root / api / middleware.py @ dd53338a
History | View | Annotate | Download (1.5 kB)
| 1 | ef39e7ee | Georgios Gousios | from django.conf import settings |
|---|---|---|---|
| 2 | ef39e7ee | Georgios Gousios | from django.http import HttpResponse, HttpResponseRedirect |
| 3 | 89f86fd3 | Georgios Gousios | from synnefo.db.models import SynnefoUser |
| 4 | 89f86fd3 | Georgios Gousios | |
| 5 | 89f86fd3 | Georgios Gousios | class SynnefoAuthMiddleware(object): |
| 6 | 89f86fd3 | Georgios Gousios | |
| 7 | 89f86fd3 | Georgios Gousios | auth_token = "X-Auth-Token"
|
| 8 | 89f86fd3 | Georgios Gousios | auth_user = "X-Auth-User"
|
| 9 | 89f86fd3 | Georgios Gousios | auth_key = "X-Auth-Key"
|
| 10 | 89f86fd3 | Georgios Gousios | |
| 11 | 89f86fd3 | Georgios Gousios | def process_request(self, request): |
| 12 | ef39e7ee | Georgios Gousios | |
| 13 | 89f86fd3 | Georgios Gousios | if self.auth_token in request.META: |
| 14 | ef39e7ee | Georgios Gousios | #Retrieve user from DB or other caching mechanism
|
| 15 | ef39e7ee | Georgios Gousios | user = SynnefoUser.objects.filter(auth_token = request.META[self.auth_token])
|
| 16 | 89f86fd3 | Georgios Gousios | if user is None : |
| 17 | dd53338a | Georgios Gousios | return HttpResponseRedirect(settings.SIBBOLLETH_HOST)
|
| 18 | 89f86fd3 | Georgios Gousios | request.user = user |
| 19 | ef39e7ee | Georgios Gousios | return
|
| 20 | 89f86fd3 | Georgios Gousios | |
| 21 | 89f86fd3 | Georgios Gousios | #An authentication request
|
| 22 | 89f86fd3 | Georgios Gousios | if self.auth_user in request.META and 'X-Auth-Key' in request.META \ |
| 23 | 89f86fd3 | Georgios Gousios | and '/v1.0' == request.path and 'GET' == request.method: |
| 24 | ef39e7ee | Georgios Gousios | # This is here merely for compatibility with the Openstack API.
|
| 25 | ef39e7ee | Georgios Gousios | # All normal users should authenticate through Sibbolleth. Admin
|
| 26 | ef39e7ee | Georgios Gousios | # users or other selected users could use this as a bypass
|
| 27 | ef39e7ee | Georgios Gousios | # mechanism
|
| 28 | ef39e7ee | Georgios Gousios | user = SynnefoUser.objects.filter(username = request.META[self.auth_user])
|
| 29 | ef39e7ee | Georgios Gousios | |
| 30 | dd53338a | Georgios Gousios | return HttpResponseRedirect(settings.SIBBOLLETH_HOST)
|
| 31 | ef39e7ee | Georgios Gousios | |
| 32 | dd53338a | Georgios Gousios | return HttpResponseRedirect(settings.SIBBOLLETH_HOST)
|
| 33 | dd53338a | Georgios Gousios | |
| 34 | dd53338a | Georgios Gousios | def process_response(self, request, response): |
| 35 | dd53338a | Georgios Gousios | response['Vary'] = self.auth_key |
| 36 | dd53338a | Georgios Gousios | return response
|
| 37 | 89f86fd3 | Georgios Gousios | |
| 38 | ef39e7ee | Georgios Gousios | #class HttpResponseAuthenticationRequired(HttpResponse):
|
| 39 | ef39e7ee | Georgios Gousios | # status_code = 401 |