/hgwebproxy/utils.py
Python | 50 lines | 40 code | 1 blank | 9 comment | 0 complexity | f3749359ed0ecd1b0f85d10f5c6a3125 MD5 | raw file
- import re
- from django.contrib.auth import authenticate
- def is_mercurial(request):
- """
- User agent processor to determine whether the incoming
- user is someone using a browser, or a mercurial client
- In order to qualify as a mercurial user they must have a user
- agent value that starts with mercurial and an Accept header that
- starts with application/mercurial. This guarantees we only force
- those who are actual mercurial users to use Basic Authentication
- """
- agent = re.compile(r'^(mercurial).*')
- accept = request.META.get('HTTP_ACCEPT', None)
- result = agent.match(request.META.get('HTTP_USER_AGENT', ""))
- if result and accept.startswith('application/mercurial-'):
- return True
- else:
- return False
- def basic_auth(request, realm, repo):
- """
- Very simple Basic authentication handler
- """
- if request.user.is_authenticated():
- user = request.user
- username = request.user.username
- else:
- auth_string = request.META.get('HTTP_AUTHORIZATION')
-
- if auth_string is None or not auth_string.startswith("Basic"):
- return False
- _, basic_hash = auth_string.split(' ', 1)
- username, password = basic_hash.decode('base64').split(':', 1)
- user = authenticate(username=username, password=password)
- if user:
- if request.method == "POST":
- if repo.can_push(user):
- return username
- else:
- if repo.can_pull(user):
- return username
- return False