Revision 6ef51e9f snf-app/synnefo/api/middleware.py
b/snf-app/synnefo/api/middleware.py | ||
---|---|---|
31 | 31 |
# interpreted as representing official policies, either expressed |
32 | 32 |
# or implied, of GRNET S.A. |
33 | 33 |
|
34 |
import json |
|
35 |
|
|
36 |
from httplib import HTTPConnection, HTTPSConnection |
|
37 |
from urlparse import urlparse |
|
38 |
|
|
39 |
from django.conf import settings |
|
34 | 40 |
from django.utils.cache import patch_vary_headers |
35 | 41 |
|
36 | 42 |
|
37 | 43 |
class ApiAuthMiddleware(object): |
38 | 44 |
def process_request(self, request): |
39 | 45 |
request.user = None |
40 |
|
|
46 |
|
|
47 |
token = request.GET.get('X-Auth-Token') |
|
48 |
if not token: |
|
49 |
token = request.META.get('HTTP_X_AUTH_TOKEN') |
|
50 |
if not token: |
|
51 |
token = request.COOKIES.get('X-Auth-Token') |
|
52 |
|
|
53 |
if not token: |
|
54 |
return |
|
55 |
|
|
56 |
p = urlparse(settings.ASTAKOS_URL) |
|
57 |
if p.scheme == 'https': |
|
58 |
conn = HTTPSConnection(p.netloc) |
|
59 |
else: |
|
60 |
conn = HTTPConnection(p.netloc) |
|
61 |
|
|
62 |
headers = {'X-Auth-Token': token} |
|
63 |
conn.request('GET', p.path, headers=headers) |
|
64 |
resp = conn.getresponse() |
|
65 |
if resp.status != 200: |
|
66 |
return |
|
67 |
|
|
68 |
try: |
|
69 |
reply = json.loads(resp.read()) |
|
70 |
assert 'uniq' in reply |
|
71 |
assert 'username' in reply |
|
72 |
except (ValueError, AssertionError): |
|
73 |
return |
|
74 |
|
|
75 |
request.user = reply['uniq'] |
|
76 |
request.username = reply['username'] |
|
77 |
|
|
41 | 78 |
def process_response(self, request, response): |
42 | 79 |
# Tell proxies and other interested parties that the request varies |
43 | 80 |
# based on X-Auth-Token, to avoid caching of results |
Also available in: Unified diff