Login

HTTP (basic) auth enabled (new-style) syndication framework feed class

Author:
hupf
Posted:
December 16, 2010
Language:
Python
Version:
1.2
Tags:
feed rss syndication http-auth basic-auth atom protected
Score:
2 (after 2 ratings)

This snipped provides a subclass of the syndication Feed class that supports HTTP authentication (basic auth). Feeds that should support authentication can inherit from this class instead from the Feed class. It is basically the implementation of Snippet #243 ported to the new-style syndication framework feeds (for which decorators don't work).

Usage:

class ArticleFeed(HTTPAuthFeed):
    def items(self, obj):
        return Article.objects.all().order_by('-created')[:10]

    def item_title(self, item):
        return item.title

    def item_description(self, item):
        return item.description
 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
from django.contrib.auth import authenticate, login
from django.contrib.syndication.views import Feed
from django.http import HttpResponse
import base64

class HTTPAuthFeed(Feed):
    basic_auth_realm = 'My Page'
    
    def __call__(self, request, *args, **kwargs):
        # HTTP auth check inspired by http://djangosnippets.org/snippets/243/
        if request.user.is_authenticated():
            # already logged in
            return super(HTTPAuthFeed, self).__call__(request, *args, **kwargs)
    
        # check HTTP auth credentials
        if 'HTTP_AUTHORIZATION' in request.META:
            auth = request.META['HTTP_AUTHORIZATION'].split()
            if len(auth) == 2:
                # only basic auth is supported
                if auth[0].lower() == "basic":
                    uname, passwd = base64.b64decode(auth[1]).split(':')
                    user = authenticate(username=uname, password=passwd)
                    if user is not None:
                        if user.is_active:
                            login(request, user)
                            request.user = user
                            return super(HTTPAuthFeed, self).__call__(request, *args, **kwargs)
        
        # missing auth header or failed authentication results in 401
        response = HttpResponse()
        response.status_code = 401
        response['WWW-Authenticate'] = 'Basic realm="%s"' % self.basic_auth_realm
        return response

More like this

  1. EasyFeed class by limodou 8 years, 6 months ago
  2. RSS feed authentication by rileycrane 6 years, 1 month ago
  3. HTTP basic auth decorator by bthomas 6 years, 7 months ago
  4. Using descriptors for lazy attribute caching by djypsy 8 years, 1 month ago
  5. Media RSS generation for Photologue by ltvolks 6 years, 1 month ago

Comments

Please login first before commenting.