Revision b494c889 pithos/middleware/auth.py
b/pithos/middleware/auth.py | ||
---|---|---|
33 | 33 |
|
34 | 34 |
from time import time, mktime |
35 | 35 |
|
36 |
from django.conf import settings |
|
37 |
|
|
38 | 36 |
from pithos.im.models import User |
39 | 37 |
|
40 | 38 |
|
... | ... | |
50 | 48 |
request.user = None |
51 | 49 |
request.user_uniq = None |
52 | 50 |
|
53 |
# Try to find token in a parameter, in a request header, |
|
54 |
# or in a cookie. |
|
51 |
# Try to find token in a parameter, in a request header, or in a cookie. |
|
55 | 52 |
user = get_user_from_token(request.GET.get('X-Auth-Token')) |
56 | 53 |
if not user: |
57 | 54 |
user = get_user_from_token(request.META.get('HTTP_X_AUTH_TOKEN')) |
58 | 55 |
if not user: |
59 |
user = get_user_from_token(request.COOKIES.get('X-Auth-Token')) |
|
60 |
if not user: |
|
61 | 56 |
# Back from an im login target. |
62 | 57 |
if request.GET.get('user', None): |
63 | 58 |
token = request.GET.get('token', None) |
64 | 59 |
if token: |
65 | 60 |
request.set_auth_cookie = True |
66 | 61 |
user = get_user_from_token(token) |
67 |
|
|
62 |
if not user: |
|
63 |
user = get_user_from_token(request.COOKIES.get('X-Auth-Token')) |
|
68 | 64 |
if not user: |
69 | 65 |
return |
70 | 66 |
|
... | ... | |
78 | 74 |
|
79 | 75 |
request.user = user |
80 | 76 |
request.user_uniq = user.uniq |
81 |
|
|
77 |
|
|
82 | 78 |
def process_response(self, request, response): |
83 | 79 |
if getattr(request, 'user', None) and getattr(request, 'set_auth_cookie', False): |
84 | 80 |
expire_fmt = request.user.auth_token_expires.strftime('%a, %d-%b-%Y %H:%M:%S %Z') |
Also available in: Unified diff