for mobile auth

2025-09-01 23:20:51 +00:00 · 2012-07-22 01:16:43 +08:00
parent f441158f9e
commit 703b07e452
4 changed files with 42 additions and 17 deletions
--- a/.gitignore
+++ b/.gitignore
@@ -13,3 +13,6 @@ restart.sh
 settings.py.mysql
 settings.py.sqlite
 secret_key.py
+run-seahub.sh
+setenv.sh
+.DS_Store
--- a/api/urls.py
+++ b/api/urls.py
@@ -4,14 +4,15 @@ from views import *


 urlpatterns = patterns('',
+    url(r'^ping/$', Ping.as_view()),
+    url(r'login/$', api_login),
    url(r'^$', ReposView.as_view()),
-    url(r'^/$', ReposView.as_view()),
    url(r'^repo/list/$', ReposView.as_view(), name='repos'),
    url(r'^repo/(?P<repo_id>[^/]+)/$', RepoView.as_view(), name='repo'),

    url(r'^dir/(?P<repo_id>[^/]+)/root/$', RepoDirPathView.as_view()),
    url(r'^dir/(?P<repo_id>[^/]+)/$', RepoDirPathView.as_view(), name='repo-dir-path'),
-    url(r'^dir/(?P<repo_id>[^/]+)/(?P<dir_id>[^/]+)/$', RepoDirIdView.as_view(), name='repo-dirr-id'),
+    url(r'^dir/(?P<repo_id>[^/]+)/(?P<dir_id>[^/]+)/$', RepoDirIdView.as_view(), name='repo-dir-id'),
    url(r'^file/(?P<repo_id>[^/]+)/(?P<file_id>[^/]+)/$', RepoFileView.as_view(), name='repo-file'),
 )

--- a/api/views.py
+++ b/api/views.py
@@ -27,6 +27,9 @@ from djangorestframework.mixins import ResponseMixin
 from djangorestframework.response import Response
 from django.core.urlresolvers import reverse

+from auth.forms import AuthenticationForm
+from auth import login as auth_login
+from django.views.decorators.csrf import csrf_exempt


 json_content_type = 'application/json; charset=utf-8'
@@ -97,6 +100,30 @@ def get_dir_entrys_by_id(reqquest, dir_id):
    return HttpResponse(json.dumps(dentrys), status=200,
                        content_type=json_content_type)

+@csrf_exempt
+def api_login(request):
+    if request.method == "POST" :
+        form = AuthenticationForm(data=request.POST)
+    else:
+        return api_error(request, 400, "method not supported")
+
+    if form.is_valid():
+        auth_login(request, form.get_user())
+        print ">>",request.session.session_key
+        return HttpResponse(json.dumps(request.session.session_key), status=200,
+            content_type=json_content_type)
+    else:
+        return HttpResponse(json.dumps("failed"), status=401,
+            content_type=json_content_type)
+
+class Ping(ResponseMixin, View):
+    renderers = (JSONRenderer,)
+
+    @api_login_required
+    def get(self, request):
+        response = Response(200, "pong")
+        return self.render(response)
+
 class ReposView(ResponseMixin, View):
    renderers = (JSONRenderer,)

@@ -137,6 +164,7 @@ class ReposView(ResponseMixin, View):
        response = Response(200, repos_json)
        return self.render(response)

+
 class RepoView(ResponseMixin, View):
    renderers = (JSONRenderer,)

--- a/thirdpart/auth/decorators.py
+++ b/thirdpart/auth/decorators.py
@@ -4,10 +4,10 @@ except ImportError:
    from django.utils.functional import update_wrapper, wraps  # Python 2.4 fallback.

 from auth import REDIRECT_FIELD_NAME
-from django.http import HttpResponseRedirect
+from django.http import HttpResponseRedirect, HttpResponse
 from django.utils.decorators import available_attrs
 from django.utils.http import urlquote
-
+import simplejson as json

 def user_passes_test(test_func, login_url=None, redirect_field_name=REDIRECT_FIELD_NAME):
    """
@@ -44,38 +44,31 @@ def login_required(function=None, redirect_field_name=REDIRECT_FIELD_NAME):
    return actual_decorator


-def api_user_passes_test(test_func, login_url=None, redirect_field_name=REDIRECT_FIELD_NAME):
+def api_user_passes_test(test_func):
    """
    Decorator for views that checks that the user passes the given test,
    redirecting to the log-in page if necessary. The test should be a callable
    that takes the user object and returns True if the user passes.
    """
-    if not login_url:
-        from django.conf import settings
-        login_url = settings.LOGIN_URL
-
    def decorator(view_func):
        def _wrapped_view(obj, request, *args, **kwargs):
            if test_func(request.user):
                return view_func(obj, request, *args, **kwargs)
-            path = urlquote(request.get_full_path())
-            tup = login_url, redirect_field_name, path
            json_content_type = 'application/json; charset=utf-8'

-            return HttpResponse(json.dumps('%s?%s=%s' % tup), status=401,
+            return HttpResponse(json.dumps('login required'), status=401,
                                content_type=json_content_type)
        return wraps(view_func, assigned=available_attrs(view_func))(_wrapped_view)
    return decorator


-def api_login_required(function=None, redirect_field_name=REDIRECT_FIELD_NAME):
+def api_login_required(function=None):
    """
    Decorator for views that checks that the user is logged in, redirecting
    to the log-in page if necessary.
    """
    actual_decorator = api_user_passes_test(
-        lambda u: u.is_authenticated(),
-        redirect_field_name=redirect_field_name
+        lambda u: u.is_authenticated()
    )
    if function:
        return actual_decorator(function)