root / api / authentication.py @ 00b4f1be
History | View | Annotate | Download (816 Bytes)
| 1 |
# vim: ts=4 sts=4 et ai sw=4 fileencoding=utf-8
|
|---|---|
| 2 |
#
|
| 3 |
# Copyright © 2010 Greek Research and Technology Network
|
| 4 |
#
|
| 5 |
|
| 6 |
from django.contrib.auth.models import User, AnonymousUser |
| 7 |
from synnefo.api.faults import fault |
| 8 |
|
| 9 |
# XXX: we need to add a Vary X-Auth-Token, somehow
|
| 10 |
# XXX: or use a standard auth middleware instead?
|
| 11 |
# but watch out for CSRF issues:
|
| 12 |
# http://andrew.io/weblog/2010/01/django-piston-and-handling-csrf-tokens/
|
| 13 |
|
| 14 |
class TokenAuthentication(object): |
| 15 |
def is_authenticated(self, request): |
| 16 |
token = request.META.get('HTTP_X_AUTH_TOKEN', None) |
| 17 |
if not token: |
| 18 |
return False |
| 19 |
|
| 20 |
# XXX: lookup token in models and set request.user
|
| 21 |
if token:
|
| 22 |
request.user = AnonymousUser() |
| 23 |
return True |
| 24 |
|
| 25 |
def challenge(self): |
| 26 |
return fault.unauthorized
|
| 27 |
|