Statistics
| Branch: | Tag: | Revision:

root / api / middleware.py @ 96b635d9

History | View | Annotate | Download (2.5 kB)

1 4733c1b0 Georgios Gousios
from django.http import HttpResponse
2 22aee0fb Georgios Gousios
from synnefo.db.models import SynnefoUser
3 4733c1b0 Georgios Gousios
from django.utils.cache import patch_vary_headers
4 22aee0fb Georgios Gousios
import time
5 22aee0fb Georgios Gousios
6 22aee0fb Georgios Gousios
class ApiAuthMiddleware(object):
7 22aee0fb Georgios Gousios
8 22aee0fb Georgios Gousios
    auth_token = "X-Auth-Token"
9 22aee0fb Georgios Gousios
    auth_user  = "X-Auth-User"
10 22aee0fb Georgios Gousios
    auth_key   = "X-Auth-Key"
11 22aee0fb Georgios Gousios
12 22aee0fb Georgios Gousios
    def process_request(self, request):
13 22aee0fb Georgios Gousios
        if not request.path.startswith('/api/') :
14 22aee0fb Georgios Gousios
            return
15 22aee0fb Georgios Gousios
16 22aee0fb Georgios Gousios
        token = None
17 22aee0fb Georgios Gousios
18 4733c1b0 Georgios Gousios
        # Try to find token in a cookie
19 4733c1b0 Georgios Gousios
        token = request.COOKIES.get('X-Auth-Token', None)
20 22aee0fb Georgios Gousios
21 4733c1b0 Georgios Gousios
        # Try to find token in request header
22 22aee0fb Georgios Gousios
        if not token:
23 22aee0fb Georgios Gousios
            token = request.META.get('HTTP_X_AUTH_TOKEN', None)
24 22aee0fb Georgios Gousios
25 22aee0fb Georgios Gousios
        if token:
26 22aee0fb Georgios Gousios
            user = None
27 4733c1b0 Georgios Gousios
            # Retrieve user from DB or other caching mechanism
28 22aee0fb Georgios Gousios
            try:
29 22aee0fb Georgios Gousios
                user = SynnefoUser.objects.get(auth_token=token)
30 22aee0fb Georgios Gousios
            except SynnefoUser.DoesNotExist:
31 22aee0fb Georgios Gousios
                user = None
32 22aee0fb Georgios Gousios
33 4733c1b0 Georgios Gousios
            # Check user's auth token
34 bf21d1c6 Giorgos Verigakis
            if user and (time.time() -
35 c9fdfa27 Georgios Gousios
                time.mktime(user.auth_token_expires.timetuple())) > 0:
36 4733c1b0 Georgios Gousios
                # The user's token has expired, re-login
37 22aee0fb Georgios Gousios
                user = None
38 22aee0fb Georgios Gousios
39 22aee0fb Georgios Gousios
            request.user = user
40 22aee0fb Georgios Gousios
            return
41 22aee0fb Georgios Gousios
42 4733c1b0 Georgios Gousios
        # A Rackspace API authentication request
43 aad68ee6 Georgios Gousios
        if self.auth_user in request.META and \
44 aad68ee6 Georgios Gousios
           self.auth_key in request.META and \
45 aad68ee6 Georgios Gousios
           'GET' == request.method:
46 22aee0fb Georgios Gousios
            # This is here merely for compatibility with the Openstack API.
47 4733c1b0 Georgios Gousios
            # All normal users should authenticate through Shibboleth. Admin
48 22aee0fb Georgios Gousios
            # users or other selected users could use this as a bypass
49 22aee0fb Georgios Gousios
            # mechanism
50 22aee0fb Georgios Gousios
            user = SynnefoUser.objects\
51 22aee0fb Georgios Gousios
                    .filter(name = request.META[self.auth_user]) \
52 22aee0fb Georgios Gousios
                    .filter(uniq = request.META[self.auth_key])
53 22aee0fb Georgios Gousios
54 22aee0fb Georgios Gousios
            response = HttpResponse()
55 22aee0fb Georgios Gousios
            if user.count() <= 0:
56 22aee0fb Georgios Gousios
                response.status_code = 401
57 22aee0fb Georgios Gousios
            else:
58 22aee0fb Georgios Gousios
                response.status_code = 204
59 22aee0fb Georgios Gousios
                response['X-Auth-Token'] = user[0].auth_token
60 4733c1b0 Georgios Gousios
                # TODO: set the following fields when we do have this info
61 22aee0fb Georgios Gousios
                response['X-Server-Management-Url'] = ""
62 22aee0fb Georgios Gousios
                response['X-Storage-Url'] = ""
63 22aee0fb Georgios Gousios
                response['X-CDN-Management-Url'] = ""
64 22aee0fb Georgios Gousios
            return response
65 22aee0fb Georgios Gousios
66 22aee0fb Georgios Gousios
        request.user = None
67 22aee0fb Georgios Gousios
68 22aee0fb Georgios Gousios
    def process_response(self, request, response):
69 4733c1b0 Georgios Gousios
        # Tell proxies and other interested parties that the request varies
70 4733c1b0 Georgios Gousios
        # based on X-Auth-Token, to avoid caching of results
71 4733c1b0 Georgios Gousios
        patch_vary_headers(response, ('X-Auth-Token',))
72 22aee0fb Georgios Gousios
        return response