Coverage for /var/srv/projects/api.amasfac.comuna18.com/tmp/venv/lib/python3.9/site-packages/coreapi/auth.py: 37%

43 statements  

« prev     ^ index     » next       coverage.py v6.4.4, created at 2023-07-17 14:22 -0600

1from coreapi.utils import domain_matches 

2from requests.auth import AuthBase, HTTPBasicAuth 

3 

4 

5class BasicAuthentication(HTTPBasicAuth): 

6 allow_cookies = False 

7 

8 def __init__(self, username, password, domain=None): 

9 self.domain = domain 

10 super(BasicAuthentication, self).__init__(username, password) 

11 

12 def __call__(self, request): 

13 if not domain_matches(request, self.domain): 

14 return request 

15 

16 return super(BasicAuthentication, self).__call__(request) 

17 

18 

19class TokenAuthentication(AuthBase): 

20 allow_cookies = False 

21 scheme = 'Bearer' 

22 

23 def __init__(self, token, scheme=None, domain=None): 

24 """ 

25 * Use an unauthenticated client, and make a request to obtain a token. 

26 * Create an authenticated client using eg. `TokenAuthentication(token="<token>")` 

27 """ 

28 self.token = token 

29 self.domain = domain 

30 if scheme is not None: 

31 self.scheme = scheme 

32 

33 def __call__(self, request): 

34 if not domain_matches(request, self.domain): 

35 return request 

36 

37 request.headers['Authorization'] = '%s %s' % (self.scheme, self.token) 

38 return request 

39 

40 

41class SessionAuthentication(AuthBase): 

42 """ 

43 Enables session based login. 

44 

45 * Make an initial request to obtain a CSRF token. 

46 * Make a login request. 

47 """ 

48 allow_cookies = True 

49 safe_methods = ('GET', 'HEAD', 'OPTIONS', 'TRACE') 

50 

51 def __init__(self, csrf_cookie_name=None, csrf_header_name=None, domain=None): 

52 self.csrf_cookie_name = csrf_cookie_name 

53 self.csrf_header_name = csrf_header_name 

54 self.csrf_token = None 

55 self.domain = domain 

56 

57 def store_csrf_token(self, response, **kwargs): 

58 if self.csrf_cookie_name in response.cookies: 

59 self.csrf_token = response.cookies[self.csrf_cookie_name] 

60 

61 def __call__(self, request): 

62 if not domain_matches(request, self.domain): 

63 return request 

64 

65 if self.csrf_token and self.csrf_header_name is not None and (request.method not in self.safe_methods): 

66 request.headers[self.csrf_header_name] = self.csrf_token 

67 if self.csrf_cookie_name is not None: 

68 request.register_hook('response', self.store_csrf_token) 

69 return request