a Sic;@sdZddlZddlZddlmZmZddlmZddlm Z ddl m Z m Z ddZGd d d eZGd d d ZGd ddeZGdddeZGdddeZGdddeZdS)z+ Provides various authentication policies. N) authenticateget_user_model)CsrfViewMiddleware) gettext_lazy)HTTP_HEADER_ENCODING exceptionscCs&|jdd}t|tr"|t}|S)z Return request's 'Authorization:' header, as a bytestring. Hide some test client ickyness where the header can be unicode. ZHTTP_AUTHORIZATION)METAget isinstancestrencoder)requestauthrY/var/www/html/django/DPS/env/lib/python3.9/site-packages/rest_framework/authentication.pyget_authorization_headers  rc@seZdZddZdS) CSRFCheckcCs|SNr)selfrreasonrrr_rejectszCSRFCheck._rejectN)__name__ __module__ __qualname__rrrrrrsrc@s eZdZdZddZddZdS)BaseAuthenticationzF All authentication classes should extend BaseAuthentication. cCs tddS)zS Authenticate the request and return a two-tuple of (user, token). z#.authenticate() must be overridden.N)NotImplementedErrorrrrrrr&szBaseAuthentication.authenticatecCsdS)z Return a string to be used as the value of the `WWW-Authenticate` header in a `401 Unauthenticated` response, or `None` if the authentication scheme should return `403 Permission Denied` responses. Nrrrrrauthenticate_header,sz&BaseAuthentication.authenticate_headerN)rrr__doc__rrrrrrr!src@s.eZdZdZdZddZd ddZdd ZdS) BasicAuthenticationz> HTTP Basic authentication against username/password. apic Cst|}|r |ddkr$dSt|dkrDtd}t|nt|dkrbtd}t|zNzt|d d}Wn&t yt|d d }Yn0| d }Wn,t t t jfytd }t|Yn0|d|d}}||||S) z Returns a `User` if a correct username and password have been supplied using HTTP Basic authentication. Otherwise returns `None`. rsbasicNz.Invalid basic header. No credentials provided.zCInvalid basic header. Credentials string should not contain spaces.zutf-8zlatin-1:z?Invalid basic header. Credentials not correctly base64 encoded.)rsplitlowerlen_rAuthenticationFailedbase64 b64decodedecodeUnicodeDecodeError partition TypeErrorbinasciiErrorauthenticate_credentials)rrrmsgZ auth_decodedZ auth_partsuseridpasswordrrrr;s(      z BasicAuthentication.authenticateNcCsTtj|d|i}tfd|i|}|dur8ttd|jsLttd|dfS)z Authenticate the userid and password against username and password with optional request for context. r5rNzInvalid username/password.User inactive or deleted.)rUSERNAME_FIELDrrr)r( is_active)rr4r5r credentialsuserrrrr2Ysz,BasicAuthentication.authenticate_credentialscCs d|jS)NzBasic realm="%s")www_authenticate_realmrrrrrlsz'BasicAuthentication.authenticate_header)N)rrrrr;rr2rrrrrr 5s  r c@s eZdZdZddZddZdS)SessionAuthenticationz< Use Django's session framework for authentication. cCs.t|jdd}|r|jsdS|||dfS)z{ Returns a `User` if the request session currently has a logged in user. Otherwise returns `None`. r:N)getattr_requestr8 enforce_csrfrrr:rrrrus   z"SessionAuthentication.authenticatecCs@dd}t|}||||ddi}|rSessionAuthentication.enforce_csrf..dummy_get_responseNrzCSRF Failed: %s)rprocess_request process_viewrPermissionDenied)rrrAcheckrrrrr?s  z"SessionAuthentication.enforce_csrfN)rrrrrr?rrrrr<psr<c@s8eZdZdZdZdZddZddZdd Zd d Z dS) TokenAuthenticationa Simple token based authentication. Clients should authenticate by passing the token key in the "Authorization" HTTP header, prepended with the string "Token ". For example: Authorization: Token 401f7ac837da42b97f613d789819ff93537bee6a TokenNcCs |jdur|jSddlm}|S)Nr)rG)modelZrest_framework.authtoken.modelsrG)rrGrrr get_models  zTokenAuthentication.get_modelcCst|}|r*|d|jkr.dSt|dkrNtd}t|nt|dkrltd}t|z|d }Wn$t ytd}t|Yn0| |S)Nrr"z.Invalid token header. No credentials provided.r#z=Invalid token header. Token string should not contain spaces.zIInvalid token header. Token string should not contain invalid characters.) rr%r&keywordr r'r(rr)r, UnicodeErrorr2)rrrr3tokenrrrrs      z TokenAuthentication.authenticatecCsd|}z|jdj|d}Wn"|jyBttdYn0|jj sZttd|j|fS)Nr:)keyzInvalid token.r6) rIobjectsselect_relatedr DoesNotExistrr)r(r:r8)rrMrHrLrrrr2sz,TokenAuthentication.authenticate_credentialscCs|jSr)rJrrrrrsz'TokenAuthentication.authenticate_header) rrrrrJrHrIrr2rrrrrrFs   rFc@seZdZdZdZddZdS)RemoteUserAuthenticationa REMOTE_USER authentication. To use this, set up your web server to perform authentication, which will set the REMOTE_USER environment variable. You will need to have 'django.contrib.auth.backends.RemoteUserBackend in your AUTHENTICATION_BACKENDS setting REMOTE_USERcCs,t||j|jd}|r(|jr(|dfSdS)N)r remote_user)rr r headerr8r@rrrrs z%RemoteUserAuthentication.authenticateN)rrrrrTrrrrrrQs rQ)rr*r0django.contrib.authrrdjango.middleware.csrfrdjango.utils.translationrr(rest_frameworkrrrrrr r<rFrQrrrrs   ;'?