def is_authenticated(self, request, **kwargs):
"""
Finds the user and checks their API key.
Should return either ``True`` if allowed, ``False`` if not or an
``HttpResponse`` if you need something custom.
"""
try:
username, api_key = self.extract_credentials(request)
except ValueError:
return self._unauthorized()
if not username or not api_key:
return True
username_field = get_username_field()
User = get_user_model()
try:
lookup_kwargs = {username_field: username}
user = User.objects.get(**lookup_kwargs)
except (User.DoesNotExist, User.MultipleObjectsReturned):
return self._unauthorized()
if not self.check_active(user):
return False
key_auth_check = self.get_key(user, api_key)
if key_auth_check and not isinstance(key_auth_check, HttpUnauthorized):
request.user = user
return key_auth_check
def is_authenticated(self, request, **kwargs):
"""
Finds the user and checks their API key.
Should return either ``True`` if allowed, ``False`` if not or an
``HttpResponse`` if you need something custom.
"""
try:
username, api_key = self.extract_credentials(request)
except ValueError:
return self._unauthorized()
if not username or not api_key:
return self._unauthorized()
username_field = get_username_field()
User = get_user_model()
lookup_kwargs = {username_field: username}
try:
user = User.objects.select_related('api_key').get(**lookup_kwargs)
except (User.DoesNotExist, User.MultipleObjectsReturned):
return self._unauthorized()
if not self.check_active(user):
return False
key_auth_check = self.get_key(user, api_key)
if key_auth_check and not isinstance(key_auth_check, HttpUnauthorized):
request.user = user
return key_auth_check
def get_identifier(self, request):
"""
Provides a unique string identifier for the requestor.
This implementation returns the user's username.
"""
return getattr(request.user, get_username_field())
def get_identifier(self, request):
"""
Provides a unique string identifier for the requestor.
This implementation returns the user's username.
"""
return getattr(request.user, get_username_field())
def get_identifier(self, request):
"""
Provides a unique string identifier for the requestor.
This implementation returns the user's username.
"""
from tastypie.compat import get_username_field
username_field = get_username_field()
return getattr(request.user, username_field)
def get_user(self, username):
username_field = get_username_field()
User = get_user_model()
try:
lookup_kwargs = {username_field: username}
user = User.objects.get(**lookup_kwargs)
except (User.DoesNotExist, User.MultipleObjectsReturned):
return False
return user
def get_user(self, username):
from tastypie.compat import get_user_model, get_username_field
User = get_user_model()
username_field = get_username_field()
try:
lookup_kwargs = {username_field: username}
user = User.objects.get(**lookup_kwargs)
except (User.DoesNotExist, User.MultipleObjectsReturned):
return False
return user
def get_user(self, username):
username_field = get_username_field()
User = get_user_model()
try:
lookup_kwargs = {username_field: username}
user = User.objects.get(**lookup_kwargs)
except (User.DoesNotExist, User.MultipleObjectsReturned):
return False
return user
def get_user(self, username):
# Determine which user object to use and what its user-name field is
User = get_user_model()
username_field = get_username_field()
try:
lookup_kwargs = {username_field: username}
user = User.objects.get(**lookup_kwargs)
except (User.DoesNotExist, User.MultipleObjectsReturned):
return False
return user
def is_authenticated(self, request, **kwargs):
"""
Finds the user and checks their API key.
Should return either ``True`` if allowed, ``False`` if not or an
``HttpResponse`` if you need something custom.
"""
try:
x_identity, x_signature = self.extract_credentials(request)
except ValueError:
return self._unauthorized()
if not x_identity or not x_signature:
return self._unauthorized()
print "tried with id , sig"
print x_identity
print x_signature
#verify signature against identity
#done below self.get_verification(x_identity, x_signature)
#get the sin so we can lookup the user
thesin = self.get_sin(x_identity)
print "SIN YO"
print thesin
print x_identity
#lookup the username related to this identity
username_lookup = self.get_user(thesin)
if username_lookup and not isinstance(username_lookup,
HttpUnauthorized):
username = username_lookup
else:
return self._unauthorized()
print "user"
print username
#this shit below seems nessecary for tastypie ... need to investigate
username_field = get_username_field()
User = get_user_model()
try:
lookup_kwargs = {username_field: username}
user = User.objects.get(**lookup_kwargs)
except (User.DoesNotExist, User.MultipleObjectsReturned):
return self._unauthorized()
#no unactive users here pls
if not self.check_active(user):
return False
#validate the signature against public key in our db and authorize the request against
key_auth_check = self.verify_signature(
"http://localhost:8000/api/v1/user/", x_identity, x_signature)
if key_auth_check and not isinstance(key_auth_check, HttpUnauthorized):
request.user = user
print request.user
return key_auth_check
def is_authenticated(self, request, **kwargs):
"""
Finds the user and checks their API key.
Should return either ``True`` if allowed, ``False`` if not or an
``HttpResponse`` if you need something custom.
"""
try:
x_identity, x_signature = self.extract_credentials(request)
except ValueError:
return self._unauthorized()
if not x_identity or not x_signature:
return self._unauthorized()
print "tried with id , sig"
print x_identity
print x_signature
#verify signature against identity
#done below self.get_verification(x_identity, x_signature)
#get the sin so we can lookup the user
thesin = self.get_sin(x_identity)
print "SIN YO"
print thesin
print x_identity
#lookup the username related to this identity
username_lookup = self.get_user(thesin)
if username_lookup and not isinstance(username_lookup, HttpUnauthorized):
username = username_lookup
else:
return self._unauthorized()
print "user"
print username
#this shit below seems nessecary for tastypie ... need to investigate
username_field = get_username_field()
User = get_user_model()
try:
lookup_kwargs = {username_field: username}
user = User.objects.get(**lookup_kwargs)
except (User.DoesNotExist, User.MultipleObjectsReturned):
return self._unauthorized()
#no unactive users here pls
if not self.check_active(user):
return False
#validate the signature against public key in our db and authorize the request against
key_auth_check = self.verify_signature("http://localhost:8000/api/v1/user/", x_identity, x_signature)
if key_auth_check and not isinstance(key_auth_check, HttpUnauthorized):
request.user = user
print request.user
return key_auth_check