diff -r 57b4279d8c4e -r 03e267d67478 app/django/contrib/auth/handlers/modpython.py --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/app/django/contrib/auth/handlers/modpython.py Fri Jul 18 18:22:23 2008 +0000 @@ -0,0 +1,56 @@ +from mod_python import apache +import os + +def authenhandler(req, **kwargs): + """ + Authentication handler that checks against Django's auth database. + """ + + # mod_python fakes the environ, and thus doesn't process SetEnv. This fixes + # that so that the following import works + os.environ.update(req.subprocess_env) + + # apache 2.2 requires a call to req.get_basic_auth_pw() before + # req.user and friends are available. + req.get_basic_auth_pw() + + # check for PythonOptions + _str_to_bool = lambda s: s.lower() in ('1', 'true', 'on', 'yes') + + options = req.get_options() + permission_name = options.get('DjangoPermissionName', None) + staff_only = _str_to_bool(options.get('DjangoRequireStaffStatus', "on")) + superuser_only = _str_to_bool(options.get('DjangoRequireSuperuserStatus', "off")) + settings_module = options.get('DJANGO_SETTINGS_MODULE', None) + if settings_module: + os.environ['DJANGO_SETTINGS_MODULE'] = settings_module + + from django.contrib.auth.models import User + from django import db + db.reset_queries() + + # check that the username is valid + kwargs = {'username': req.user, 'is_active': True} + if staff_only: + kwargs['is_staff'] = True + if superuser_only: + kwargs['is_superuser'] = True + try: + try: + user = User.objects.get(**kwargs) + except User.DoesNotExist: + return apache.HTTP_UNAUTHORIZED + + # check the password and any permission given + if user.check_password(req.get_basic_auth_pw()): + if permission_name: + if user.has_perm(permission_name): + return apache.OK + else: + return apache.HTTP_UNAUTHORIZED + else: + return apache.OK + else: + return apache.HTTP_UNAUTHORIZED + finally: + db.connection.close()