mygpo/admin/auth.py

   1 #
   2 # This file is part of my.gpodder.org.
   3 #
   4 # my.gpodder.org is free software: you can redistribute it and/or modify it
   5 # under the terms of the GNU Affero General Public License as published by
   6 # the Free Software Foundation, either version 3 of the License, or (at your
   7 # option) any later version.
   8 #
   9 # my.gpodder.org is distributed in the hope that it will be useful, but
  10 # WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
  11 # or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Affero General Public
  12 # License for more details.
  13 #
  14 # You should have received a copy of the GNU Affero General Public License
  15 # along with my.gpodder.org. If not, see <http://www.gnu.org/licenses/>.
  16 #
  17
  18 from functools import wraps
  19
  20 from django.http import Http404, HttpResponseRedirect
  21 from django.conf import settings
  22
  23
  24 def require_staff(protected_view):
  25     @wraps(protected_view)
  26     def wrapper(request, *args, **kwargs):
  27
  28         staff_token = settings.STAFF_TOKEN
  29         token_auth = staff_token is not None and \
  30                      staff_token == request.GET.get('staff', None)
  31         if token_auth:
  32             return protected_view(request, *args, **kwargs)
  33
  34         if not request.user.is_authenticated():
  35             return HttpResponseRedirect('/login/')
  36
  37         if request.user.is_staff:
  38             return protected_view(request, *args, **kwargs)
  39
  40         raise Http404
  41
  42     return wrapper