blinkster: web/lib/django/contrib/auth/middleware.py@0d40e90630ef (annotated)

0 0d40e90630ef Blinkster creation ymh <ymh.work@gmail.com> parents: diff changeset	1	from django.contrib import auth
0d40e90630ef Blinkster creation ymh <ymh.work@gmail.com> parents: diff changeset	2	from django.core.exceptions import ImproperlyConfigured
0d40e90630ef Blinkster creation ymh <ymh.work@gmail.com> parents: diff changeset	3
0d40e90630ef Blinkster creation ymh <ymh.work@gmail.com> parents: diff changeset	4
0d40e90630ef Blinkster creation ymh <ymh.work@gmail.com> parents: diff changeset	5	class LazyUser(object):
0d40e90630ef Blinkster creation ymh <ymh.work@gmail.com> parents: diff changeset	6	def __get__(self, request, obj_type=None):
0d40e90630ef Blinkster creation ymh <ymh.work@gmail.com> parents: diff changeset	7	if not hasattr(request, '_cached_user'):
0d40e90630ef Blinkster creation ymh <ymh.work@gmail.com> parents: diff changeset	8	from django.contrib.auth import get_user
0d40e90630ef Blinkster creation ymh <ymh.work@gmail.com> parents: diff changeset	9	request._cached_user = get_user(request)
0d40e90630ef Blinkster creation ymh <ymh.work@gmail.com> parents: diff changeset	10	return request._cached_user
0d40e90630ef Blinkster creation ymh <ymh.work@gmail.com> parents: diff changeset	11
0d40e90630ef Blinkster creation ymh <ymh.work@gmail.com> parents: diff changeset	12
0d40e90630ef Blinkster creation ymh <ymh.work@gmail.com> parents: diff changeset	13	class AuthenticationMiddleware(object):
0d40e90630ef Blinkster creation ymh <ymh.work@gmail.com> parents: diff changeset	14	def process_request(self, request):
0d40e90630ef Blinkster creation ymh <ymh.work@gmail.com> parents: diff changeset	15	assert hasattr(request, 'session'), "The Django authentication middleware requires session middleware to be installed. Edit your MIDDLEWARE_CLASSES setting to insert 'django.contrib.sessions.middleware.SessionMiddleware'."
0d40e90630ef Blinkster creation ymh <ymh.work@gmail.com> parents: diff changeset	16	request.__class__.user = LazyUser()
0d40e90630ef Blinkster creation ymh <ymh.work@gmail.com> parents: diff changeset	17	return None
0d40e90630ef Blinkster creation ymh <ymh.work@gmail.com> parents: diff changeset	18
0d40e90630ef Blinkster creation ymh <ymh.work@gmail.com> parents: diff changeset	19
0d40e90630ef Blinkster creation ymh <ymh.work@gmail.com> parents: diff changeset	20	class RemoteUserMiddleware(object):
0d40e90630ef Blinkster creation ymh <ymh.work@gmail.com> parents: diff changeset	21	"""
0d40e90630ef Blinkster creation ymh <ymh.work@gmail.com> parents: diff changeset	22	Middleware for utilizing web-server-provided authentication.
0d40e90630ef Blinkster creation ymh <ymh.work@gmail.com> parents: diff changeset	23
0d40e90630ef Blinkster creation ymh <ymh.work@gmail.com> parents: diff changeset	24	If request.user is not authenticated, then this middleware attempts to
0d40e90630ef Blinkster creation ymh <ymh.work@gmail.com> parents: diff changeset	25	authenticate the username passed in the ``REMOTE_USER`` request header.
0d40e90630ef Blinkster creation ymh <ymh.work@gmail.com> parents: diff changeset	26	If authentication is successful, the user is automatically logged in to
0d40e90630ef Blinkster creation ymh <ymh.work@gmail.com> parents: diff changeset	27	persist the user in the session.
0d40e90630ef Blinkster creation ymh <ymh.work@gmail.com> parents: diff changeset	28
0d40e90630ef Blinkster creation ymh <ymh.work@gmail.com> parents: diff changeset	29	The header used is configurable and defaults to ``REMOTE_USER``. Subclass
0d40e90630ef Blinkster creation ymh <ymh.work@gmail.com> parents: diff changeset	30	this class and change the ``header`` attribute if you need to use a
0d40e90630ef Blinkster creation ymh <ymh.work@gmail.com> parents: diff changeset	31	different header.
0d40e90630ef Blinkster creation ymh <ymh.work@gmail.com> parents: diff changeset	32	"""
0d40e90630ef Blinkster creation ymh <ymh.work@gmail.com> parents: diff changeset	33
0d40e90630ef Blinkster creation ymh <ymh.work@gmail.com> parents: diff changeset	34	# Name of request header to grab username from. This will be the key as
0d40e90630ef Blinkster creation ymh <ymh.work@gmail.com> parents: diff changeset	35	# used in the request.META dictionary, i.e. the normalization of headers to
0d40e90630ef Blinkster creation ymh <ymh.work@gmail.com> parents: diff changeset	36	# all uppercase and the addition of "HTTP_" prefix apply.
0d40e90630ef Blinkster creation ymh <ymh.work@gmail.com> parents: diff changeset	37	header = "REMOTE_USER"
0d40e90630ef Blinkster creation ymh <ymh.work@gmail.com> parents: diff changeset	38
0d40e90630ef Blinkster creation ymh <ymh.work@gmail.com> parents: diff changeset	39	def process_request(self, request):
0d40e90630ef Blinkster creation ymh <ymh.work@gmail.com> parents: diff changeset	40	# AuthenticationMiddleware is required so that request.user exists.
0d40e90630ef Blinkster creation ymh <ymh.work@gmail.com> parents: diff changeset	41	if not hasattr(request, 'user'):
0d40e90630ef Blinkster creation ymh <ymh.work@gmail.com> parents: diff changeset	42	raise ImproperlyConfigured(
0d40e90630ef Blinkster creation ymh <ymh.work@gmail.com> parents: diff changeset	43	"The Django remote user auth middleware requires the"
0d40e90630ef Blinkster creation ymh <ymh.work@gmail.com> parents: diff changeset	44	" authentication middleware to be installed. Edit your"
0d40e90630ef Blinkster creation ymh <ymh.work@gmail.com> parents: diff changeset	45	" MIDDLEWARE_CLASSES setting to insert"
0d40e90630ef Blinkster creation ymh <ymh.work@gmail.com> parents: diff changeset	46	" 'django.contrib.auth.middleware.AuthenticationMiddleware'"
0d40e90630ef Blinkster creation ymh <ymh.work@gmail.com> parents: diff changeset	47	" before the RemoteUserMiddleware class.")
0d40e90630ef Blinkster creation ymh <ymh.work@gmail.com> parents: diff changeset	48	try:
0d40e90630ef Blinkster creation ymh <ymh.work@gmail.com> parents: diff changeset	49	username = request.META[self.header]
0d40e90630ef Blinkster creation ymh <ymh.work@gmail.com> parents: diff changeset	50	except KeyError:
0d40e90630ef Blinkster creation ymh <ymh.work@gmail.com> parents: diff changeset	51	# If specified header doesn't exist then return (leaving
0d40e90630ef Blinkster creation ymh <ymh.work@gmail.com> parents: diff changeset	52	# request.user set to AnonymousUser by the
0d40e90630ef Blinkster creation ymh <ymh.work@gmail.com> parents: diff changeset	53	# AuthenticationMiddleware).
0d40e90630ef Blinkster creation ymh <ymh.work@gmail.com> parents: diff changeset	54	return
0d40e90630ef Blinkster creation ymh <ymh.work@gmail.com> parents: diff changeset	55	# If the user is already authenticated and that user is the user we are
0d40e90630ef Blinkster creation ymh <ymh.work@gmail.com> parents: diff changeset	56	# getting passed in the headers, then the correct user is already
0d40e90630ef Blinkster creation ymh <ymh.work@gmail.com> parents: diff changeset	57	# persisted in the session and we don't need to continue.
0d40e90630ef Blinkster creation ymh <ymh.work@gmail.com> parents: diff changeset	58	if request.user.is_authenticated():
0d40e90630ef Blinkster creation ymh <ymh.work@gmail.com> parents: diff changeset	59	if request.user.username == self.clean_username(username, request):
0d40e90630ef Blinkster creation ymh <ymh.work@gmail.com> parents: diff changeset	60	return
0d40e90630ef Blinkster creation ymh <ymh.work@gmail.com> parents: diff changeset	61	# We are seeing this user for the first time in this session, attempt
0d40e90630ef Blinkster creation ymh <ymh.work@gmail.com> parents: diff changeset	62	# to authenticate the user.
0d40e90630ef Blinkster creation ymh <ymh.work@gmail.com> parents: diff changeset	63	user = auth.authenticate(remote_user=username)
0d40e90630ef Blinkster creation ymh <ymh.work@gmail.com> parents: diff changeset	64	if user:
0d40e90630ef Blinkster creation ymh <ymh.work@gmail.com> parents: diff changeset	65	# User is valid. Set request.user and persist user in the session
0d40e90630ef Blinkster creation ymh <ymh.work@gmail.com> parents: diff changeset	66	# by logging the user in.
0d40e90630ef Blinkster creation ymh <ymh.work@gmail.com> parents: diff changeset	67	request.user = user
0d40e90630ef Blinkster creation ymh <ymh.work@gmail.com> parents: diff changeset	68	auth.login(request, user)
0d40e90630ef Blinkster creation ymh <ymh.work@gmail.com> parents: diff changeset	69
0d40e90630ef Blinkster creation ymh <ymh.work@gmail.com> parents: diff changeset	70	def clean_username(self, username, request):
0d40e90630ef Blinkster creation ymh <ymh.work@gmail.com> parents: diff changeset	71	"""
0d40e90630ef Blinkster creation ymh <ymh.work@gmail.com> parents: diff changeset	72	Allows the backend to clean the username, if the backend defines a
0d40e90630ef Blinkster creation ymh <ymh.work@gmail.com> parents: diff changeset	73	clean_username method.
0d40e90630ef Blinkster creation ymh <ymh.work@gmail.com> parents: diff changeset	74	"""
0d40e90630ef Blinkster creation ymh <ymh.work@gmail.com> parents: diff changeset	75	backend_str = request.session[auth.BACKEND_SESSION_KEY]
0d40e90630ef Blinkster creation ymh <ymh.work@gmail.com> parents: diff changeset	76	backend = auth.load_backend(backend_str)
0d40e90630ef Blinkster creation ymh <ymh.work@gmail.com> parents: diff changeset	77	try:
0d40e90630ef Blinkster creation ymh <ymh.work@gmail.com> parents: diff changeset	78	username = backend.clean_username(username)
0d40e90630ef Blinkster creation ymh <ymh.work@gmail.com> parents: diff changeset	79	except AttributeError: # Backend has no clean_username method.
0d40e90630ef Blinkster creation ymh <ymh.work@gmail.com> parents: diff changeset	80	pass
0d40e90630ef Blinkster creation ymh <ymh.work@gmail.com> parents: diff changeset	81	return username

author	ymh <ymh.work@gmail.com>
	Wed, 20 Jan 2010 00:34:04 +0100
changeset 0	0d40e90630ef
permissions	-rw-r--r--