/api/authentication.py - Annotate - Synnefo - Greek Research and Technology Network's projects

| Branch: | Tag: | Revision:

root / api / authentication.py @ c36934a7

History | View | Annotate | Download (875 Bytes)

1	00b4f1be	Faidon Liambotis	# vim: ts=4 sts=4 et ai sw=4 fileencoding=utf-8
2	00b4f1be	Faidon Liambotis	#
3	00b4f1be	Faidon Liambotis	# Copyright © 2010 Greek Research and Technology Network
4	00b4f1be	Faidon Liambotis	#
5	00b4f1be	Faidon Liambotis
6	00b4f1be	Faidon Liambotis	from django.contrib.auth.models import User, AnonymousUser
7	00b4f1be	Faidon Liambotis	from synnefo.api.faults import fault
8	00b4f1be	Faidon Liambotis
9	00b4f1be	Faidon Liambotis	# XXX: we need to add a Vary X-Auth-Token, somehow
10	00b4f1be	Faidon Liambotis	# XXX: or use a standard auth middleware instead?
11	00b4f1be	Faidon Liambotis	# but watch out for CSRF issues:
12	00b4f1be	Faidon Liambotis	# http://andrew.io/weblog/2010/01/django-piston-and-handling-csrf-tokens/
13	00b4f1be	Faidon Liambotis
14	00b4f1be	Faidon Liambotis	class TokenAuthentication(object):
15	00b4f1be	Faidon Liambotis	def is_authenticated(self, request):
16	ec06b07c	Dimitris Moraitis	request.user = User()
17	ec06b07c	Dimitris Moraitis	return True
18	00b4f1be	Faidon Liambotis	token = request.META.get('HTTP_X_AUTH_TOKEN', None)
19	00b4f1be	Faidon Liambotis	if not token:
20	00b4f1be	Faidon Liambotis	return False
21	00b4f1be	Faidon Liambotis
22	00b4f1be	Faidon Liambotis	# XXX: lookup token in models and set request.user
23	00b4f1be	Faidon Liambotis	if token:
24	00b4f1be	Faidon Liambotis	request.user = AnonymousUser()
25	00b4f1be	Faidon Liambotis	return True
26	00b4f1be	Faidon Liambotis
27	00b4f1be	Faidon Liambotis	def challenge(self):
28	547ae349	Faidon Liambotis	return fault.unauthorized.response