remove unnecessary imports
[mygpo.git] / mygpo / api / advanced / auth.py
blobcc4136f0d1f1a303af113dd2f22e33239e7b9a01
2 # This file is part of my.gpodder.org.
4 # my.gpodder.org is free software: you can redistribute it and/or modify it
5 # under the terms of the GNU Affero General Public License as published by
6 # the Free Software Foundation, either version 3 of the License, or (at your
7 # option) any later version.
9 # my.gpodder.org is distributed in the hope that it will be useful, but
10 # WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
11 # or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Affero General Public
12 # License for more details.
14 # You should have received a copy of the GNU Affero General Public License
15 # along with my.gpodder.org. If not, see <http://www.gnu.org/licenses/>.
18 from mygpo.api.basic_auth import require_valid_user, check_username
19 from django.contrib import auth
20 from django.http import HttpResponse
21 from mygpo.api.httpresponse import JsonResponse
22 from django.shortcuts import get_object_or_404
23 from mygpo.api.models import Device
24 from django.utils.translation import ugettext as _
25 from datetime import datetime, timedelta
26 from django.views.decorators.csrf import csrf_exempt
29 @csrf_exempt
30 @require_valid_user
31 @check_username
32 def login(request, username, device_uid):
33 """
34 authenticates the user with regular http basic auth
35 the device is created if it doesn't already exist
36 """
38 d, created = Device.objects.get_or_create(user=request.user, uid=device_uid, defaults = {'type': 'other', 'name': _('New Device')})
40 request.session['device'] = device_uid
41 request.session.set_expiry(datetime.now()+timedelta(days=365))
43 # the user has been logged in at this point already
44 r = {'valid': True}
45 return JsonResponse(r)
48 @csrf_exempt
49 @check_username
50 def logout(request, username, device_uid):
51 """
52 logs out the user. does nothing if he wasn't logged in
53 """
54 auth.logout(request)
56 return HttpResponse()
59 @csrf_exempt
60 def validate(request, username, device_uid):
61 """
62 checks if the client has been authenticated for the given useru
63 """
64 if not request.user.is_authenticated():
65 return JsonResponse({'valid': False, 'reason': 'Client not authenticated'})
67 if request.user.username != username:
68 return JsonResponse({'valid': False, 'reason': 'Client authenticated for different username: %s' % request.user.username})
70 get_object_or_404(Device, user=request.user, uid=device_uid)
72 # skip if client isn't authenticated for any device
73 if request.session['device'] and (device_uid != request.session['device']):
74 return JsonResponse({'valid': False, 'reason': 'Client authenticated for different device: %s' % request.session['device']})
76 return JsonResponse({'valid': True})