encode/django-rest-framework
1
1
Fork 0
mirror of https://github.com/encode/django-rest-framework.git synced 2025-10-31 07:57:55 +03:00
Code Issues Packages Projects Releases Wiki Activity

Add support for request.auth

Browse Source
This commit is contained in:
Tom Christie 2012-09-06 14:50:43 +01:00
parent 1c78bf53db
commit b7062c5b01
2 changed files with 31 additions and 19 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
djangorestframework/authentication.py
View File

@ -64,7 +64,6 @@ class BasicAuthentication(BaseAuthentication):
return None return None
return self.authenticate_credentials(userid, password) return self.authenticate_credentials(userid, password)
return None
def authenticate_credentials(self, userid, password): def authenticate_credentials(self, userid, password):
""" """
@ -81,7 +80,7 @@ class UserBasicAuthentication(BasicAuthentication):
""" """
user = authenticate(username=userid, password=password) user = authenticate(username=userid, password=password)
if user is not None and user.is_active: if user is not None and user.is_active:
return user return (user, None)
class SessionAuthentication(BaseAuthentication): class SessionAuthentication(BaseAuthentication):
@ -101,8 +100,7 @@ class SessionAuthentication(BaseAuthentication):
resp = CsrfViewMiddleware().process_view(request, None, (), {}) resp = CsrfViewMiddleware().process_view(request, None, (), {})
if resp is None: # csrf passed if resp is None: # csrf passed
return user return (user, None)
return None
# TODO: TokenAuthentication, DigestAuthentication, OAuthAuthentication # TODO: TokenAuthentication, DigestAuthentication, OAuthAuthentication

44
djangorestframework/request.py
View File

@ -13,7 +13,7 @@ from StringIO import StringIO
from django.contrib.auth.models import AnonymousUser from django.contrib.auth.models import AnonymousUser
from djangorestframework.exceptions import UnsupportedMediaType from djangorestframework import exceptions
from djangorestframework.utils.mediatypes import is_form_media_type from djangorestframework.utils.mediatypes import is_form_media_type
@ -110,8 +110,8 @@ class Request(object):
""" """
Parses the request body and returns the data. Parses the request body and returns the data.
Similar to ``request.POST``, except that it handles arbitrary parsers, Similar to usual behaviour of `request.POST`, except that it handles
and also works on methods other than POST (eg PUT). arbitrary parsers, and also works on methods other than POST (eg PUT).
""" """
if not _hasattr(self, '_data'): if not _hasattr(self, '_data'):
self._load_data_and_files() self._load_data_and_files()
@ -120,9 +120,10 @@ class Request(object):
@property @property
def FILES(self): def FILES(self):
""" """
Parses the request body and returns the files. Parses the request body and returns any files uploaded in the request.
Similar to ``request.FILES``, except that it handles arbitrary parsers,
and also works on methods other than POST (eg PUT). Similar to usual behaviour of `request.FILES`, except that it handles
arbitrary parsers, and also works on methods other than POST (eg PUT).
""" """
if not _hasattr(self, '_files'): if not _hasattr(self, '_files'):
self._load_data_and_files() self._load_data_and_files()
@ -131,13 +132,23 @@ class Request(object):
@property @property
def user(self): def user(self):
""" """
Returns the :obj:`user` for the current request, authenticated Returns the user associated with the current request, as authenticated
with the set of :class:`authentication` instances applied to the :class:`Request`. by the authentication classes provided to the request.
""" """
if not hasattr(self, '_user'): if not hasattr(self, '_user'):
self._user = self._authenticate() self._user, self._auth = self._authenticate()
return self._user return self._user
@property
def auth(self):
"""
Returns any non-user authentication information associated with the
request, such as an authentication token.
"""
if not hasattr(self, '_auth'):
self._user, self._auth = self._authenticate()
return self._auth
def _load_data_and_files(self): def _load_data_and_files(self):
""" """
Parses the request content into self.DATA and self.FILES. Parses the request content into self.DATA and self.FILES.
@ -161,6 +172,9 @@ class Request(object):
self._method = self._request.method self._method = self._request.method
def _load_stream(self): def _load_stream(self):
"""
Return the content body of the request, as a stream.
"""
try: try:
content_length = int(self.META.get('CONTENT_LENGTH', content_length = int(self.META.get('CONTENT_LENGTH',
self.META.get('HTTP_CONTENT_LENGTH'))) self.META.get('HTTP_CONTENT_LENGTH')))
@ -223,21 +237,21 @@ class Request(object):
except AttributeError: except AttributeError:
return (parsed, None) return (parsed, None)
raise UnsupportedMediaType(self._content_type) raise exceptions.UnsupportedMediaType(self._content_type)
def _authenticate(self): def _authenticate(self):
""" """
Attempt to authenticate the request using each authentication instance in turn. Attempt to authenticate the request using each authentication instance in turn.
Returns a ``User`` object, which may be ``AnonymousUser``. Returns a two-tuple of (user, authtoken).
""" """
for authentication in self.get_authentications(): for authentication in self.get_authentications():
user = authentication.authenticate(self) user_auth_tuple = authentication.authenticate(self)
if user: if not user_auth_tuple is None:
return user return user_auth_tuple
return self._not_authenticated() return self._not_authenticated()
def _not_authenticated(self): def _not_authenticated(self):
return AnonymousUser() return (AnonymousUser(), None)
def __getattr__(self, name): def __getattr__(self, name):
""" """