ó O'—^c@sdZddlmZddlZddlZddlmZmZddlm Z ddl m Z ddl m ZddlmZmZd „Zd e fd „ƒYZd efd „ƒYZdefd„ƒYZdefd„ƒYZdefd„ƒYZdS(u+ Provides various authentication policies. iÿÿÿÿ(tunicode_literalsN(t authenticatetget_user_model(tCsrfViewMiddleware(t text_type(t ugettext_lazy(tHTTP_HEADER_ENCODINGt exceptionscCs:|jjddƒ}t|tƒr6|jtƒ}n|S(u‰ Return request's 'Authorization:' header, as a bytestring. Hide some test client ickyness where the header can be unicode. uHTTP_AUTHORIZATIONt(tMETAtgett isinstanceRtencodeR(trequesttauth((s?/tmp/pip-unpacked-wheel-62FVgP/rest_framework/authentication.pytget_authorization_headerst CSRFCheckcBseZd„ZRS(cCs|S(N((tselfR treason((s?/tmp/pip-unpacked-wheel-62FVgP/rest_framework/authentication.pyt_rejects(t__name__t __module__R(((s?/tmp/pip-unpacked-wheel-62FVgP/rest_framework/authentication.pyRstBaseAuthenticationcBs eZdZd„Zd„ZRS(uF All authentication classes should extend BaseAuthentication. cCstdƒ‚dS(uS Authenticate the request and return a two-tuple of (user, token). u#.authenticate() must be overridden.N(tNotImplementedError(RR ((s?/tmp/pip-unpacked-wheel-62FVgP/rest_framework/authentication.pyR)scCsdS(uç Return a string to be used as the value of the `WWW-Authenticate` header in a `401 Unauthenticated` response, or `None` if the authentication scheme should return `403 Permission Denied` responses. N((RR ((s?/tmp/pip-unpacked-wheel-62FVgP/rest_framework/authentication.pytauthenticate_header/s(RRt__doc__RR(((s?/tmp/pip-unpacked-wheel-62FVgP/rest_framework/authentication.pyR$s tBasicAuthenticationcBs/eZdZdZd„Zd„Zd„ZRS(u> HTTP Basic authentication against username/password. uapicCst|ƒjƒ}| s/|djƒdkr3d St|ƒdkrctdƒ}tj|ƒ‚n0t|ƒdkr“tdƒ}tj|ƒ‚ny)tj |dƒj t ƒj dƒ}Wn8t ttjfk rötdƒ}tj|ƒ‚nX|d|d}}|j||ƒS( uœ Returns a `User` if a correct username and password have been supplied using HTTP Basic authentication. Otherwise returns `None`. itbasiciu.Invalid basic header. No credentials provided.iuCInvalid basic header. Credentials string should not contain spaces.u:u?Invalid basic header. Credentials not correctly base64 encoded.N(RtsplittlowertNonetlent_RtAuthenticationFailedtbase64t b64decodetdecodeRt partitiont TypeErrortUnicodeDecodeErrortbinasciitErrortauthenticate_credentials(RR Rtmsgt auth_partstuseridtpassword((s?/tmp/pip-unpacked-wheel-62FVgP/rest_framework/authentication.pyR>s   ) cCsui|tƒj6|d6}t|}|dkrJtjtdƒƒ‚n|jsktjtdƒƒ‚n|dfS(uU Authenticate the userid and password against username and password. upassworduInvalid username/password.uUser inactive or deleted.N(RtUSERNAME_FIELDRRRR!R t is_active(RR-R.t credentialstuser((s?/tmp/pip-unpacked-wheel-62FVgP/rest_framework/authentication.pyR*Xs     cCs d|jS(NuBasic realm="%s"(twww_authenticate_realm(RR ((s?/tmp/pip-unpacked-wheel-62FVgP/rest_framework/authentication.pyRjs(RRRR3RR*R(((s?/tmp/pip-unpacked-wheel-62FVgP/rest_framework/authentication.pyR8s   tSessionAuthenticationcBs eZdZd„Zd„ZRS(u< Use Django's session framework for authentication. cCsAt|jddƒ}| s&|j r*dS|j|ƒ|dfS(u{ Returns a `User` if the request session currently has a logged in user. Otherwise returns `None`. uuserN(tgetattrt_requestRR0t enforce_csrf(RR R2((s?/tmp/pip-unpacked-wheel-62FVgP/rest_framework/authentication.pyRss  cCs;tƒj|ddiƒ}|r7tjd|ƒ‚ndS(uK Enforce CSRF validation for session based authentication. uCSRF Failed: %sN((Rt process_viewRRtPermissionDenied(RR R((s?/tmp/pip-unpacked-wheel-62FVgP/rest_framework/authentication.pyR7…s(RRRRR7(((s?/tmp/pip-unpacked-wheel-62FVgP/rest_framework/authentication.pyR4ns tTokenAuthenticationcBs>eZdZdZdZd„Zd„Zd„Zd„Z RS(u Simple token based authentication. Clients should authenticate by passing the token key in the "Authorization" HTTP header, prepended with the string "Token ". For example: Authorization: Token 401f7ac837da42b97f613d789819ff93537bee6a uTokencCs*|jdk r|jSddlm}|S(Niÿÿÿÿ(tToken(tmodelRtrest_framework.authtoken.modelsR;(RR;((s?/tmp/pip-unpacked-wheel-62FVgP/rest_framework/authentication.pyt get_modelœscCsòt|ƒjƒ}| s>|djƒ|jjƒjƒkrBdSt|ƒdkrrtdƒ}tj |ƒ‚n0t|ƒdkr¢tdƒ}tj |ƒ‚ny|dj ƒ}Wn,t k rätdƒ}tj |ƒ‚nX|j |ƒS(Niiu.Invalid token header. No credentials provided.iu=Invalid token header. Token string should not contain spaces.uIInvalid token header. Token string should not contain invalid characters.( RRRtkeywordR RRR RR!R$t UnicodeErrorR*(RR RR+ttoken((s?/tmp/pip-unpacked-wheel-62FVgP/rest_framework/authentication.pyR©s,    cCs‹|jƒ}y"|jjdƒjd|ƒ}Wn)|jk rYtjtdƒƒ‚nX|jj s~tjtdƒƒ‚n|j|fS(NuusertkeyuInvalid token.uUser inactive or deleted.( R>tobjectstselect_relatedR t DoesNotExistRR!R R2R0(RRBR<RA((s?/tmp/pip-unpacked-wheel-62FVgP/rest_framework/authentication.pyR*¾s " cCs|jS(N(R?(RR ((s?/tmp/pip-unpacked-wheel-62FVgP/rest_framework/authentication.pyRÊsN( RRRR?RR<R>RR*R(((s?/tmp/pip-unpacked-wheel-62FVgP/rest_framework/authentication.pyR:s  (Rt __future__RR"R(tdjango.contrib.authRRtdjango.middleware.csrfRtdjango.utils.sixRtdjango.utils.translationRR trest_frameworkRRRRtobjectRRR4R:(((s?/tmp/pip-unpacked-wheel-62FVgP/rest_framework/authentication.pyts   6!