mirror of
https://github.com/haiwen/seahub.git
synced 2025-09-02 07:27:04 +00:00
for mobile auth
This commit is contained in:
poet
3
.gitignore
vendored
3
.gitignore
vendored
@@ -13,3 +13,6 @@ restart.sh
|
|||||||
settings.py.mysql
|
settings.py.mysql
|
||||||
settings.py.sqlite
|
settings.py.sqlite
|
||||||
secret_key.py
|
secret_key.py
|
||||||
|
run-seahub.sh
|
||||||
|
setenv.sh
|
||||||
|
.DS_Store
|
||||||
|
|||||||
@@ -4,14 +4,15 @@ from views import *
|
|||||||
|
|
||||||
|
|
||||||
urlpatterns = patterns('',
|
urlpatterns = patterns('',
|
||||||
|
url(r'^ping/$', Ping.as_view()),
|
||||||
|
url(r'login/$', api_login),
|
||||||
url(r'^$', ReposView.as_view()),
|
url(r'^$', ReposView.as_view()),
|
||||||
url(r'^/$', ReposView.as_view()),
|
|
||||||
url(r'^repo/list/$', ReposView.as_view(), name='repos'),
|
url(r'^repo/list/$', ReposView.as_view(), name='repos'),
|
||||||
url(r'^repo/(?P<repo_id>[^/]+)/$', RepoView.as_view(), name='repo'),
|
url(r'^repo/(?P<repo_id>[^/]+)/$', RepoView.as_view(), name='repo'),
|
||||||
|
|
||||||
url(r'^dir/(?P<repo_id>[^/]+)/root/$', RepoDirPathView.as_view()),
|
url(r'^dir/(?P<repo_id>[^/]+)/root/$', RepoDirPathView.as_view()),
|
||||||
url(r'^dir/(?P<repo_id>[^/]+)/$', RepoDirPathView.as_view(), name='repo-dir-path'),
|
url(r'^dir/(?P<repo_id>[^/]+)/$', RepoDirPathView.as_view(), name='repo-dir-path'),
|
||||||
url(r'^dir/(?P<repo_id>[^/]+)/(?P<dir_id>[^/]+)/$', RepoDirIdView.as_view(), name='repo-dirr-id'),
|
url(r'^dir/(?P<repo_id>[^/]+)/(?P<dir_id>[^/]+)/$', RepoDirIdView.as_view(), name='repo-dir-id'),
|
||||||
url(r'^file/(?P<repo_id>[^/]+)/(?P<file_id>[^/]+)/$', RepoFileView.as_view(), name='repo-file'),
|
url(r'^file/(?P<repo_id>[^/]+)/(?P<file_id>[^/]+)/$', RepoFileView.as_view(), name='repo-file'),
|
||||||
)
|
)
|
||||||
|
|
||||||
|
|||||||
28
api/views.py
28
api/views.py
@@ -27,6 +27,9 @@ from djangorestframework.mixins import ResponseMixin
|
|||||||
from djangorestframework.response import Response
|
from djangorestframework.response import Response
|
||||||
from django.core.urlresolvers import reverse
|
from django.core.urlresolvers import reverse
|
||||||
|
|
||||||
|
from auth.forms import AuthenticationForm
|
||||||
|
from auth import login as auth_login
|
||||||
|
from django.views.decorators.csrf import csrf_exempt
|
||||||
|
|
||||||
|
|
||||||
json_content_type = 'application/json; charset=utf-8'
|
json_content_type = 'application/json; charset=utf-8'
|
||||||
@@ -97,6 +100,30 @@ def get_dir_entrys_by_id(reqquest, dir_id):
|
|||||||
return HttpResponse(json.dumps(dentrys), status=200,
|
return HttpResponse(json.dumps(dentrys), status=200,
|
||||||
content_type=json_content_type)
|
content_type=json_content_type)
|
||||||
|
|
||||||
|
@csrf_exempt
|
||||||
|
def api_login(request):
|
||||||
|
if request.method == "POST" :
|
||||||
|
form = AuthenticationForm(data=request.POST)
|
||||||
|
else:
|
||||||
|
return api_error(request, 400, "method not supported")
|
||||||
|
|
||||||
|
if form.is_valid():
|
||||||
|
auth_login(request, form.get_user())
|
||||||
|
print ">>",request.session.session_key
|
||||||
|
return HttpResponse(json.dumps(request.session.session_key), status=200,
|
||||||
|
content_type=json_content_type)
|
||||||
|
else:
|
||||||
|
return HttpResponse(json.dumps("failed"), status=401,
|
||||||
|
content_type=json_content_type)
|
||||||
|
|
||||||
|
class Ping(ResponseMixin, View):
|
||||||
|
renderers = (JSONRenderer,)
|
||||||
|
|
||||||
|
@api_login_required
|
||||||
|
def get(self, request):
|
||||||
|
response = Response(200, "pong")
|
||||||
|
return self.render(response)
|
||||||
|
|
||||||
class ReposView(ResponseMixin, View):
|
class ReposView(ResponseMixin, View):
|
||||||
renderers = (JSONRenderer,)
|
renderers = (JSONRenderer,)
|
||||||
|
|
||||||
@@ -137,6 +164,7 @@ class ReposView(ResponseMixin, View):
|
|||||||
response = Response(200, repos_json)
|
response = Response(200, repos_json)
|
||||||
return self.render(response)
|
return self.render(response)
|
||||||
|
|
||||||
|
|
||||||
class RepoView(ResponseMixin, View):
|
class RepoView(ResponseMixin, View):
|
||||||
renderers = (JSONRenderer,)
|
renderers = (JSONRenderer,)
|
||||||
|
|
||||||
|
|||||||
@@ -4,10 +4,10 @@ except ImportError:
|
|||||||
from django.utils.functional import update_wrapper, wraps # Python 2.4 fallback.
|
from django.utils.functional import update_wrapper, wraps # Python 2.4 fallback.
|
||||||
|
|
||||||
from auth import REDIRECT_FIELD_NAME
|
from auth import REDIRECT_FIELD_NAME
|
||||||
from django.http import HttpResponseRedirect
|
from django.http import HttpResponseRedirect, HttpResponse
|
||||||
from django.utils.decorators import available_attrs
|
from django.utils.decorators import available_attrs
|
||||||
from django.utils.http import urlquote
|
from django.utils.http import urlquote
|
||||||
|
import simplejson as json
|
||||||
|
|
||||||
def user_passes_test(test_func, login_url=None, redirect_field_name=REDIRECT_FIELD_NAME):
|
def user_passes_test(test_func, login_url=None, redirect_field_name=REDIRECT_FIELD_NAME):
|
||||||
"""
|
"""
|
||||||
@@ -44,38 +44,31 @@ def login_required(function=None, redirect_field_name=REDIRECT_FIELD_NAME):
|
|||||||
return actual_decorator
|
return actual_decorator
|
||||||
|
|
||||||
|
|
||||||
def api_user_passes_test(test_func, login_url=None, redirect_field_name=REDIRECT_FIELD_NAME):
|
def api_user_passes_test(test_func):
|
||||||
"""
|
"""
|
||||||
Decorator for views that checks that the user passes the given test,
|
Decorator for views that checks that the user passes the given test,
|
||||||
redirecting to the log-in page if necessary. The test should be a callable
|
redirecting to the log-in page if necessary. The test should be a callable
|
||||||
that takes the user object and returns True if the user passes.
|
that takes the user object and returns True if the user passes.
|
||||||
"""
|
"""
|
||||||
if not login_url:
|
|
||||||
from django.conf import settings
|
|
||||||
login_url = settings.LOGIN_URL
|
|
||||||
|
|
||||||
def decorator(view_func):
|
def decorator(view_func):
|
||||||
def _wrapped_view(obj, request, *args, **kwargs):
|
def _wrapped_view(obj, request, *args, **kwargs):
|
||||||
if test_func(request.user):
|
if test_func(request.user):
|
||||||
return view_func(obj, request, *args, **kwargs)
|
return view_func(obj, request, *args, **kwargs)
|
||||||
path = urlquote(request.get_full_path())
|
|
||||||
tup = login_url, redirect_field_name, path
|
|
||||||
json_content_type = 'application/json; charset=utf-8'
|
json_content_type = 'application/json; charset=utf-8'
|
||||||
|
|
||||||
return HttpResponse(json.dumps('%s?%s=%s' % tup), status=401,
|
return HttpResponse(json.dumps('login required'), status=401,
|
||||||
content_type=json_content_type)
|
content_type=json_content_type)
|
||||||
return wraps(view_func, assigned=available_attrs(view_func))(_wrapped_view)
|
return wraps(view_func, assigned=available_attrs(view_func))(_wrapped_view)
|
||||||
return decorator
|
return decorator
|
||||||
|
|
||||||
|
|
||||||
def api_login_required(function=None, redirect_field_name=REDIRECT_FIELD_NAME):
|
def api_login_required(function=None):
|
||||||
"""
|
"""
|
||||||
Decorator for views that checks that the user is logged in, redirecting
|
Decorator for views that checks that the user is logged in, redirecting
|
||||||
to the log-in page if necessary.
|
to the log-in page if necessary.
|
||||||
"""
|
"""
|
||||||
actual_decorator = api_user_passes_test(
|
actual_decorator = api_user_passes_test(
|
||||||
lambda u: u.is_authenticated(),
|
lambda u: u.is_authenticated()
|
||||||
redirect_field_name=redirect_field_name
|
|
||||||
)
|
)
|
||||||
if function:
|
if function:
|
||||||
return actual_decorator(function)
|
return actual_decorator(function)
|
||||||
|
|||||||
Reference in New Issue
Block a user