mirror of
https://github.com/nikdoof/test-auth.git
synced 2025-12-17 11:49:29 +00:00
Strip out unneeded and not working API calls, replaced with ServiceLogin call (no OAuth).
This commit is contained in:
@@ -6,7 +6,7 @@ from piston.utils import rc, throttle
|
|||||||
from django.contrib.auth import login, logout, authenticate
|
from django.contrib.auth import login, logout, authenticate
|
||||||
from django.contrib.auth.models import User
|
from django.contrib.auth.models import User
|
||||||
from eve_api.models import EVEAccount
|
from eve_api.models import EVEAccount
|
||||||
from sso.models import ServiceAccount
|
from sso.models import ServiceAccount, Service
|
||||||
|
|
||||||
class UserHandler(BaseHandler):
|
class UserHandler(BaseHandler):
|
||||||
allowed_methods = ('GET')
|
allowed_methods = ('GET')
|
||||||
@@ -35,60 +35,29 @@ class UserHandler(BaseHandler):
|
|||||||
|
|
||||||
out = []
|
out = []
|
||||||
for u in user:
|
for u in user:
|
||||||
sa = ServiceAccount.objects.filter(user=u)
|
d = { 'id': u.id, 'username': u.username, 'serviceaccounts': u.serviceaccount_set.all(), 'eveapi': u.eveaccount_set.all() }
|
||||||
ea = EVEAccount.objects.filter(user=u)
|
|
||||||
|
|
||||||
d = { 'id': u.id, 'username': u.username, 'serviceaccounts': sa, 'eveapi': ea }
|
|
||||||
out.append (d)
|
out.append (d)
|
||||||
|
|
||||||
return out
|
return out
|
||||||
|
|
||||||
|
|
||||||
class LoginHandler(BaseHandler):
|
class ServiceLoginHandler(BaseHandler):
|
||||||
allowed_methods = ('GET')
|
allowed_methods = ('GET')
|
||||||
|
|
||||||
def read(self, request):
|
def read(self, request):
|
||||||
if request.user and request.user.is_authenticated():
|
if not 'user' in request.GET or not 'pass' in request.GET or not 'service' in request.GET:
|
||||||
return {'auth': 'notrequired', 'cookie': request.session.session_key }
|
|
||||||
|
|
||||||
if not 'user' in request.GET or not 'pass' in request.GET:
|
|
||||||
return rc.BAD_REQUEST
|
return rc.BAD_REQUEST
|
||||||
|
|
||||||
if not user.is_active:
|
userobj = authenticate(username=request.GET['user'], password=request.GET['pass'])
|
||||||
return { 'auth': 'disabled' }
|
if userobj and userobj.is_active:
|
||||||
|
try:
|
||||||
|
serv = Service.objects.get(id=request.GET['service'])
|
||||||
|
except:
|
||||||
|
print 'bad service'
|
||||||
|
return rc.BAD_REQUEST
|
||||||
|
|
||||||
|
srvacct = userobj.serviceaccount_set.filter(service=serv)
|
||||||
|
if len(srvacct):
|
||||||
|
return { 'auth': 'ok', 'id': userobj.id, 'username': userobj.username, 'display-username': srvacct[0].service_uid, }
|
||||||
|
|
||||||
userobj = authenticate(user.name, password)
|
|
||||||
if userobj and user.is_active:
|
|
||||||
login(request, user)
|
|
||||||
return { 'auth': 'ok', 'id': user.id, 'username': user.username, 'cookie': request.session.session_key }
|
|
||||||
else:
|
|
||||||
return { 'auth': 'fail' }
|
return { 'auth': 'fail' }
|
||||||
|
|
||||||
class LogoutHandler(BaseHandler):
|
|
||||||
allowed_methods = ('GET')
|
|
||||||
|
|
||||||
def read(self, request):
|
|
||||||
if request.user and not request.user.is_authenticated():
|
|
||||||
return rc.FORBIDDEN
|
|
||||||
|
|
||||||
logout(request)
|
|
||||||
return { 'auth': 'logout', }
|
|
||||||
|
|
||||||
class AccessHandler(BaseHandler):
|
|
||||||
allowed_methods = ('GET')
|
|
||||||
|
|
||||||
def read(self, request):
|
|
||||||
if not request.user and not request.user.is_authenticated():
|
|
||||||
return rc.FORBIDDEN
|
|
||||||
|
|
||||||
if not 'serviceid' in request.GET:
|
|
||||||
return rc.BAD_REQUEST
|
|
||||||
|
|
||||||
sa = ServiceAccount.objects.filter(user=request.user, service=request.GET['serviceid'])
|
|
||||||
|
|
||||||
if sa:
|
|
||||||
return { 'access': True, 'service': sa.service.id,
|
|
||||||
'service_type': sa.service.api, 'service_uid': sa.service_uid,
|
|
||||||
'service_url': sa.service.url, }
|
|
||||||
else:
|
|
||||||
return { 'access': False }
|
|
||||||
|
|||||||
21
api/urls.py
21
api/urls.py
@@ -1,27 +1,18 @@
|
|||||||
from django.conf.urls.defaults import *
|
from django.conf.urls.defaults import *
|
||||||
from piston.resource import Resource
|
from piston.resource import Resource
|
||||||
from piston.authentication import HttpBasicAuthentication, OAuthAuthentication
|
from piston.authentication import HttpBasicAuthentication, OAuthAuthentication, NoAuthentication
|
||||||
|
|
||||||
from api.handlers import *
|
from api.handlers import *
|
||||||
|
|
||||||
auth = OAuthAuthentication()
|
oauth = { 'authentication': OAuthAuthentication() }
|
||||||
#auth = HttpBasicAuthentication(realm="Auth API")
|
noauth = { 'authentication': NoAuthentication() }
|
||||||
ad = { 'authentication': auth }
|
|
||||||
#ad = {}
|
|
||||||
|
|
||||||
user_resource = Resource(handler=UserHandler, **ad)
|
user_resource = Resource(handler=UserHandler, **oauth)
|
||||||
login_resource = Resource(handler=LoginHandler, **ad)
|
servicelogin_resource = Resource(handler=ServiceLoginHandler, **noauth)
|
||||||
logout_resource = Resource(handler=LogoutHandler, **ad)
|
|
||||||
access_resource = Resource(handler=AccessHandler, **ad)
|
|
||||||
|
|
||||||
urlpatterns = patterns('',
|
urlpatterns = patterns('',
|
||||||
url(r'^login/$', login_resource),
|
|
||||||
url(r'^logout/$', logout_resource),
|
|
||||||
url(r'^access/$', access_resource),
|
|
||||||
url(r'^user/$', user_resource),
|
url(r'^user/$', user_resource),
|
||||||
# url(r'^user/(?P<id>\d+)/$', user_resource),
|
url(r'^servicelogin/$', servicelogin_resource),
|
||||||
# url(r'^serviceaccount/$', serviceaccount_resource),
|
|
||||||
# url(r'^serviceaccount/(?P<id>\d+)/$', serviceaccount_resource),
|
|
||||||
)
|
)
|
||||||
|
|
||||||
urlpatterns += patterns('piston.authentication',
|
urlpatterns += patterns('piston.authentication',
|
||||||
|
|||||||
Reference in New Issue
Block a user