Commit 10aed851 authored by Mark Watts's avatar Mark Watts
Browse files

Added http basic authentication to results resources

parent ad9ede13
import logging
from functools import wraps
from django.contrib.auth import authenticate
from django.http import HttpResponse, HttpResponseForbidden
from base64 import b64decode
def basic_auth_required(realm='default'):
def _helper(func):
def _decorator(request, *args, **kwargs):
http_auth = request.META['HTTP_AUTHORIZATION']
authmeth, auth = http_auth.split(' ', 1)
if authmeth.lower() == 'basic':
authb = b64decode(auth.strip())
auth = authb.decode()
username, password = auth.split(':', 1)
user = authenticate(username=username, password=password)
if user is not None:
'Authentication succeeded for {}'.format(username))
return func(request, *args, **kwargs)
return HttpResponseForbidden()
res = HttpResponse()
res.status_code = 401
res.reason_phrase = 'Unauthorized'
res['WWW-Authenticate'] = 'Basic realm="{}"'.format(realm)
return res
return _decorator
return _helper
......@@ -14,6 +14,7 @@ from django.views.decorators.http import require_GET, require_POST
from django.views.decorators.csrf import csrf_exempt
from django.template import RequestContext
from django.conf import settings
from .auth import basic_auth_required
from .models import (Environment, Report, Project, Revision, Result,
Executable, Benchmark, Branch)
......@@ -697,6 +698,7 @@ def displaylogs(request):
def add_result(request):
response, error = save_result(request.POST)
if error:
......@@ -710,6 +712,7 @@ def add_result(request):
def add_json_results(request):
if not request.POST.get('json'):
return HttpResponseBadRequest("No key 'json' in POST payload")
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment