|
1 import datetime |
|
2 from django.core.exceptions import ImproperlyConfigured |
|
3 from django.utils.importlib import import_module |
|
4 |
|
5 SESSION_KEY = '_auth_user_id' |
|
6 BACKEND_SESSION_KEY = '_auth_user_backend' |
|
7 REDIRECT_FIELD_NAME = 'next' |
|
8 |
|
9 def load_backend(path): |
|
10 i = path.rfind('.') |
|
11 module, attr = path[:i], path[i+1:] |
|
12 try: |
|
13 mod = import_module(module) |
|
14 except ImportError, e: |
|
15 raise ImproperlyConfigured, 'Error importing authentication backend %s: "%s"' % (module, e) |
|
16 except ValueError, e: |
|
17 raise ImproperlyConfigured, 'Error importing authentication backends. Is AUTHENTICATION_BACKENDS a correctly defined list or tuple?' |
|
18 try: |
|
19 cls = getattr(mod, attr) |
|
20 except AttributeError: |
|
21 raise ImproperlyConfigured, 'Module "%s" does not define a "%s" authentication backend' % (module, attr) |
|
22 return cls() |
|
23 |
|
24 def get_backends(): |
|
25 from django.conf import settings |
|
26 backends = [] |
|
27 for backend_path in settings.AUTHENTICATION_BACKENDS: |
|
28 backends.append(load_backend(backend_path)) |
|
29 return backends |
|
30 |
|
31 def authenticate(**credentials): |
|
32 """ |
|
33 If the given credentials are valid, return a User object. |
|
34 """ |
|
35 for backend in get_backends(): |
|
36 try: |
|
37 user = backend.authenticate(**credentials) |
|
38 except TypeError: |
|
39 # This backend doesn't accept these credentials as arguments. Try the next one. |
|
40 continue |
|
41 if user is None: |
|
42 continue |
|
43 # Annotate the user object with the path of the backend. |
|
44 user.backend = "%s.%s" % (backend.__module__, backend.__class__.__name__) |
|
45 return user |
|
46 |
|
47 def login(request, user): |
|
48 """ |
|
49 Persist a user id and a backend in the request. This way a user doesn't |
|
50 have to reauthenticate on every request. |
|
51 """ |
|
52 if user is None: |
|
53 user = request.user |
|
54 # TODO: It would be nice to support different login methods, like signed cookies. |
|
55 user.last_login = datetime.datetime.now() |
|
56 user.save() |
|
57 |
|
58 if SESSION_KEY in request.session: |
|
59 if request.session[SESSION_KEY] != user.id: |
|
60 # To avoid reusing another user's session, create a new, empty |
|
61 # session if the existing session corresponds to a different |
|
62 # authenticated user. |
|
63 request.session.flush() |
|
64 else: |
|
65 request.session.cycle_key() |
|
66 request.session[SESSION_KEY] = user.id |
|
67 request.session[BACKEND_SESSION_KEY] = user.backend |
|
68 if hasattr(request, 'user'): |
|
69 request.user = user |
|
70 |
|
71 def logout(request): |
|
72 """ |
|
73 Removes the authenticated user's ID from the request and flushes their |
|
74 session data. |
|
75 """ |
|
76 request.session.flush() |
|
77 if hasattr(request, 'user'): |
|
78 from django.contrib.auth.models import AnonymousUser |
|
79 request.user = AnonymousUser() |
|
80 |
|
81 def get_user(request): |
|
82 from django.contrib.auth.models import AnonymousUser |
|
83 try: |
|
84 user_id = request.session[SESSION_KEY] |
|
85 backend_path = request.session[BACKEND_SESSION_KEY] |
|
86 backend = load_backend(backend_path) |
|
87 user = backend.get_user(user_id) or AnonymousUser() |
|
88 except KeyError: |
|
89 user = AnonymousUser() |
|
90 return user |