|
1 import datetime |
|
2 from django.core.exceptions import ImproperlyConfigured |
|
3 |
|
4 SESSION_KEY = '_auth_user_id' |
|
5 BACKEND_SESSION_KEY = '_auth_user_backend' |
|
6 REDIRECT_FIELD_NAME = 'next' |
|
7 |
|
8 def load_backend(path): |
|
9 i = path.rfind('.') |
|
10 module, attr = path[:i], path[i+1:] |
|
11 try: |
|
12 mod = __import__(module, {}, {}, [attr]) |
|
13 except ImportError, e: |
|
14 raise ImproperlyConfigured, 'Error importing authentication backend %s: "%s"' % (module, e) |
|
15 except ValueError, e: |
|
16 raise ImproperlyConfigured, 'Error importing authentication backends. Is AUTHENTICATION_BACKENDS a correctly defined list or tuple?' |
|
17 try: |
|
18 cls = getattr(mod, attr) |
|
19 except AttributeError: |
|
20 raise ImproperlyConfigured, 'Module "%s" does not define a "%s" authentication backend' % (module, attr) |
|
21 return cls() |
|
22 |
|
23 def get_backends(): |
|
24 from django.conf import settings |
|
25 backends = [] |
|
26 for backend_path in settings.AUTHENTICATION_BACKENDS: |
|
27 backends.append(load_backend(backend_path)) |
|
28 return backends |
|
29 |
|
30 def authenticate(**credentials): |
|
31 """ |
|
32 If the given credentials are valid, return a User object. |
|
33 """ |
|
34 for backend in get_backends(): |
|
35 try: |
|
36 user = backend.authenticate(**credentials) |
|
37 except TypeError: |
|
38 # This backend doesn't accept these credentials as arguments. Try the next one. |
|
39 continue |
|
40 if user is None: |
|
41 continue |
|
42 # Annotate the user object with the path of the backend. |
|
43 user.backend = "%s.%s" % (backend.__module__, backend.__class__.__name__) |
|
44 return user |
|
45 |
|
46 def login(request, user): |
|
47 """ |
|
48 Persist a user id and a backend in the request. This way a user doesn't |
|
49 have to reauthenticate on every request. |
|
50 """ |
|
51 if user is None: |
|
52 user = request.user |
|
53 # TODO: It would be nice to support different login methods, like signed cookies. |
|
54 user.last_login = datetime.datetime.now() |
|
55 user.save() |
|
56 request.session[SESSION_KEY] = user.id |
|
57 request.session[BACKEND_SESSION_KEY] = user.backend |
|
58 if hasattr(request, 'user'): |
|
59 request.user = user |
|
60 |
|
61 def logout(request): |
|
62 """ |
|
63 Remove the authenticated user's ID from the request. |
|
64 """ |
|
65 try: |
|
66 del request.session[SESSION_KEY] |
|
67 except KeyError: |
|
68 pass |
|
69 try: |
|
70 del request.session[BACKEND_SESSION_KEY] |
|
71 except KeyError: |
|
72 pass |
|
73 if hasattr(request, 'user'): |
|
74 from django.contrib.auth.models import AnonymousUser |
|
75 request.user = AnonymousUser() |
|
76 |
|
77 def get_user(request): |
|
78 from django.contrib.auth.models import AnonymousUser |
|
79 try: |
|
80 user_id = request.session[SESSION_KEY] |
|
81 backend_path = request.session[BACKEND_SESSION_KEY] |
|
82 backend = load_backend(backend_path) |
|
83 user = backend.get_user(user_id) or AnonymousUser() |
|
84 except KeyError: |
|
85 user = AnonymousUser() |
|
86 return user |