o %sz:AuthenticationMiddleware.process_request..)rr r userrr)selfrrrrprocess_requests z(AuthenticationMiddleware.process_requestN)__name__ __module__ __qualname__rrrrrrs rc@s4eZdZdZeZddZddZddZdd Z d S) LoginRequiredMiddlewarez Middleware that redirects all unauthenticated requests to a login page. Views using the login_not_required decorator will not be redirected. cCs(|jjrdSt|ddsdS|||S)Nlogin_requiredT)ris_authenticatedgetattrhandle_no_permission)rr view_func view_args view_kwargsrrr process_view2s   z$LoginRequiredMiddleware.process_viewcCs&t|ddptj}|stdt|S)N login_urlzNo login URL to redirect to. Define settings.LOGIN_URL or provide a login_url via the 'django.contrib.auth.decorators.login_required' decorator.)r$r LOGIN_URLr str)rr&r*rrr get_login_url;s z%LoginRequiredMiddleware.get_login_urlcCst|d|jS)Nredirect_field_name)r$r.)rr&rrrget_redirect_field_nameEsz/LoginRequiredMiddleware.get_redirect_field_namec Csp|}t||}t|dd\}}t|dd\}}|r%||kr/|r+||kr/|}t||||S)N)build_absolute_urir r-r get_full_pathr r/) rrr&pathresolved_login_url login_scheme login_netloccurrent_schemecurrent_netlocrrrr%Hs z,LoginRequiredMiddleware.handle_no_permissionN) rrr __doc__rr.r)r-r/r%rrrrr!)s  r!c@s0eZdZdZdZdZddZddZdd Zd S) RemoteUserMiddlewarea Middleware for utilizing web-server-provided authentication. If request.user is not authenticated, then this middleware attempts to authenticate the username passed in the ``REMOTE_USER`` request header. If authentication is successful, the user is automatically logged in to persist the user in the session. The header used is configurable and defaults to ``REMOTE_USER``. Subclass this class and change the ``header`` attribute if you need to use a different header. REMOTE_USERTcCst|ds tdz|j|j}Wnty'|jr$|jjr$||YdSw|jjr>|j | ||kr9dS||t j ||d}|rR||_t ||dSdS)NrzThe Django remote user auth middleware requires the authentication middleware to be installed. Edit your MIDDLEWARE setting to insert 'django.contrib.auth.middleware.AuthenticationMiddleware' before the RemoteUserMiddleware class.) remote_user)rr METAheaderKeyErrorforce_logout_if_no_headerrr#_remove_invalid_user get_usernameclean_usernamer authenticatelogin)rrusernamerrrrros(     z$RemoteUserMiddleware.process_requestcCs<|jtj}t|}z||}W|StyY|Sw)zr Allow the backend to clean the username, if the backend defines a clean_username method. )rrBACKEND_SESSION_KEYrrCAttributeError)rrFr backend_strbackendrrrrCs    z#RemoteUserMiddleware.clean_usernamecCsTz t|jtjd}Wntyt|YdSwt|tr(t|dSdS)z Remove the current authenticated user in the request which is invalid but only if the user is authenticated via the RemoteUserBackend. N) rrgetrrG ImportErrorlogout isinstancer)rrstored_backendrrrrAs  z)RemoteUserMiddleware._remove_invalid_userN) rrr r9r>r@rrCrArrrrr:[s' r:c@seZdZdZdZdS)PersistentRemoteUserMiddlewarea Middleware for web-server provided authentication on logon pages. Like RemoteUserMiddleware but keeps the user authenticated even if the header (``REMOTE_USER``) is not found in the request. Useful for setups when the external authentication via ``REMOTE_USER`` is only expected to happen on some "logon" URL and the rest of the application wants to use Django's authentication mechanism. FN)rrr r9r@rrrrrQs rQN) functoolsr urllib.parser django.confrdjango.contribrdjango.contrib.authrrdjango.contrib.auth.backendsrdjango.contrib.auth.viewsr django.core.exceptionsr django.shortcutsr django.utils.deprecationr django.utils.functionalr rrrr!r:rQrrrrs"         2Y