khaloufam70043
/
Django
Watch 1
Star 0
Fork 0
Code Issues 0 Pull Requests 0 Releases 0 Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
11 Commits
1 Branch
Tree: 8a364f60e5
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from '8a364f60e5'
${ noResults }
Django/venv/lib/python3.7/site-packages/django/contrib/auth/backends.py

backends.py 7.0KB
Raw Blame History

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188 
  1. import inspect

  2. import warnings

  3. 

  4. from django.contrib.auth import get_user_model

  5. from django.contrib.auth.models import Permission

  6. from django.utils.deprecation import RemovedInDjango31Warning

  7. 

  8. UserModel = get_user_model()

  9. 

  10. 

  11. class ModelBackend:

  12.     """

  13.     Authenticates against settings.AUTH_USER_MODEL.

  14.     """

  15. 

  16.     def authenticate(self, request, username=None, password=None, **kwargs):

  17.         if username is None:

  18.             username = kwargs.get(UserModel.USERNAME_FIELD)

  19.         try:

  20.             user = UserModel._default_manager.get_by_natural_key(username)

  21.         except UserModel.DoesNotExist:

  22.             # Run the default password hasher once to reduce the timing

  23.             # difference between an existing and a nonexistent user (#20760).

  24.             UserModel().set_password(password)

  25.         else:

  26.             if user.check_password(password) and self.user_can_authenticate(user):

  27.                 return user

  28. 

  29.     def user_can_authenticate(self, user):

  30.         """

  31.         Reject users with is_active=False. Custom user models that don't have

  32.         that attribute are allowed.

  33.         """

  34.         is_active = getattr(user, 'is_active', None)

  35.         return is_active or is_active is None

  36. 

  37.     def _get_user_permissions(self, user_obj):

  38.         return user_obj.user_permissions.all()

  39. 

  40.     def _get_group_permissions(self, user_obj):

  41.         user_groups_field = get_user_model()._meta.get_field('groups')

  42.         user_groups_query = 'group__%s' % user_groups_field.related_query_name()

  43.         return Permission.objects.filter(**{user_groups_query: user_obj})

  44. 

  45.     def _get_permissions(self, user_obj, obj, from_name):

  46.         """

  47.         Return the permissions of `user_obj` from `from_name`. `from_name` can

  48.         be either "group" or "user" to return permissions from

  49.         `_get_group_permissions` or `_get_user_permissions` respectively.

  50.         """

  51.         if not user_obj.is_active or user_obj.is_anonymous or obj is not None:

  52.             return set()

  53. 

  54.         perm_cache_name = '_%s_perm_cache' % from_name

  55.         if not hasattr(user_obj, perm_cache_name):

  56.             if user_obj.is_superuser:

  57.                 perms = Permission.objects.all()

  58.             else:

  59.                 perms = getattr(self, '_get_%s_permissions' % from_name)(user_obj)

  60.             perms = perms.values_list('content_type__app_label', 'codename').order_by()

  61.             setattr(user_obj, perm_cache_name, {"%s.%s" % (ct, name) for ct, name in perms})

  62.         return getattr(user_obj, perm_cache_name)

  63. 

  64.     def get_user_permissions(self, user_obj, obj=None):

  65.         """

  66.         Return a set of permission strings the user `user_obj` has from their

  67.         `user_permissions`.

  68.         """

  69.         return self._get_permissions(user_obj, obj, 'user')

  70. 

  71.     def get_group_permissions(self, user_obj, obj=None):

  72.         """

  73.         Return a set of permission strings the user `user_obj` has from the

  74.         groups they belong.

  75.         """

  76.         return self._get_permissions(user_obj, obj, 'group')

  77. 

  78.     def get_all_permissions(self, user_obj, obj=None):

  79.         if not user_obj.is_active or user_obj.is_anonymous or obj is not None:

  80.             return set()

  81.         if not hasattr(user_obj, '_perm_cache'):

  82.             user_obj._perm_cache = {

  83.                 *self.get_user_permissions(user_obj),

  84.                 *self.get_group_permissions(user_obj),

  85.             }

  86.         return user_obj._perm_cache

  87. 

  88.     def has_perm(self, user_obj, perm, obj=None):

  89.         return user_obj.is_active and perm in self.get_all_permissions(user_obj, obj)

  90. 

  91.     def has_module_perms(self, user_obj, app_label):

  92.         """

  93.         Return True if user_obj has any permissions in the given app_label.

  94.         """

  95.         return user_obj.is_active and any(

  96.             perm[:perm.index('.')] == app_label

  97.             for perm in self.get_all_permissions(user_obj)

  98.         )

  99. 

  100.     def get_user(self, user_id):

  101.         try:

  102.             user = UserModel._default_manager.get(pk=user_id)

  103.         except UserModel.DoesNotExist:

  104.             return None

  105.         return user if self.user_can_authenticate(user) else None

  106. 

  107. 

  108. class AllowAllUsersModelBackend(ModelBackend):

  109.     def user_can_authenticate(self, user):

  110.         return True

  111. 

  112. 

  113. class RemoteUserBackend(ModelBackend):

  114.     """

  115.     This backend is to be used in conjunction with the ``RemoteUserMiddleware``

  116.     found in the middleware module of this package, and is used when the server

  117.     is handling authentication outside of Django.

  118. 

  119.     By default, the ``authenticate`` method creates ``User`` objects for

  120.     usernames that don't already exist in the database.  Subclasses can disable

  121.     this behavior by setting the ``create_unknown_user`` attribute to

  122.     ``False``.

  123.     """

  124. 

  125.     # Create a User object if not already in the database?

  126.     create_unknown_user = True

  127. 

  128.     def authenticate(self, request, remote_user):

  129.         """

  130.         The username passed as ``remote_user`` is considered trusted. Return

  131.         the ``User`` object with the given username. Create a new ``User``

  132.         object if ``create_unknown_user`` is ``True``.

  133. 

  134.         Return None if ``create_unknown_user`` is ``False`` and a ``User``

  135.         object with the given username is not found in the database.

  136.         """

  137.         if not remote_user:

  138.             return

  139.         user = None

  140.         username = self.clean_username(remote_user)

  141. 

  142.         # Note that this could be accomplished in one try-except clause, but

  143.         # instead we use get_or_create when creating unknown users since it has

  144.         # built-in safeguards for multiple threads.

  145.         if self.create_unknown_user:

  146.             user, created = UserModel._default_manager.get_or_create(**{

  147.                 UserModel.USERNAME_FIELD: username

  148.             })

  149.             if created:

  150.                 args = (request, user)

  151.                 try:

  152.                     inspect.getcallargs(self.configure_user, request, user)

  153.                 except TypeError:

  154.                     args = (user,)

  155.                     warnings.warn(

  156.                         'Update %s.configure_user() to accept `request` as '

  157.                         'the first argument.'

  158.                         % self.__class__.__name__, RemovedInDjango31Warning

  159.                     )

  160.                 user = self.configure_user(*args)

  161.         else:

  162.             try:

  163.                 user = UserModel._default_manager.get_by_natural_key(username)

  164.             except UserModel.DoesNotExist:

  165.                 pass

  166.         return user if self.user_can_authenticate(user) else None

  167. 

  168.     def clean_username(self, username):

  169.         """

  170.         Perform any cleaning on the "username" prior to using it to get or

  171.         create the user object.  Return the cleaned username.

  172. 

  173.         By default, return the username unchanged.

  174.         """

  175.         return username

  176. 

  177.     def configure_user(self, request, user):

  178.         """

  179.         Configure a user after creation and return the updated user.

  180. 

  181.         By default, return the user unmodified.

  182.         """

  183.         return user

  184. 

  185. 

  186. class AllowAllUsersRemoteUserBackend(RemoteUserBackend):

  187.     def user_can_authenticate(self, user):

  188.         return True