Example #1
0
 def wrapper(*args, **kwargs):
   request = args[0]
   if getDjangoTicketHeader() not in request.META:
     responseString = "Must provide the " + getTicketHeader() + " header. "
     return HttpResponseBadRequest(responseString)
   elif not isValidTicket(request.META[getDjangoTicketHeader()]):
     return HttpResponseForbidden("Invalid ticket")
   else:
     return function(*args, **kwargs)
Example #2
0
 def wrapper(*args, **kwargs):
   request = args[0]
   user_id = kwargs['user_id']
   if getDjangoTicketHeader() not in request.META:
     responseString = "Must provide the " + getTicketHeader() + " header. "
     return HttpResponseBadRequest(responseString)
   elif not isValidTicket(
     request.META[getDjangoTicketHeader()],
     request.META['REMOTE_ADDR']):
     return HttpResponseForbidden("Invalid ticket: \"" + 
       request.META[getDjangoTicketHeader()] + "\"")
   elif not ticketMatchesUser(request, user_id):
     return HttpResponseForbidden("The ticket doesn't match the given user\n" +
       "Give Ticket: \"" + request.META[getDjangoTicketHeader()] + "\"\n" +
       "Given User id: \"" + user_id + "\"")
   else:
     return function(*args, **kwargs)
Example #3
0
 def doPost(self, url, args):
   return self.client.post(url, args, **{getDjangoTicketHeader() : self.ticket_hash})
Example #4
0
 def doDelete(self, url):
   return self.client.delete(url, **{getDjangoTicketHeader() : self.ticket_hash})
Example #5
0
 def doGet(self, url):
   return self.client.get(url, **{getDjangoTicketHeader() : self.ticket_hash})
Example #6
0
 def doJSONPut(self, url, payload):
  return self.client.put(
     url,
     data=payload, content_type='text/json', 
     **{getDjangoTicketHeader() : self.ticket_hash})
Example #7
0
 def doDelete(self, url, headers={}):
   headers[getDjangoTicketHeader()] = self.ticket_hash
   return self.client.delete(url, **headers)
Example #8
0
 def doPut(self, url, headers={}):
   headers[getDjangoTicketHeader()] = self.ticket_hash
   return self.client.put(url, **headers)
Example #9
0
 def doJSONPut(self, url, payload, headers={}):
   headers[getDjangoTicketHeader()] = self.ticket_hash
   return self.client.put(
     url,
     data=payload, content_type='text/json',
     **headers)
Example #10
0
File: auth.py Project: houdekk/UDJ
def ticketMatchesUser(request, provided_user_id):
  matchingTickets = Ticket.objects.filter(
    ticket_hash=request.META[getDjangoTicketHeader()], 
    user__id=provided_user_id)
  return len(matchingTickets) > 0
Example #11
0
File: auth.py Project: houdekk/UDJ
def getUserForTicket(request):
  return Ticket.objects.get(
    ticket_hash=request.META[getDjangoTicketHeader()]).user