Commit 8b12ff81 authored by Mark Watts's avatar Mark Watts
Browse files

Added a check for user in case some other authentication is used.

- Also, named the logger and added some helpful logging
parent 9a938cb1
......@@ -6,6 +6,7 @@ from django.conf import settings
from base64 import b64decode
__ALL__ = ['basic_auth_required']
logger = logging.getLogger(__name__)
def basic_auth_required(realm='default'):
......@@ -13,10 +14,14 @@ def basic_auth_required(realm='default'):
@wraps(func)
def _decorator(request, *args, **kwargs):
allowed = False
logging.info('request is secure? {}'.format(request.is_secure()))
logger.info('request is secure? {}'.format(request.is_secure()))
if settings.ALLOW_ANONYMOUS_POST:
logger.debug('allowing anonymous post')
allowed = True
elif hasattr(request, 'user') and request.user.is_authenticated():
allowed = True
elif 'HTTP_AUTHORIZATION' in request.META:
logger.debug('checking for http authorization header')
if settings.REQUIRE_SECURE_AUTH and not request.is_secure():
return insecure_connection_response()
http_auth = request.META['HTTP_AUTHORIZATION']
......@@ -25,16 +30,19 @@ def basic_auth_required(realm='default'):
username, password = decode_basic_auth(auth)
user = authenticate(username=username, password=password)
if user is not None and user.is_active:
logging.info(
logger.info(
'Authentication succeeded for {}'.format(username))
login(request, user)
allowed = True
else:
logger.info(
'Failed auth for {}'.format(username))
return HttpResponseForbidden()
if allowed:
return func(request, *args, **kwargs)
if settings.REQUIRE_SECURE_AUTH and not request.is_secure():
logger.debug('not requesting auth over an insecure channel')
return insecure_connection_response()
else:
res = HttpResponse()
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment