1
from mod_python import apache
4
def authenhandler(req, **kwargs):
6
Authentication handler that checks against Django's auth database.
9
# mod_python fakes the environ, and thus doesn't process SetEnv. This fixes
10
# that so that the following import works
11
os.environ.update(req.subprocess_env)
13
# apache 2.2 requires a call to req.get_basic_auth_pw() before
14
# req.user and friends are available.
15
req.get_basic_auth_pw()
17
# check for PythonOptions
18
_str_to_bool = lambda s: s.lower() in ('1', 'true', 'on', 'yes')
20
options = req.get_options()
21
permission_name = options.get('DjangoPermissionName', None)
22
staff_only = _str_to_bool(options.get('DjangoRequireStaffStatus', "on"))
23
superuser_only = _str_to_bool(options.get('DjangoRequireSuperuserStatus', "off"))
24
settings_module = options.get('DJANGO_SETTINGS_MODULE', None)
26
os.environ['DJANGO_SETTINGS_MODULE'] = settings_module
28
from django.contrib.auth.models import User
32
# check that the username is valid
33
kwargs = {'username': req.user, 'is_active': True}
35
kwargs['is_staff'] = True
37
kwargs['is_superuser'] = True
40
user = User.objects.get(**kwargs)
41
except User.DoesNotExist:
42
return apache.HTTP_UNAUTHORIZED
44
# check the password and any permission given
45
if user.check_password(req.get_basic_auth_pw()):
47
if user.has_perm(permission_name):
50
return apache.HTTP_UNAUTHORIZED
54
return apache.HTTP_UNAUTHORIZED