diff options
Diffstat (limited to 'lib/python2.7/site-packages/django/contrib/auth/middleware.py')
| -rw-r--r-- | lib/python2.7/site-packages/django/contrib/auth/middleware.py | 91 |
1 files changed, 0 insertions, 91 deletions
diff --git a/lib/python2.7/site-packages/django/contrib/auth/middleware.py b/lib/python2.7/site-packages/django/contrib/auth/middleware.py deleted file mode 100644 index f38efdd..0000000 --- a/lib/python2.7/site-packages/django/contrib/auth/middleware.py +++ /dev/null @@ -1,91 +0,0 @@ -from django.contrib import auth -from django.contrib.auth import load_backend -from django.contrib.auth.backends import RemoteUserBackend -from django.core.exceptions import ImproperlyConfigured -from django.utils.functional import SimpleLazyObject - - -def get_user(request): - if not hasattr(request, '_cached_user'): - request._cached_user = auth.get_user(request) - return request._cached_user - - -class AuthenticationMiddleware(object): - def process_request(self, request): - assert hasattr(request, 'session'), "The Django authentication middleware requires session middleware to be installed. Edit your MIDDLEWARE_CLASSES setting to insert 'django.contrib.sessions.middleware.SessionMiddleware'." - - request.user = SimpleLazyObject(lambda: get_user(request)) - - -class RemoteUserMiddleware(object): - """ - Middleware for utilizing Web-server-provided authentication. - - If request.user is not authenticated, then this middleware attempts to - authenticate the username passed in the ``REMOTE_USER`` request header. - If authentication is successful, the user is automatically logged in to - persist the user in the session. - - The header used is configurable and defaults to ``REMOTE_USER``. Subclass - this class and change the ``header`` attribute if you need to use a - different header. - """ - - # Name of request header to grab username from. This will be the key as - # used in the request.META dictionary, i.e. the normalization of headers to - # all uppercase and the addition of "HTTP_" prefix apply. - header = "REMOTE_USER" - - def process_request(self, request): - # AuthenticationMiddleware is required so that request.user exists. - if not hasattr(request, 'user'): - raise ImproperlyConfigured( - "The Django remote user auth middleware requires the" - " authentication middleware to be installed. Edit your" - " MIDDLEWARE_CLASSES setting to insert" - " 'django.contrib.auth.middleware.AuthenticationMiddleware'" - " before the RemoteUserMiddleware class.") - try: - username = request.META[self.header] - except KeyError: - # If specified header doesn't exist then remove any existing - # authenticated remote-user, or return (leaving request.user set to - # AnonymousUser by the AuthenticationMiddleware). - if request.user.is_authenticated(): - try: - stored_backend = load_backend(request.session.get( - auth.BACKEND_SESSION_KEY, '')) - if isinstance(stored_backend, RemoteUserBackend): - auth.logout(request) - except ImproperlyConfigured as e: - # backend failed to load - auth.logout(request) - return - # If the user is already authenticated and that user is the user we are - # getting passed in the headers, then the correct user is already - # persisted in the session and we don't need to continue. - if request.user.is_authenticated(): - if request.user.get_username() == self.clean_username(username, request): - return - # We are seeing this user for the first time in this session, attempt - # to authenticate the user. - user = auth.authenticate(remote_user=username) - if user: - # User is valid. Set request.user and persist user in the session - # by logging the user in. - request.user = user - auth.login(request, user) - - def clean_username(self, username, request): - """ - Allows the backend to clean the username, if the backend defines a - clean_username method. - """ - backend_str = request.session[auth.BACKEND_SESSION_KEY] - backend = auth.load_backend(backend_str) - try: - username = backend.clean_username(username) - except AttributeError: # Backend has no clean_username method. - pass - return username |