# -*- coding: utf-8 -*- # from rest_framework import authentication, exceptions from django.utils.translation import ugettext as _ from common.utils import unsign from .models import User class APPSignAuthentication(authentication.BaseAuthentication): keyword = 'Sign' model = User def authenticate(self, request): auth = authentication.get_authorization_header(request).split() if not auth or auth[0].lower() != self.keyword.lower().encode(): return None if len(auth) == 1: msg = _('Invalid sign header. No credentials provided.') raise exceptions.AuthenticationFailed(msg) elif len(auth) > 2: msg = _('Invalid sign header. Sign string should not contain spaces.') raise exceptions.AuthenticationFailed(msg) try: sign = auth[1].decode() except UnicodeError: msg = _('Invalid token header. Sign string should not contain invalid characters.') raise exceptions.AuthenticationFailed(msg) return self.authenticate_credentials(sign) def authenticate_credentials(self, key): try: token = self.model.objects.select_related('user').get(key=key) except self.model.DoesNotExist: raise exceptions.AuthenticationFailed(_('Invalid token.')) if not token.user.is_active: raise exceptions.AuthenticationFailed(_('User inactive or deleted.')) if __name__ == '__main__': pass