root / api / middleware.py @ dd53338a
History | View | Annotate | Download (1.5 kB)
1 | ef39e7ee | Georgios Gousios | from django.conf import settings |
---|---|---|---|
2 | ef39e7ee | Georgios Gousios | from django.http import HttpResponse, HttpResponseRedirect |
3 | 89f86fd3 | Georgios Gousios | from synnefo.db.models import SynnefoUser |
4 | 89f86fd3 | Georgios Gousios | |
5 | 89f86fd3 | Georgios Gousios | class SynnefoAuthMiddleware(object): |
6 | 89f86fd3 | Georgios Gousios | |
7 | 89f86fd3 | Georgios Gousios | auth_token = "X-Auth-Token"
|
8 | 89f86fd3 | Georgios Gousios | auth_user = "X-Auth-User"
|
9 | 89f86fd3 | Georgios Gousios | auth_key = "X-Auth-Key"
|
10 | 89f86fd3 | Georgios Gousios | |
11 | 89f86fd3 | Georgios Gousios | def process_request(self, request): |
12 | ef39e7ee | Georgios Gousios | |
13 | 89f86fd3 | Georgios Gousios | if self.auth_token in request.META: |
14 | ef39e7ee | Georgios Gousios | #Retrieve user from DB or other caching mechanism
|
15 | ef39e7ee | Georgios Gousios | user = SynnefoUser.objects.filter(auth_token = request.META[self.auth_token])
|
16 | 89f86fd3 | Georgios Gousios | if user is None : |
17 | dd53338a | Georgios Gousios | return HttpResponseRedirect(settings.SIBBOLLETH_HOST)
|
18 | 89f86fd3 | Georgios Gousios | request.user = user |
19 | ef39e7ee | Georgios Gousios | return
|
20 | 89f86fd3 | Georgios Gousios | |
21 | 89f86fd3 | Georgios Gousios | #An authentication request
|
22 | 89f86fd3 | Georgios Gousios | if self.auth_user in request.META and 'X-Auth-Key' in request.META \ |
23 | 89f86fd3 | Georgios Gousios | and '/v1.0' == request.path and 'GET' == request.method: |
24 | ef39e7ee | Georgios Gousios | # This is here merely for compatibility with the Openstack API.
|
25 | ef39e7ee | Georgios Gousios | # All normal users should authenticate through Sibbolleth. Admin
|
26 | ef39e7ee | Georgios Gousios | # users or other selected users could use this as a bypass
|
27 | ef39e7ee | Georgios Gousios | # mechanism
|
28 | ef39e7ee | Georgios Gousios | user = SynnefoUser.objects.filter(username = request.META[self.auth_user])
|
29 | ef39e7ee | Georgios Gousios | |
30 | dd53338a | Georgios Gousios | return HttpResponseRedirect(settings.SIBBOLLETH_HOST)
|
31 | ef39e7ee | Georgios Gousios | |
32 | dd53338a | Georgios Gousios | return HttpResponseRedirect(settings.SIBBOLLETH_HOST)
|
33 | dd53338a | Georgios Gousios | |
34 | dd53338a | Georgios Gousios | def process_response(self, request, response): |
35 | dd53338a | Georgios Gousios | response['Vary'] = self.auth_key |
36 | dd53338a | Georgios Gousios | return response
|
37 | 89f86fd3 | Georgios Gousios | |
38 | ef39e7ee | Georgios Gousios | #class HttpResponseAuthenticationRequired(HttpResponse):
|
39 | ef39e7ee | Georgios Gousios | # status_code = 401 |