted as representing official policies, either expressed
+# or implied, of GRNET S.A.
+
+from django.conf import settings
+
+
+class DummyAuthMiddleware(object):
+    def process_request(self, request):
+        token = request.META.get('HTTP_X_AUTH_TOKEN', None)
+        request.user = settings.AUTH_TOKENS.get(token, None)

diff --git a/pithos/api/util.py b/pithos/api/util.py
index c60d09b..ef6f2b9 100644 (file)
--- a/pithos/api/util.py
+++ b/pithos/api/util.py
@@ -669,8 +669,6 @@ def api_method(http_method=None, format_allowed=False):
                 
                 # Fill in custom request variables.
                 request.serialization = request_serialization(request, format_allowed)
-                # TODO: Authenticate.
-                request.user = "test"
                 
                 response = func(request, *args, **kwargs)
                 update_response_headers(request, response)

diff --git a/pithos/settings.py.dist b/pithos/settings.py.dist
index 6ea557e..4c56988 100644 (file)
--- a/pithos/settings.py.dist
+++ b/pithos/settings.py.dist
@@ -123,7 +123,8 @@ MIDDLEWARE_CLASSES = (
 #    'django.middleware.csrf.CsrfViewMiddleware',
     'django.contrib.auth.middleware.AuthenticationMiddleware',
     'django.contrib.messages.middleware.MessageMiddleware',
-    'pithos.middleware.LoggingConfigMiddleware'
+    'pithos.middleware.LoggingConfigMiddleware',
+    'pithos.api.auth.DummyAuthMiddleware'
 )
 
 ROOT_URLCONF = 'pithos.urls'
@@ -145,3 +146,13 @@ INSTALLED_APPS = (
     'api',
        'public'
 )
+
+AUTH_TOKENS = {
+    '0000': 'test',
+    '0001': 'verigak',
+    '0002': 'chazapis',
+    '0003': 'gtsouk',
+    '0004': 'papagian',
+    '0005': 'louridas',
+    '0006': 'chstath',
+    '0007': 'pkanavos'}