def authenticate(self, request):
"""
Returns a `User` if a correct username and password have been supplied
using HTTP Basic authentication. Otherwise returns `None`.
"""
auth = request.META.get('HTTP_AUTHORIZATION', b'')
if type(auth) == type(''):
# Work around django test client oddness
auth = auth.encode(HTTP_HEADER_ENCODING)
auth = auth.split()
if not auth or auth[0].lower() != b'basic':
return None
if len(auth) != 2:
raise exceptions.AuthenticationFailed(user_messages.get("invalid_basic_header"))
try:
auth_parts = base64.b64decode(auth[1]).decode(HTTP_HEADER_ENCODING).partition(':')
except (TypeError, UnicodeDecodeError):
raise exceptions.AuthenticationFailed(user_messages.get("invalid_basic_header"))
try:
userid, password = auth_parts[0], auth_parts[2]
except DjangoUnicodeDecodeError:
raise exceptions.AuthenticationFailed(user_messages.get("invalid_basic_header"))
return self.authenticate_credentials(userid, password)
def authenticate(self, request):
"""
Returns a `User` if a correct username and password have been supplied
using HTTP Basic authentication. Otherwise returns `None`.
"""
auth = request.META.get('HTTP_AUTHORIZATION', b'')
if type(auth) == type(''):
# Work around django test client oddness
auth = auth.encode(HTTP_HEADER_ENCODING)
auth = auth.split()
if not auth or auth[0].lower() != b'basic':
return None
if len(auth) != 2:
raise exceptions.AuthenticationFailed(
user_messages.get("invalid_basic_header"))
try:
auth_parts = base64.b64decode(
auth[1]).decode(HTTP_HEADER_ENCODING).partition(':')
except (TypeError, UnicodeDecodeError):
raise exceptions.AuthenticationFailed(
user_messages.get("invalid_basic_header"))
try:
userid, password = auth_parts[0], auth_parts[2]
except DjangoUnicodeDecodeError:
raise exceptions.AuthenticationFailed(
user_messages.get("invalid_basic_header"))
return self.authenticate_credentials(userid, password)
def authenticate_credentials(self, key):
"""
Authenticate the token.
"""
try:
user = User.objects.get(token=key)
except Exception:
raise exceptions.AuthenticationFailed(user_messages.get("invalid token"))
if user.is_valid_token():
return (user, None)
raise exceptions.AuthenticationFailed(user_messages.get("invalid_token"))
def authenticate_credentials(self, key):
"""
Authenticate the token.
"""
try:
user = User.objects.get(token=key)
except Exception:
raise exceptions.AuthenticationFailed(
user_messages.get("invalid token"))
if user.is_valid_token():
return (user, None)
raise exceptions.AuthenticationFailed(
user_messages.get("invalid_token"))
def validate_confirm_password(self, attrs, source):
if not self.object:
password = attrs['password']
confirm_password = attrs[source]
if password != confirm_password:
raise serializers.ValidationError(user_messages.get("invalid_confirm_password"))
return attrs
def validate_confirm_password(self, attrs, source):
if not self.object:
password = attrs['password']
confirm_password = attrs[source]
if password != confirm_password:
raise serializers.ValidationError(
user_messages.get("invalid_confirm_password"))
return attrs
def validate_username(self, attrs, source):
username = attrs[source]
try:
User.objects.get_by_username(username)
raise serializers.ValidationError(user_messages.get("duplicated_username") % username)
except ObjectDoesNotExist:
pass
return attrs
def authenticate(self, request):
auth = request.META.get('HTTP_AUTHORIZATION', '').split()
if not auth or auth[0].lower() != "token":
return None
if len(auth) != 2:
raise exceptions.AuthenticationFailed(user_messages.get("invalid_token_header"))
return self.authenticate_credentials(auth[1])
def validate_username(self, attrs, source):
username = attrs[source]
try:
User.objects.get_by_username(username)
raise serializers.ValidationError(
user_messages.get("duplicated_username") % username)
except ObjectDoesNotExist:
pass
return attrs
def authenticate(self, request):
auth = request.META.get('HTTP_AUTHORIZATION', '').split()
if not auth or auth[0].lower() != "token":
return None
if len(auth) != 2:
raise exceptions.AuthenticationFailed(
user_messages.get("invalid_token_header"))
return self.authenticate_credentials(auth[1])