Revision c06de383 aai/middleware.py
b/aai/middleware.py | ||
---|---|---|
4 | 4 |
from synnefo.db.models import SynnefoUser |
5 | 5 |
from synnefo.aai.shibboleth import Tokens, register_shibboleth_user |
6 | 6 |
import time |
7 |
import datetime |
|
7 | 8 |
|
8 | 9 |
class SynnefoAuthMiddleware(object): |
9 | 10 |
|
... | ... | |
16 | 17 |
#print time.strftime("[%d/%b/%Y %H:%M:%S]"), " Path", \ |
17 | 18 |
# request.path , ": Not authenticated" |
18 | 19 |
return |
19 |
token = request.META.get('HTTP_X_AUTH_TOKEN', None) |
|
20 |
|
|
21 |
token = None |
|
22 |
#Try to find token in a cookie |
|
23 |
try: |
|
24 |
token = request.COOKIES['X-Auth-Token'] |
|
25 |
except Exception: |
|
26 |
pass |
|
27 |
|
|
28 |
#Try to find token in request header |
|
29 |
if not token: |
|
30 |
token = request.META.get('HTTP_X_AUTH_TOKEN', None) |
|
31 |
|
|
20 | 32 |
if token: |
21 | 33 |
user = None |
22 | 34 |
#Retrieve user from DB or other caching mechanism |
... | ... | |
97 | 109 |
response['Vary'] = self.auth_token |
98 | 110 |
return response |
99 | 111 |
|
100 |
|
|
101 | 112 |
def _redirect_shib_auth_user(self, user): |
113 |
expire = user.auth_token_created + datetime.timedelta(hours=settings.AUTH_TOKEN_DURATION) |
|
114 |
expire_fmt = expire.strftime('%a, %d-%b-%Y %H:%M:%S %Z') |
|
115 |
|
|
102 | 116 |
response = HttpResponse() |
117 |
|
|
118 |
response.set_cookie('X-Auth-Token', value=user.auth_token, expires = expire_fmt, path='/api') |
|
103 | 119 |
response[self.auth_token] = user.auth_token |
104 | 120 |
response['Location'] = settings.APP_INSTALL_URL |
105 | 121 |
response.status_code = 302 |
Also available in: Unified diff