nikdoof/test-auth
1
0
Fork 0
mirror of https://github.com/nikdoof/test-auth.git synced 2025-12-14 06:42:16 +00:00
Code Issues Packages Projects Releases Wiki Activity

Further work on the v2 API, new EVE Proxy

Browse Source
This commit is contained in:
Andrew Williams
2011-01-10 09:21:22 +00:00
parent 7be1f97cba
commit 6498338686
2 changed files with 51 additions and 7 deletions
Download Patch File Download Diff File Expand all files Collapse all files

53
api/handlers/v2.py
View File

@@ -1,10 +1,13 @@
from django.contrib.auth.models import User from django.contrib.auth.models import User
from django.shortcuts import get_object_or_404
from piston.handler import BaseHandler from piston.handler import BaseHandler
from piston.utils import rc from piston.utils import rc
class AuthenticationHandler(BaseHandler): from eve_api.models import EVEAccount
from eve_proxy.models import CachedDocument
class V2AuthenticationHandler(BaseHandler):
""" """
Authenticate a user against the Auth user DB. Authenticate a user against the Auth user DB.
Provides back a session allowing further access Provides back a session allowing further access
@@ -13,13 +16,51 @@ class AuthenticationHandler(BaseHandler):
allowed_methods = ('GET') allowed_methods = ('GET')
def read(self, request, username, password): def read(self, request, username, password):
"""
Validates login details for the provided user as
long as 'username' and 'password' are provided.
"""
try:
user = User.object.get(username=username)
except User.DoesNotExist:
resp = rc.NOT_FOUND
resp.write({'auth': 'notfound'})
return resp
user = get_object_or_404(User, username=username)
if password and password == user.get_profile().api_service_password: if password and password == user.get_profile().api_service_password:
return {'id': user.id, 'username': user.username, return {'userid': user.id,
'email': user.email, 'groups': user.groups.all(), 'username': user.username,
'staff': user.is_staff, 'superuser': user.is_superuser} 'email': user.email,
'groups': user.groups.all().values_list('id', 'name'),
'staff': user.is_staff,
'superuser': user.is_superuser}
resp = rc.FORBIDDEN resp = rc.FORBIDDEN
resp.write({'auth': 'failed'}) resp.write({'auth': 'failed'})
return resp return resp
class V2EveAPIProxyHandler(BaseHandler):
allowed_methods = ('GET')
def read(self, request):
url_path = request.META['PATH_INFO'].url_path.replace(reverse('v2-api-eveapiproxy'), "/")
params = {}
for key, value in request.GET.items():
params[key.lower()] = value
try:
userid = request.GET.get('userid', None)
obj = EVEAccount.objects.get(api_user_id=userid)
params['apikey'] = obj.api_key
except EVEAccount.DoesNotExist:
pass
try:
cached_doc = CachedDocument.objects.api_query(url_path, params)
except DocumentRetrievalError:
return HttpResponse(status=500)
else:
return HttpResponse(cached_doc.body)

5
api/urls.py
View File

@@ -28,8 +28,11 @@ urlpatterns = patterns('',
) )
# v2 APIs # v2 APIs
v2_authenticate_resource = Resource(handler=AuthenticationHandler, **noauth) v2_authenticate_resource = Resource(handler=V2AuthenticationHandler, **noauth)
v2_eveapiproxy_resource = Resource(handler=V2EveAPIProxyHandler, **apikeyauth)
urlpatterns += patterns('', urlpatterns += patterns('',
url(r'^v2/authenticate/$', v2_authenticate_resource), url(r'^v2/authenticate/$', v2_authenticate_resource),
url(r'^v2/proxy/', eveapiproxy_resource, name='v2-api-eveapiproxy'),
) )