nikdoof/test-auth
1
0
Fork 0
mirror of https://github.com/nikdoof/test-auth.git synced 2025-12-14 23:02:19 +00:00
Code Issues Packages Projects Releases Wiki Activity

Now uses Auth API keys for API access

Browse Source
This commit is contained in:
Andrew Williams
2010-06-15 15:45:10 +01:00
parent dd69956a7c
commit 93eae51933
3 changed files with 52 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

33
api/handlers.py
View File

@@ -1,13 +1,36 @@
import re import re
from datetime import datetime
from piston.handler import BaseHandler from piston.handler import BaseHandler
from piston.utils import rc, throttle from piston.utils import rc, throttle
from django.contrib.auth import login, logout, authenticate from django.contrib.auth import login, logout, authenticate
from django.contrib.auth.models import User from django.contrib.auth.models import User
from django.shortcuts import get_object_or_404
from api.models import AuthAPIKey, AuthAPILog
from eve_api.models import EVEAccount from eve_api.models import EVEAccount
from sso.models import ServiceAccount, Service from sso.models import ServiceAccount, Service
def apikey_required(meth):
def new(*args, **kwargs):
if 'request' in kwargs:
url = kwargs['request'].META['QUERY_STRING']
try:
key = AuthAPIKey.objects.get(key=kwargs['request'].GET['apikey'])
except AuthAPIKey.DoesNotExist:
pass
if key and key.active:
AuthAPILog(key=key, url=url, access_datetime=datetime.utcnow()).save()
return meth(*args, **kwargs)
return rc.NOT_HERE
return new
class UserHandler(BaseHandler): class UserHandler(BaseHandler):
allowed_methods = ('GET') allowed_methods = ('GET')
@@ -57,11 +80,17 @@ class LoginHandler(BaseHandler):
return rc.NOT_HERE return rc.NOT_HERE
d = { 'auth': 'ok', 'id': u.id, 'username': u.username, d = { 'auth': 'ok', 'id': u.id, 'username': u.username,
'password': u.password, 'email': u.email, 'groups': u.groups.all(), 'password': u.password, 'email': u.email, 'groups': u.groups.all() }
'characters': EVEPlayerCharacter.objects.filter(eveaccount__user=u) }
if request.GET['pass'] == user.password: if request.GET['pass'] == user.password:
return d return d
return { 'auth': 'failed' } return { 'auth': 'failed' }
class EveAPIHandler(BaseHandler):
allowed_methods = ('GET')
@apikey_required
def read(self, request, id=None):
return get_object_or_404(EVEAccount, pk=id)

19
api/models.py Normal file
View File

@@ -0,0 +1,19 @@
import re
import unicodedata
import logging
import types
from django.db import models
class AuthAPIKey(models.Model):
name = models.CharField("Service Name", max_length=200)
url = models.CharField("Service URL", max_length=200, blank=True)
active = models.BooleanField(default=True)
key = models.CharField("API Key", max_length=200)
class AuthAPILog(models.Model):
access_datetime = models.DateTimeField()
key = models.ForeignKey(AuthAPIKey)
url = models.CharField("Accessed URL", max_length=200)

2
api/urls.py
View File

@@ -9,10 +9,12 @@ noauth = { 'authentication': NoAuthentication() }
user_resource = Resource(handler=UserHandler, **oauth) user_resource = Resource(handler=UserHandler, **oauth)
login_resource = Resource(handler=LoginHandler, **noauth) login_resource = Resource(handler=LoginHandler, **noauth)
eveapi_resource = Resource(handler=EveAPIHandler, **noauth)
urlpatterns = patterns('', urlpatterns = patterns('',
url(r'^user/$', user_resource), url(r'^user/$', user_resource),
url(r'^login/$', login_resource), url(r'^login/$', login_resource),
url(r'^eveapi/$', eveapi_resource),
) )
urlpatterns += patterns('piston.authentication', urlpatterns += patterns('piston.authentication',