from django.contrib.auth import authenticate, login from django.contrib.syndication.views import Feed from django.http import HttpResponse import base64 class HTTPAuthFeed(Feed): basic_auth_realm = 'My Page' def __call__(self, request, *args, **kwargs): # HTTP auth check inspired by http://djangosnippets.org/snippets/243/ if request.user.is_authenticated(): # already logged in return super(HTTPAuthFeed, self).__call__(request, *args, **kwargs) # check HTTP auth credentials if 'HTTP_AUTHORIZATION' in request.META: auth = request.META['HTTP_AUTHORIZATION'].split() if len(auth) == 2: # only basic auth is supported if auth[0].lower() == "basic": uname, passwd = base64.b64decode(auth[1]).split(':') user = authenticate(username=uname, password=passwd) if user is not None: if user.is_active: login(request, user) request.user = user return super(HTTPAuthFeed, self).__call__(request, *args, **kwargs) # missing auth header or failed authentication results in 401 response = HttpResponse() response.status_code = 401 response['WWW-Authenticate'] = 'Basic realm="%s"' % self.basic_auth_realm return response