def get_user(request):
from seahub.auth.models import AnonymousUser
try:
username = request.session[SESSION_KEY]
backend_path = request.session[BACKEND_SESSION_KEY]
backend = load_backend(backend_path)
user = backend.get_user(username) or AnonymousUser()
except KeyError:
user = AnonymousUser()
return user
def authenticate(self, request):
"""
auth request from repo_api_token,
fill request.user with AnonymousUser temporarily,
return key from headers' token,
and set request.token_creator to person whom repo_api_token was generated by
:param request: request
:return: AnonymousUser, repo_api_token
"""
auth = request.META.get('HTTP_AUTHORIZATION', '').split()
if not auth or auth[0].lower() != 'token':
return None
if len(auth) == 1:
msg = 'Invalid token header. No credentials provided.'
raise AuthenticationFailed(msg)
elif len(auth) > 2:
msg = 'Invalid token header. Token string should not contain spaces.'
raise AuthenticationFailed(msg)
rat = RepoAPITokens.objects.filter(token=auth[1]).first()
if not rat:
raise AuthenticationFailed('Token inactive or deleted')
request.repo_api_token_obj = rat
return AnonymousUser(), auth[1]
def logout(request):
"""
Removes the authenticated user's ID from the request and flushes their
session data.
Also remove all passwords used to decrypt repos.
"""
request.session.flush()
if hasattr(request, 'user'):
from seahub.base.accounts import User
if isinstance(request.user, User):
pass
from seahub.auth.models import AnonymousUser
request.user = AnonymousUser()
def logout(request):
"""
Removes the authenticated user's ID from the request and flushes their
session data.
Also remove all passwords used to decrypt repos.
"""
request.session.flush()
if hasattr(request, 'user'):
from seahub.base.accounts import User
if isinstance(request.user, User):
if is_org_context(request):
org_id = request.user.org.org_id
request.user.remove_org_repo_passwds(org_id)
else:
request.user.remove_repo_passwds()
from seahub.auth.models import AnonymousUser
request.user = AnonymousUser()
def auth(request):
"""
Returns context variables required by apps that use Django's authentication
system.
If there is no 'user' attribute in the request, uses AnonymousUser (from
django.contrib.auth).
"""
if hasattr(request, 'user'):
user = request.user
else:
from seahub.auth.models import AnonymousUser
user = AnonymousUser()
return {
'user': user,
'perms': None,
}
def test_anonymous_user(self):
self.request.user = AnonymousUser()
unenc_repos = get_unencry_rw_repos_by_user(self.request)
assert len(unenc_repos) == 0
def test_anonymous_user(self):
self.fake_request.user = AnonymousUser()
resp = a_view(self.fake_request, self.group.id)
self.assertEqual(resp.status_code, 302)
self.assertRegex(resp['Location'], '/accounts/login')
def _anon_post_request(self, data={}, session={}):
request = self.factory.post('/rand', data)
request.user = AnonymousUser()
request.session = session
request.cloud_mode = False
return request
def _anon_request(self, session={}):
request = self.factory.get('/rand')
request.user = AnonymousUser()
request.session = session
request.cloud_mode = False
return request
