def get_chrome_user_session_info(request): try: oauth_request = SESSION_OAUTH_SERVER.extract_oauth_request(djangoutils.extract_request(request)) consumer, token, parameters = SESSION_OAUTH_SERVER.check_resource_access(oauth_request) return consumer, token, parameters, oauth_request except oauth.OAuthError: return None, None, None, None
def get_chrome_user_session_info(request): try: oauth_request = SESSION_OAUTH_SERVER.extract_oauth_request( djangoutils.extract_request(request)) consumer, token, parameters = SESSION_OAUTH_SERVER.check_resource_access( oauth_request) return consumer, token, parameters, oauth_request except oauth.OAuthError: return None, None, None, None
def session_create(request): password = None if request.POST.has_key("username"): username = request.POST["username"] if request.POST.has_key("password"): password = request.POST["password"] user = auth.authenticate(request, username, password) if not password and request.POST.has_key("system"): system = request.POST["system"] try: AuthSystem.objects.get(short_name=system) user = auth.authenticate(request, username, None, system) except AuthSystem.DoesNotExist: raise PermissionDenied() if not user: raise PermissionDenied() if user.is_active: # auth worked, created a session based token token = SESSION_OAUTH_SERVER.generate_and_preauthorize_access_token(request.principal, user=user) else: raise PermissionDenied() return HttpResponse(str(token), mimetype="text/plain")
def session_create(request): """ Authenticate a user and register a web session for them. request.POST must contain: * *username*: the username of the user to authenticate. request.POST may contain **EITHER**: * *password*: the password to use with *username* against the internal password auth system. * *system*: An external auth system to authenticate the user Will return :http:statuscode:`200` with a valid session token on success, :http:statuscode:`400` if no username was provided, :http:statuscode:`403` if the passed credentials were invalid or it the passed *system* doesn't exist. """ from indivo.accesscontrol import auth user = None username = None password = None if request.POST.has_key('username'): username = request.POST['username'] else: return HttpResponseBadRequest('No username provided') if request.POST.has_key('password'): password = request.POST['password'] user = auth.authenticate(request, username, password) if not password and request.POST.has_key('system'): system = request.POST['system'] try: AuthSystem.objects.get(short_name=system) user = auth.authenticate(request, username, None, system) except AuthSystem.DoesNotExist: raise PermissionDenied() if not password and request.POST.has_key('system'): system = request.POST['system'] try: AuthSystem.objects.get(short_name=system) user = auth.authenticate(request, username, None, system) except AuthSystem.DoesNotExist: raise PermissionDenied() if not user: raise PermissionDenied() if user.is_active: # auth worked, created a session based token from indivo.accesscontrol.oauth_servers import SESSION_OAUTH_SERVER token = SESSION_OAUTH_SERVER.generate_and_preauthorize_access_token(request.principal, user=user) else: logging.debug('indivo.views.pha.session_create(): This user is not active') raise PermissionDenied() return HttpResponse(str(token), mimetype='text/plain')
def session_create(request): from indivo.accesscontrol import auth password = None if request.POST.has_key('username'): username = request.POST['username'] if request.POST.has_key('password'): password = request.POST['password'] user = auth.authenticate(request, username, password) if not password and request.POST.has_key('system'): system = request.POST['system'] try: AuthSystem.objects.get(short_name=system) user = auth.authenticate(request, username, None, system) except AuthSystem.DoesNotExist: raise PermissionDenied() if not user: raise PermissionDenied() if user.is_active: # auth worked, created a session based token from indivo.accesscontrol.oauth_servers import SESSION_OAUTH_SERVER token = SESSION_OAUTH_SERVER.generate_and_preauthorize_access_token(request.principal, user=user) else: raise PermissionDenied() return HttpResponse(str(token), mimetype='text/plain')