[snowy] [api] Allow session-based API access for times when OAuth is overkill

From: Sanford Armstrong <sharm src gnome org>
To: commits-list gnome org
Cc:
Subject: [snowy] [api] Allow session-based API access for times when OAuth is overkill
Date: Fri, 5 Nov 2010 16:56:02 +0000 (UTC)

commit 569487c7486585d3975ae3a72cb5732b85b07c80
Author: Sandy Armstrong <sanfordarmstrong gmail com>
Date:   Tue Sep 14 21:54:36 2010 -0700

    [api] Allow session-based API access for times when OAuth is overkill
    
    Useful for data export, hypothetical HTML5 offline clients, etc.
    
    The challenge() method in SessionAuthentication needs some thought.

 api/pistonextensions.py |   21 +++++++++++++++++++++
 api/urls.py             |    8 +++++---
 2 files changed, 26 insertions(+), 3 deletions(-)
---
diff --git a/api/pistonextensions.py b/api/pistonextensions.py
new file mode 100644
index 0000000..6dbfd88
--- /dev/null
+++ b/api/pistonextensions.py
@@ -0,0 +1,21 @@
+# This code is copied from http://yml-blog.blogspot.com/2009/10/django-piston-authentication-against.html
+class SessionAuthentication(object):
+    """
+    Session-based authentication
+    """
+    def is_authenticated(self, request):
+        """
+        This method call the `is_authenticated` method of django
+        User in django.contrib.auth.models.
+
+        `is_authenticated`: Will be called when checking for
+        authentication. It returns True if the user is authenticated
+        False otherwise.
+        """
+        self.request = request
+        return request.user.is_authenticated()
+
+    #TODO: A real challenge here would be nice
+    def challenge(self):
+        import piston
+        return piston.authentication.OAuthAuthentication().challenge()
diff --git a/api/urls.py b/api/urls.py
index 524beb8..cd2af79 100644
--- a/api/urls.py
+++ b/api/urls.py
@@ -17,14 +17,16 @@
 
 from django.conf.urls.defaults import *
 
-from piston.authentication import HttpBasicAuthentication, OAuthAuthentication
+from piston.authentication import OAuthAuthentication
 from piston.resource import Resource
 
 from snowy.api.handlers import *
+from snowy.api.pistonextensions import SessionAuthentication
 
-auth = HttpBasicAuthentication(realm='Snowy')
+sessionauth = SessionAuthentication()
 authoauth = OAuthAuthentication(realm='Snowy')
-ad = {'authentication': authoauth}
+AUTHENTICATORS = [authoauth, sessionauth]
+ad = {'authentication': AUTHENTICATORS}
 
 root_handler = Resource(handler=RootHandler, **ad)
 user_handler = Resource(UserHandler)

[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]