2012-09-24 13:48:13 +08:00
|
|
|
from django import db
|
2015-01-28 20:35:27 +08:00
|
|
|
from django.contrib import auth
|
2012-09-24 13:48:13 +08:00
|
|
|
|
2016-10-01 04:06:02 +08:00
|
|
|
UserModel = auth.get_user_model()
|
|
|
|
|
2012-09-24 13:48:13 +08:00
|
|
|
|
|
|
|
def check_password(environ, username, password):
|
|
|
|
"""
|
2017-01-25 04:31:57 +08:00
|
|
|
Authenticate against Django's auth database.
|
2012-09-24 13:48:13 +08:00
|
|
|
|
|
|
|
mod_wsgi docs specify None, True, False as return value depending
|
|
|
|
on whether the user exists and authenticates.
|
|
|
|
"""
|
|
|
|
# db connection state is managed similarly to the wsgi handler
|
|
|
|
# as mod_wsgi may call these functions outside of a request/response cycle
|
|
|
|
db.reset_queries()
|
|
|
|
try:
|
|
|
|
try:
|
2013-01-22 19:47:34 +08:00
|
|
|
user = UserModel._default_manager.get_by_natural_key(username)
|
2012-10-02 19:19:44 +08:00
|
|
|
except UserModel.DoesNotExist:
|
|
|
|
return None
|
2012-10-03 00:16:37 +08:00
|
|
|
if not user.is_active:
|
2012-09-24 13:48:13 +08:00
|
|
|
return None
|
|
|
|
return user.check_password(password)
|
|
|
|
finally:
|
2013-02-18 18:37:26 +08:00
|
|
|
db.close_old_connections()
|
2012-09-24 13:48:13 +08:00
|
|
|
|
2013-10-31 23:42:28 +08:00
|
|
|
|
2012-09-24 13:48:13 +08:00
|
|
|
def groups_for_user(environ, username):
|
|
|
|
"""
|
2017-01-25 04:31:57 +08:00
|
|
|
Authorize a user based on groups
|
2012-09-24 13:48:13 +08:00
|
|
|
"""
|
|
|
|
db.reset_queries()
|
|
|
|
try:
|
|
|
|
try:
|
2013-01-22 19:47:34 +08:00
|
|
|
user = UserModel._default_manager.get_by_natural_key(username)
|
2012-10-02 19:19:44 +08:00
|
|
|
except UserModel.DoesNotExist:
|
|
|
|
return []
|
2013-02-10 01:30:26 +08:00
|
|
|
if not user.is_active:
|
2012-09-24 13:48:13 +08:00
|
|
|
return []
|
2018-09-26 23:16:59 +08:00
|
|
|
return [group.name.encode() for group in user.groups.all()]
|
2012-09-24 13:48:13 +08:00
|
|
|
finally:
|
2013-02-18 18:37:26 +08:00
|
|
|
db.close_old_connections()
|