Login

Simple FastCGI authorizer view

Author:
cme
Posted:
October 23, 2008
Language:
Python
Version:
1.0
Tags:
authenticate fcgi fastcgi
Score:
0 (after 0 ratings)

This is a basic view for a FastCGI authorizer against the Django auth. The idea is to return either a blank response with REMOTE_USER set on success, a forbidden response for failure, or a redirect to a login page when no user is logged in.

I use this view for a Trac instance running on the same (lighttpd) server as Django. lighttpd is set up to use Django as a FastCGI authorizer (using snippet 1149) for the Trac URLs instead of using basic/digest HTTP authentication, so Trac has the same users as Django.

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
def auth(request, path):
    from django.http import HttpResponse, HttpResponseRedirect, HttpResponseForbidden
    from django.utils.html import escape
    if request.user.is_anonymous():
        # If not logged in, redirect to login page
        return HttpResponseRedirect(reverse("login") + "?next=/" + escape(path))
    elif request.user.has_perm("some.perm"):
        # If allowed, then return empty "200 OK" response, and
        # set REQUEST_USER.
        result = HttpResponse()
        result['Variable-REMOTE_USER'] = request.user.username
        return result
    else:
        # Otherwise, a user who isn't allowed.
        result = HttpResponseForbidden()
        result.write("Access denied")
        return result

More like this

  1. Run Django as a FastCGI authorizer by cme 6 years, 8 months ago
  2. view by view basic authentication decorator by Scanner 8 years, 1 month ago
  3. Django BasicAuthMixin by icrni 1 year ago
  4. Basic Auth Middleware by joshsharp 4 years ago
  5. Login as Any Site user by madhav.bnk 5 years, 7 months ago

Comments

Please login first before commenting.