def login_with_basic_auth_required(view, request, *args, **kwargs):
"""
Django view decorator that requires basic authentication
and sets request.user to a Django-Short-Urls User if found.
Raises proper HTTP exceptions otherwise.
"""
user = None
if 'HTTP_AUTHORIZATION' in request.META:
method, _, auth = request.META['HTTP_AUTHORIZATION'].partition(' ')
if method.lower() == 'basic':
login, _, api_key = _safe_base64_decode(auth.strip()).partition(':')
user = User.objects(login=login, api_key=api_key).first() # pylint: disable=no-member
if user is None:
response = HttpResponse("Authorization Required", status=HTTP_UNAUTHORIZED, content_type="text/plain")
response['WWW-Authenticate'] = "Basic realm=API"
return response
request.user = user
return view(request, *args, **kwargs)
def setUp(self):
self.factory = RequestFactory()
self.user = User(login="******",
api_key="foobar",
email='*****@*****.**').save()
self.data = {'login': self.user.login, 'api_key': self.user.api_key}
def new(request):
'''
Create a new short url based on the POST parameters
'''
if 'login' in request.REQUEST and 'api_key' in request.REQUEST:
login = request.REQUEST['login']
api_key = request.REQUEST['api_key']
user = User.objects(login=login, api_key=api_key).first()
else:
user = None
if user is None:
return response(status=HTTP_UNAUTHORIZED,
message="Invalid credentials.")
params = {}
if 'long_url' in request.REQUEST:
params['long_url'] = request.REQUEST['long_url']
(is_valid, error_message) = validate_url(params['long_url'])
else:
(is_valid, error_message) = (False, "Missing parameter: 'long_url'")
if not is_valid:
return response(status=HTTP_BAD_REQUEST, message=error_message)
for key in ['short_path', 'prefix']:
if key in request.REQUEST:
params[key] = request.REQUEST[key]
if '/' in params[key]:
return response(status=HTTP_BAD_REQUEST,
message="%s may not contain a '/' character." %
key)
try:
link = Link.shorten(**params)
getLogger('app').info('Successfully shortened %s into %s for user %s',
link.long_url, link.hash, login)
except ShortPathConflict, err:
del params['short_path'], params['long_url']
if 'prefix' in params:
del params['prefix']
params['hash'] = err.link.hash
return response(status=HTTP_CONFLICT, message=str(err), **params)
def new(request):
'''
Create a new short url based on the POST parameters
'''
if 'login' in request.REQUEST and 'api_key' in request.REQUEST:
login = request.REQUEST['login']
api_key = request.REQUEST['api_key']
user = User.objects(login=login, api_key=api_key).first()
else:
user = None
if user is None:
return response(status=HTTP_UNAUTHORIZED, message="Invalid credentials.")
params = {}
if 'long_url' in request.REQUEST:
params['long_url'] = request.REQUEST['long_url']
(is_valid, error_message) = validate_url(params['long_url'])
else:
(is_valid, error_message) = (False, "Missing parameter: 'long_url'")
if not is_valid:
return response(status=HTTP_BAD_REQUEST, message=error_message)
allow_slashes_in_prefix = 'allow_slashes_in_prefix' in request.REQUEST
for key in ['short_path', 'prefix']:
if key in request.REQUEST:
params[key] = request.REQUEST[key]
if '/' in params[key] and not (key == 'prefix' and allow_slashes_in_prefix):
return response(
status=HTTP_BAD_REQUEST,
message="%s may not contain a '/' character." % key)
try:
link = Link.shorten(**params)
getLogger('app').info('Successfully shortened %s into %s for user %s', link.long_url, link.hash, login)
except ShortPathConflict, err:
del params['short_path'], params['long_url']
if 'prefix' in params:
del params['prefix']
params['hash'] = err.link.hash
return response(status=HTTP_CONFLICT, message=str(err), **params)
