Coverage for /var/srv/projects/api.amasfac.comuna18.com/tmp/venv/lib/python3.9/site-packages/coreapi/auth.py: 37%
43 statements
« prev ^ index » next coverage.py v6.4.4, created at 2023-07-17 14:22 -0600
« prev ^ index » next coverage.py v6.4.4, created at 2023-07-17 14:22 -0600
1from coreapi.utils import domain_matches
2from requests.auth import AuthBase, HTTPBasicAuth
5class BasicAuthentication(HTTPBasicAuth):
6 allow_cookies = False
8 def __init__(self, username, password, domain=None):
9 self.domain = domain
10 super(BasicAuthentication, self).__init__(username, password)
12 def __call__(self, request):
13 if not domain_matches(request, self.domain):
14 return request
16 return super(BasicAuthentication, self).__call__(request)
19class TokenAuthentication(AuthBase):
20 allow_cookies = False
21 scheme = 'Bearer'
23 def __init__(self, token, scheme=None, domain=None):
24 """
25 * Use an unauthenticated client, and make a request to obtain a token.
26 * Create an authenticated client using eg. `TokenAuthentication(token="<token>")`
27 """
28 self.token = token
29 self.domain = domain
30 if scheme is not None:
31 self.scheme = scheme
33 def __call__(self, request):
34 if not domain_matches(request, self.domain):
35 return request
37 request.headers['Authorization'] = '%s %s' % (self.scheme, self.token)
38 return request
41class SessionAuthentication(AuthBase):
42 """
43 Enables session based login.
45 * Make an initial request to obtain a CSRF token.
46 * Make a login request.
47 """
48 allow_cookies = True
49 safe_methods = ('GET', 'HEAD', 'OPTIONS', 'TRACE')
51 def __init__(self, csrf_cookie_name=None, csrf_header_name=None, domain=None):
52 self.csrf_cookie_name = csrf_cookie_name
53 self.csrf_header_name = csrf_header_name
54 self.csrf_token = None
55 self.domain = domain
57 def store_csrf_token(self, response, **kwargs):
58 if self.csrf_cookie_name in response.cookies:
59 self.csrf_token = response.cookies[self.csrf_cookie_name]
61 def __call__(self, request):
62 if not domain_matches(request, self.domain):
63 return request
65 if self.csrf_token and self.csrf_header_name is not None and (request.method not in self.safe_methods):
66 request.headers[self.csrf_header_name] = self.csrf_token
67 if self.csrf_cookie_name is not None:
68 request.register_hook('response', self.store_csrf_token)
69 return request