root / pithos / middleware / auth.py @ de793207
History | View | Annotate | Download (3.5 kB)
1 | aa4fac11 | Giorgos Verigakis | # Copyright 2011 GRNET S.A. All rights reserved.
|
---|---|---|---|
2 | aa4fac11 | Giorgos Verigakis | #
|
3 | aa4fac11 | Giorgos Verigakis | # Redistribution and use in source and binary forms, with or
|
4 | aa4fac11 | Giorgos Verigakis | # without modification, are permitted provided that the following
|
5 | aa4fac11 | Giorgos Verigakis | # conditions are met:
|
6 | aa4fac11 | Giorgos Verigakis | #
|
7 | aa4fac11 | Giorgos Verigakis | # 1. Redistributions of source code must retain the above
|
8 | aa4fac11 | Giorgos Verigakis | # copyright notice, this list of conditions and the following
|
9 | aa4fac11 | Giorgos Verigakis | # disclaimer.
|
10 | aa4fac11 | Giorgos Verigakis | #
|
11 | aa4fac11 | Giorgos Verigakis | # 2. Redistributions in binary form must reproduce the above
|
12 | aa4fac11 | Giorgos Verigakis | # copyright notice, this list of conditions and the following
|
13 | aa4fac11 | Giorgos Verigakis | # disclaimer in the documentation and/or other materials
|
14 | aa4fac11 | Giorgos Verigakis | # provided with the distribution.
|
15 | aa4fac11 | Giorgos Verigakis | #
|
16 | aa4fac11 | Giorgos Verigakis | # THIS SOFTWARE IS PROVIDED BY GRNET S.A. ``AS IS'' AND ANY EXPRESS
|
17 | aa4fac11 | Giorgos Verigakis | # OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
|
18 | aa4fac11 | Giorgos Verigakis | # WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
|
19 | aa4fac11 | Giorgos Verigakis | # PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL GRNET S.A OR
|
20 | aa4fac11 | Giorgos Verigakis | # CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
|
21 | aa4fac11 | Giorgos Verigakis | # SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
|
22 | aa4fac11 | Giorgos Verigakis | # LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF
|
23 | aa4fac11 | Giorgos Verigakis | # USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED
|
24 | aa4fac11 | Giorgos Verigakis | # AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
|
25 | aa4fac11 | Giorgos Verigakis | # LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN
|
26 | aa4fac11 | Giorgos Verigakis | # ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
|
27 | aa4fac11 | Giorgos Verigakis | # POSSIBILITY OF SUCH DAMAGE.
|
28 | aa4fac11 | Giorgos Verigakis | #
|
29 | aa4fac11 | Giorgos Verigakis | # The views and conclusions contained in the software and
|
30 | aa4fac11 | Giorgos Verigakis | # documentation are those of the authors and should not be
|
31 | aa4fac11 | Giorgos Verigakis | # interpreted as representing official policies, either expressed
|
32 | aa4fac11 | Giorgos Verigakis | # or implied, of GRNET S.A.
|
33 | aa4fac11 | Giorgos Verigakis | |
34 | d7d60147 | Antony Chazapis | from time import time, mktime |
35 | d26b7794 | Antony Chazapis | from urllib import quote, unquote |
36 | d7d60147 | Antony Chazapis | |
37 | 7e392d16 | Antony Chazapis | from pithos.im.models import User |
38 | d7d60147 | Antony Chazapis | |
39 | aa4fac11 | Giorgos Verigakis | |
40 | 5415afea | Giorgos Verigakis | def get_user_from_token(token): |
41 | 5415afea | Giorgos Verigakis | try:
|
42 | 5415afea | Giorgos Verigakis | return User.objects.get(auth_token=token)
|
43 | 5415afea | Giorgos Verigakis | except User.DoesNotExist:
|
44 | 5415afea | Giorgos Verigakis | return None |
45 | 5415afea | Giorgos Verigakis | |
46 | 5415afea | Giorgos Verigakis | |
47 | d7d60147 | Antony Chazapis | class AuthMiddleware(object): |
48 | aa4fac11 | Giorgos Verigakis | def process_request(self, request): |
49 | d7d60147 | Antony Chazapis | request.user = None
|
50 | 61efb530 | Antony Chazapis | request.user_uniq = None
|
51 | d7d60147 | Antony Chazapis | |
52 | b494c889 | Antony Chazapis | # Try to find token in a parameter, in a request header, or in a cookie.
|
53 | 5415afea | Giorgos Verigakis | user = get_user_from_token(request.GET.get('X-Auth-Token'))
|
54 | 5415afea | Giorgos Verigakis | if not user: |
55 | 5415afea | Giorgos Verigakis | user = get_user_from_token(request.META.get('HTTP_X_AUTH_TOKEN'))
|
56 | 5415afea | Giorgos Verigakis | if not user: |
57 | 5415afea | Giorgos Verigakis | # Back from an im login target.
|
58 | 552ea518 | Antony Chazapis | if request.GET.get('user', None): |
59 | 552ea518 | Antony Chazapis | token = request.GET.get('token', None) |
60 | 552ea518 | Antony Chazapis | if token:
|
61 | 552ea518 | Antony Chazapis | request.set_auth_cookie = True
|
62 | 5415afea | Giorgos Verigakis | user = get_user_from_token(token) |
63 | b494c889 | Antony Chazapis | if not user: |
64 | d26b7794 | Antony Chazapis | cookie_value = unquote(request.COOKIES.get('_pithos2_a', '')) |
65 | 603284d4 | Antony Chazapis | if cookie_value and '|' in cookie_value: |
66 | 603284d4 | Antony Chazapis | token = cookie_value.split('|', 1)[1] |
67 | 603284d4 | Antony Chazapis | user = get_user_from_token(token) |
68 | 5415afea | Giorgos Verigakis | if not user: |
69 | d7d60147 | Antony Chazapis | return
|
70 | d7d60147 | Antony Chazapis | |
71 | 6febeb41 | Antony Chazapis | # Check if the is active.
|
72 | 6febeb41 | Antony Chazapis | if user.state != 'ACTIVE': |
73 | 6febeb41 | Antony Chazapis | return
|
74 | 6febeb41 | Antony Chazapis | |
75 | d7d60147 | Antony Chazapis | # Check if the token has expired.
|
76 | d7d60147 | Antony Chazapis | if (time() - mktime(user.auth_token_expires.timetuple())) > 0: |
77 | d7d60147 | Antony Chazapis | return
|
78 | 72c3ba3f | Antony Chazapis | |
79 | 61efb530 | Antony Chazapis | request.user = user |
80 | 61efb530 | Antony Chazapis | request.user_uniq = user.uniq |
81 | b494c889 | Antony Chazapis | |
82 | 552ea518 | Antony Chazapis | def process_response(self, request, response): |
83 | 61efb530 | Antony Chazapis | if getattr(request, 'user', None) and getattr(request, 'set_auth_cookie', False): |
84 | 61efb530 | Antony Chazapis | expire_fmt = request.user.auth_token_expires.strftime('%a, %d-%b-%Y %H:%M:%S %Z')
|
85 | d26b7794 | Antony Chazapis | cookie_value = quote(request.user.uniq + '|' + request.user.auth_token)
|
86 | 603284d4 | Antony Chazapis | response.set_cookie('_pithos2_a', value=cookie_value, expires=expire_fmt, path='/') |
87 | 552ea518 | Antony Chazapis | return response |