Add support for request.auth

b7062c5b · Tom Christie · 1c78bf53 · b7062c5b · b7062c5b
Commit b7062c5b authored Sep 06, 2012 by Tom Christie
Show whitespace changes
Inline Side-by-side

Showing with 31 additions and 19 deletions

djangorestframework/authentication.py
+2 -4

djangorestframework/request.py
+29 -15

No files found.
--- a/djangorestframework/authentication.py
+++ b/djangorestframework/authentication.py
@@ -64,7 +64,6 @@ class BasicAuthentication(BaseAuthentication):
                    return None

                return self.authenticate_credentials(userid, password)
-        return None

    def authenticate_credentials(self, userid, password):
        """
@@ -81,7 +80,7 @@ class UserBasicAuthentication(BasicAuthentication):
        """
        user = authenticate(username=userid, password=password)
        if user is not None and user.is_active:
-            return user
+            return (user, None)


 class SessionAuthentication(BaseAuthentication):
@@ -101,8 +100,7 @@ class SessionAuthentication(BaseAuthentication):
            resp = CsrfViewMiddleware().process_view(request, None, (), {})

            if resp is None:  # csrf passed
-                return user
-        return None
+                return (user, None)


 # TODO: TokenAuthentication, DigestAuthentication, OAuthAuthentication
--- a/djangorestframework/request.py
+++ b/djangorestframework/request.py
@@ -13,7 +13,7 @@ from StringIO import StringIO

 from django.contrib.auth.models import AnonymousUser

-from djangorestframework.exceptions import UnsupportedMediaType
+from djangorestframework import exceptions
 from djangorestframework.utils.mediatypes import is_form_media_type


@@ -110,8 +110,8 @@ class Request(object):
        """
        Parses the request body and returns the data.

-        Similar to ``request.POST``, except that it handles arbitrary parsers,
-        and also works on methods other than POST (eg PUT).
+        Similar to usual behaviour of `request.POST`, except that it handles
+        arbitrary parsers, and also works on methods other than POST (eg PUT).
        """
        if not _hasattr(self, '_data'):
            self._load_data_and_files()
@@ -120,9 +120,10 @@ class Request(object):
    @property
    def FILES(self):
        """
-        Parses the request body and returns the files.
-        Similar to ``request.FILES``, except that it handles arbitrary parsers,
-        and also works on methods other than POST (eg PUT).
+        Parses the request body and returns any files uploaded in the request.
+
+        Similar to usual behaviour of `request.FILES`, except that it handles
+        arbitrary parsers, and also works on methods other than POST (eg PUT).
        """
        if not _hasattr(self, '_files'):
            self._load_data_and_files()
@@ -131,13 +132,23 @@ class Request(object):
    @property
    def user(self):
        """
-        Returns the :obj:`user` for the current request, authenticated
-        with the set of :class:`authentication` instances applied to the :class:`Request`.
+        Returns the user associated with the current request, as authenticated
+        by the authentication classes provided to the request.
        """
        if not hasattr(self, '_user'):
-            self._user = self._authenticate()
+            self._user, self._auth = self._authenticate()
        return self._user

+    @property
+    def auth(self):
+        """
+        Returns any non-user authentication information associated with the
+        request, such as an authentication token.
+        """
+        if not hasattr(self, '_auth'):
+            self._user, self._auth = self._authenticate()
+        return self._auth
+
    def _load_data_and_files(self):
        """
        Parses the request content into self.DATA and self.FILES.
@@ -161,6 +172,9 @@ class Request(object):
            self._method = self._request.method

    def _load_stream(self):
+        """
+        Return the content body of the request, as a stream.
+        """
        try:
            content_length = int(self.META.get('CONTENT_LENGTH',
                                    self.META.get('HTTP_CONTENT_LENGTH')))
@@ -223,21 +237,21 @@ class Request(object):
                except AttributeError:
                    return (parsed, None)

-        raise UnsupportedMediaType(self._content_type)
+        raise exceptions.UnsupportedMediaType(self._content_type)

    def _authenticate(self):
        """
        Attempt to authenticate the request using each authentication instance in turn.
-        Returns a ``User`` object, which may be ``AnonymousUser``.
+        Returns a two-tuple of (user, authtoken).
        """
        for authentication in self.get_authentications():
-            user = authentication.authenticate(self)
-            if user:
-                return user
+            user_auth_tuple = authentication.authenticate(self)
+            if not user_auth_tuple is None:
+                return user_auth_tuple
        return self._not_authenticated()

    def _not_authenticated(self):
-        return AnonymousUser()
+        return (AnonymousUser(), None)

    def __getattr__(self, name):
        """