diff --git a/api/urls.py b/api/urls.py index 6310271..c76fd7e 100644 --- a/api/urls.py +++ b/api/urls.py @@ -1,10 +1,11 @@ from django.conf.urls.defaults import * from piston.resource import Resource -from piston.authentication import HttpBasicAuthentication +from piston.authentication import HttpBasicAuthentication, OAuthAuthentication from api.handlers import * -auth = HttpBasicAuthentication(realm="Auth API") +auth = OAuthAuthentication() +#auth = HttpBasicAuthentication(realm="Auth API") ad = { 'authentication': auth } #ad = {} @@ -22,3 +23,10 @@ urlpatterns = patterns('', # url(r'^serviceaccount/$', serviceaccount_resource), # url(r'^serviceaccount/(?P\d+)/$', serviceaccount_resource), ) + +urlpatterns += patterns('piston.authentication', + url(r'^oauth/request_token/$','oauth_request_token'), + url(r'^oauth/authorize/$','oauth_user_auth'), + url(r'^oauth/access_token/$','oauth_access_token'), +) + diff --git a/api/views.py b/api/views.py new file mode 100644 index 0000000..dc54b82 --- /dev/null +++ b/api/views.py @@ -0,0 +1,4 @@ +from django.http import HttpResponse + +def oauth_callback(request, other): + return HttpResponse('Fake callback view.') diff --git a/settings.py b/settings.py index 5f9f426..0f0e8ad 100644 --- a/settings.py +++ b/settings.py @@ -75,6 +75,7 @@ INSTALLED_APPS = ( 'django.contrib.sites', 'django.contrib.humanize', 'django_evolution', + 'piston', 'registration', 'eve_proxy', 'eve_api', @@ -85,6 +86,10 @@ INSTALLED_APPS = ( 'api', ) +# API OAuth +#OAUTH_AUTH_VIEW = 'api.views.oauth.authorize_oauth' +OAUTH_CALLBACK_VIEW = 'api.views.oauth_callback' + # Disable the service API, used for data imports DISABLE_SERVICES = False diff --git a/templates/oauth/challenge.html b/templates/oauth/challenge.html new file mode 100644 index 0000000..e69de29 diff --git a/templates/piston/authorize_token.html b/templates/piston/authorize_token.html new file mode 100644 index 0000000..01bc637 --- /dev/null +++ b/templates/piston/authorize_token.html @@ -0,0 +1,18 @@ +{% extends "base.html" %} + +{% block title %}OAuth Access Authorization{% endblock %} + +{% block content %} + +

Access Authorization

+ +

You have come here because you are in the process of allowing a external application to access your private Auth data. If you are not, then please close this window. Otherwise, please confirm below if you wish to give access to your private Auth data. This can be revoked at any time from the main Auth panel.

+ +
+ + {{ form.as_table }} +
+ +
+ +{% endblock %}