Skip to content

Commit

Permalink
Added a check for user in case some other authentication is used.
Browse files Browse the repository at this point in the history 
- Also, named the logger and added some helpful logging
  • Loading branch information
@mwatts15
mwatts15 committed Feb 28, 2017
1 parent 9a938cb commit 8b12ff8
Showing 1 changed file with 10 additions and 2 deletions.
12 changes: 10 additions & 2 deletions codespeed/auth.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -6,17 +6,22 @@
from base64 import b64decode

__ALL__ = ['basic_auth_required']
logger = logging.getLogger(__name__)


def basic_auth_required(realm='default'):
def _helper(func):
@wraps(func)
def _decorator(request, *args, **kwargs):
allowed = False
logging.info('request is secure? {}'.format(request.is_secure()))
logger.info('request is secure? {}'.format(request.is_secure()))
if settings.ALLOW_ANONYMOUS_POST:
logger.debug('allowing anonymous post')
allowed = True
elif hasattr(request, 'user') and request.user.is_authenticated():
allowed = True
elif 'HTTP_AUTHORIZATION' in request.META:
logger.debug('checking for http authorization header')
if settings.REQUIRE_SECURE_AUTH and not request.is_secure():
return insecure_connection_response()
http_auth = request.META['HTTP_AUTHORIZATION']
Expand All @@ -25,16 +30,19 @@ def _decorator(request, *args, **kwargs):
username, password = decode_basic_auth(auth)
user = authenticate(username=username, password=password)
if user is not None and user.is_active:
logging.info(
logger.info(
'Authentication succeeded for {}'.format(username))
login(request, user)
allowed = True
else:
logger.info(
'Failed auth for {}'.format(username))
return HttpResponseForbidden()
if allowed:
return func(request, *args, **kwargs)

if settings.REQUIRE_SECURE_AUTH and not request.is_secure():
logger.debug('not requesting auth over an insecure channel')
return insecure_connection_response()
else:
res = HttpResponse()
Expand Down

0 comments on commit 8b12ff8

Please sign in to comment.