diff options
| author | Maksim A. Boyko <maksim.a.boyko@gmail.com> | 2012-07-06 16:12:24 -0400 |
|---|---|---|
| committer | Maksim A. Boyko <maksim.a.boyko@gmail.com> | 2012-07-06 16:12:24 -0400 |
| commit | 633b87480af1709db1292b3a39ee5ad87c8cffe6 (patch) | |
| tree | 361fc3f881a84bcafbb922bf217358ff5a696f96 /backend/views.py | |
| parent | 62a66766d0d0affc2eb1d3106be86031159e6e76 (diff) | |
Backend:
Add user_response_str function
Add api_auth_sneakin
Add api_auth_checkin
Diffstat (limited to 'backend/views.py')
| -rw-r--r-- | backend/views.py | 49 |
1 files changed, 41 insertions, 8 deletions
diff --git a/backend/views.py b/backend/views.py index 9ec67d9..e04270b 100644 --- a/backend/views.py +++ b/backend/views.py @@ -8,9 +8,10 @@ from django.template import loader from django.template import Context from django.shortcuts import render_to_response from django.conf import settings - from datetime import datetime +import sha + from backend.models import SJUserProfile API_HEADER = '#@scanjam 0.3b\n' @@ -61,6 +62,21 @@ def check_form_fields(request, form_fields): if not request.POST[field]: return api_error_headers('no %s' % field) +def user_response_str(request, user=None): + """ Return API response string for user """ + if not user: + user = request.user + if user.is_authenticated(): + user_id = user.id + username = user.username + session_id = request.session.session_key + user_access = user.get_profile().access + else: + user_id = 0 + username = 'anonymous' + session_id = sha.new('No valid session').hexdigest() + user_access = 0 + return '%d\t%s\t%s\t%d\n' % (user_id, username, session_id, user_access) # # AUTH API # @@ -73,12 +89,12 @@ def api_auth_login(request): if response: return response user = auth.authenticate(username=request.POST['username'], - password=request.POST['password']) + password=request.POST['password']) if user: if user.is_active: auth.login(request, user) response = api_ok_headers() - response.write('%d\t%s\t%d\n' % (user.id, user.username, user.get_profile().access)) + response.write(user_response_str(request)) return response else: return api_error_headers('user disabled') @@ -96,12 +112,25 @@ def api_auth_logout(request): @require_POST def api_auth_sneakin(request): - """""" + """ Sneak in user """ form_fields = ['userid', 'username'] response = check_form_fields(request, form_fields) if response: return response - return HttpResponse('Not implemented yet!\n') + try: + user = auth.models.User.objects.get(username=request.POST['username']) + if user.id != int(request.POST['userid']): + return api_error_headers('no match') + except: + return api_error_headers('no such user') + # Hack to authenticate user manually + for backend in auth.get_backends(): + user.backend = "%s.%s" % (backend.__module__, backend.__class__.__name__) + break + auth.login(request, user) + response = api_ok_headers() + response.write(user_response_str(request, user)) + return response @require_POST def api_auth_register(request): @@ -130,7 +159,7 @@ def api_auth_register(request): except: return api_error_headers('problem storing user profile') response = api_ok_headers() - response.write('%d\t%s\t%d\n' % (user.id, user.username, user_profile.access)) + response.write(user_response_str(request, user)) return response @require_POST @@ -146,8 +175,12 @@ def api_auth_available(request): @require_POST def api_auth_checkin(request): - """""" - return HttpResponse('Not implemented yet!\n') + """ Check in user """ + if request.user.is_authenticated(): + response = api_ok_headers() + response.write(user_response_str(request)) + return response + return HttpResponse() @require_POST def api_auth_password(request): |