From ce2a2ef0cd5bcc34ac3f97996d272271dd870e33 Mon Sep 17 00:00:00 2001 From: Antony Chazapis Date: Fri, 16 Mar 2012 14:24:51 +0200 Subject: [PATCH] Use cookie to get token when retrieving objects. --- snf-pithos-app/pithos/api/functions.py | 10 ++++++++-- snf-pithos-app/pithos/api/settings.py | 2 ++ 2 files changed, 10 insertions(+), 2 deletions(-) diff --git a/snf-pithos-app/pithos/api/functions.py b/snf-pithos-app/pithos/api/functions.py index c61d72c..3476e57 100644 --- a/snf-pithos-app/pithos/api/functions.py +++ b/snf-pithos-app/pithos/api/functions.py @@ -51,7 +51,7 @@ from pithos.api.util import (json_encode_decimal, rename_meta_key, format_header validate_modification_preconditions, validate_matching_preconditions, split_container_object_string, copy_or_move_object, get_int_parameter, get_content_length, get_content_range, socket_read_iterator, SaveToBackendHandler, object_data_response, put_object_block, hashmap_md5, simple_list_response, api_method) -from pithos.api.settings import AUTHENTICATION_URL, AUTHENTICATION_USERS +from pithos.api.settings import AUTHENTICATION_URL, AUTHENTICATION_USERS, COOKIE_NAME from pithos.backends.base import NotAllowedError, QuotaError from pithos.backends.filter import parse_filters @@ -103,7 +103,13 @@ def container_demux(request, v_account, v_container): @csrf_exempt def object_demux(request, v_account, v_container, v_object): - get_user(request, AUTHENTICATION_URL, AUTHENTICATION_USERS) + # Helper to avoid placing the token in the URL when loading objects from a browser. + token = None + if request.method in ('HEAD', 'GET') and COOKIE_NAME in request.COOKIES: + cookie_value = unquote(request.COOKIES.get('COOKIE_NAME', '')) + if cookie_value and '|' in cookie_value: + token = cookie_value.split('|', 1)[1] + get_user(request, AUTHENTICATION_URL, AUTHENTICATION_USERS, token) if request.method == 'HEAD': return object_meta(request, v_account, v_container, v_object) elif request.method == 'GET': diff --git a/snf-pithos-app/pithos/api/settings.py b/snf-pithos-app/pithos/api/settings.py index d1baab5..1558bfb 100644 --- a/snf-pithos-app/pithos/api/settings.py +++ b/snf-pithos-app/pithos/api/settings.py @@ -18,6 +18,8 @@ sample_users = { AUTHENTICATION_URL = getattr(settings, 'PITHOS_AUTHENTICATION_URL', 'http://127.0.0.1:8000/im/authenticate') AUTHENTICATION_USERS = getattr(settings, 'PITHOS_AUTHENTICATION_USERS', sample_users) +COOKIE_NAME = getattr(settings, 'ASTAKOS_COOKIE_NAME', '_pithos2_a') + # SQLAlchemy (choose SQLite/MySQL/PostgreSQL). BACKEND_DB_MODULE = getattr(settings, 'PITHOS_BACKEND_DB_MODULE', 'pithos.backends.lib.sqlalchemy') BACKEND_DB_CONNECTION = getattr(settings, 'PITHOS_BACKEND_DB_CONNECTION', 'sqlite:////tmp/pithos-backend.db') -- 1.7.10.4