def view_or_basicauth(view, request, realm = "", *args, **kwargs):
if request.user.is_authenticated():
return view(request, *args, **kwargs)
auth = request.META.get('HTTP_AUTHORIZATION','').split()
if len(auth) == 2 and auth[0].lower() == 'basic':
try: # Browser based Auth
uname, passwd = b64decode(auth[1]).split(':')
user = authenticate(username=uname, password=passwd)
if user != None and user.is_active:
login(request, user) # ORLY?
request.user = user
return view(request, *args, **kwargs)
except ValueError: # Can has Keyed Auth ????
hash = b64decode(auth[1])
try:
host = get_ip(request)
# Does key exist?
user = Key.objects.get(key=hash,hostname=host).user
# Does hash match?
assert hash == get_hexdigest('sha1', host, user.username)
# Then login if active
if user.is_active:
user.backend = 'django.contrib.auth.backends.ModelBackend'
login(request, user) # ORLY?
return view(request, *args, **kwargs)
except (AssertionError, Key.DoesNotExist):
# WTF!
pass
# NO WAI!!!
response = HttpResponse('Not authorized')
response.status_code = 401
response['WWW-Authenticate'] = 'Basic realm="%s"' % realm
return response
def create_from_transaction(self, request, response, msg):
try:
msg = unicode(msg[:100])
except UnicodeDecodeError:
msg = quote(msg[:100])[:100]
user = None
if hasattr(request, 'user'):
user = request.user
return self.create(
ip = apibuilder.get_ip(request),
path = request.path[:255],
user = user,
query = urlencode(request.GET.items()),
status_code = response.status_code,
comment = msg,
method = request.method
)