root / api / middleware.py @ 44193110
History | View | Annotate | Download (1.4 kB)
1 | ef39e7ee | Georgios Gousios | from django.conf import settings |
---|---|---|---|
2 | ef39e7ee | Georgios Gousios | from django.http import HttpResponse, HttpResponseRedirect |
3 | 89f86fd3 | Georgios Gousios | from synnefo.api.errors import Unauthorized |
4 | 89f86fd3 | Georgios Gousios | from synnefo.db.models import SynnefoUser |
5 | 89f86fd3 | Georgios Gousios | |
6 | 89f86fd3 | Georgios Gousios | class SynnefoAuthMiddleware(object): |
7 | 89f86fd3 | Georgios Gousios | |
8 | 89f86fd3 | Georgios Gousios | auth_token = "X-Auth-Token"
|
9 | 89f86fd3 | Georgios Gousios | auth_user = "X-Auth-User"
|
10 | 89f86fd3 | Georgios Gousios | auth_key = "X-Auth-Key"
|
11 | 89f86fd3 | Georgios Gousios | |
12 | 89f86fd3 | Georgios Gousios | def process_request(self, request): |
13 | ef39e7ee | Georgios Gousios | |
14 | 89f86fd3 | Georgios Gousios | if self.auth_token in request.META: |
15 | ef39e7ee | Georgios Gousios | #Retrieve user from DB or other caching mechanism
|
16 | ef39e7ee | Georgios Gousios | user = SynnefoUser.objects.filter(auth_token = request.META[self.auth_token])
|
17 | 89f86fd3 | Georgios Gousios | if user is None : |
18 | 44193110 | Georgios Gousios | return HttpResponseRedirect(content='Athentication Required') |
19 | 89f86fd3 | Georgios Gousios | request.user = user |
20 | ef39e7ee | Georgios Gousios | return
|
21 | 89f86fd3 | Georgios Gousios | |
22 | 89f86fd3 | Georgios Gousios | #An authentication request
|
23 | 89f86fd3 | Georgios Gousios | if self.auth_user in request.META and 'X-Auth-Key' in request.META \ |
24 | 89f86fd3 | Georgios Gousios | and '/v1.0' == request.path and 'GET' == request.method: |
25 | ef39e7ee | Georgios Gousios | # This is here merely for compatibility with the Openstack API.
|
26 | ef39e7ee | Georgios Gousios | # All normal users should authenticate through Sibbolleth. Admin
|
27 | ef39e7ee | Georgios Gousios | # users or other selected users could use this as a bypass
|
28 | ef39e7ee | Georgios Gousios | # mechanism
|
29 | ef39e7ee | Georgios Gousios | user = SynnefoUser.objects.filter(username = request.META[self.auth_user])
|
30 | ef39e7ee | Georgios Gousios | |
31 | ef39e7ee | Georgios Gousios | return HttpResponseRedirect(content= settings.SIBBOLLETH_HOST)
|
32 | ef39e7ee | Georgios Gousios | |
33 | 44193110 | Georgios Gousios | return HttpResponseRedirect(content='Athentication Required') |
34 | 89f86fd3 | Georgios Gousios | |
35 | ef39e7ee | Georgios Gousios | #class HttpResponseAuthenticationRequired(HttpResponse):
|
36 | ef39e7ee | Georgios Gousios | # status_code = 401 |