Why Gemfury? Push, build, and install  RubyGems npm packages Python packages Maven artifacts PHP packages Go Modules Debian packages RPM packages NuGet packages

wilsonmoraes / pp-django python

Repository URL to install this package:

Version: 
1.0.7  ▾
Details    
pp-django / pp_django / auth / authentication.py
Size: Mime: 
from django.conf import settings
from rest_framework import permissions
from rest_framework.authentication import BaseAuthentication
from rest_framework.exceptions import PermissionDenied


class Principal:
    def __init__(self, auth_type, data=None):
        self.auth_type = auth_type
        self.data = data or {}

    def is_authenticated(self):
        return True


class InternalAuthentication(BaseAuthentication):
    def authenticate(self, request):
        if self.has_internal_permission(request):
            user = Principal(auth_type="internal_permission", data={})
            return user, None
        return None

    # noinspection PyBroadException
    def has_internal_permission(self, request):
        try:
            is_allowed = settings.INTERNAL_AUTH_KEY and (
                request.META.get("HTTP_INTERNAL_AUTHENTICATION") == settings.INTERNAL_AUTH_KEY
            )
            return is_allowed
        except Exception:
            return None


class InternalPermissionAuth(permissions.BasePermission):
    def has_permission(self, request, view):
        is_allowed = settings.INTERNAL_AUTH_KEY and (
            request.META.get("HTTP_INTERNAL_AUTHENTICATION") == settings.INTERNAL_AUTH_KEY
        )
        return is_allowed


class SwaggerPermission(permissions.BasePermission):
    def has_permission(self, request, view):
        return True


class BraspagPermissionMixin(permissions.BasePermission):
    def has_permission(self, request, view):
        return self.check_permission(request)

    def has_object_permission(self, request, view, obj):
        return self.check_permission(request)

    def check_permission(self, request):
        if request.method == "POST":
            return self.check_braspag_permission(request)
        elif request.user is None:
            raise PermissionDenied("Authorization is missing!")
        return request.user.auth_type == "internal_permission"

    def check_braspag_permission(self, request):
        auth_header_value: str = request.META.get("HTTP_AUTHORIZATION")
        if auth_header_value and (auth_header_value == settings.BRASPAG_UPDATE_STATUS_KEY):
            return True
        raise PermissionDenied("Braspag Authorization is missing!")

Products

About

Resources

Contact Gemfury