From f46e2a4db9e70aba473bec537300103c9102ef1a Mon Sep 17 00:00:00 2001 From: Joar Wandborg Date: Wed, 12 Sep 2012 22:41:04 +0200 Subject: Add OAuth models, plugin DB migrations, api_auth --- mediagoblin/tools/pluginapi.py | 35 ++++++++++++++++++++++++++++++++++- 1 file changed, 34 insertions(+), 1 deletion(-) (limited to 'mediagoblin/tools/pluginapi.py') diff --git a/mediagoblin/tools/pluginapi.py b/mediagoblin/tools/pluginapi.py index bf3775d5..f0c8bbc8 100644 --- a/mediagoblin/tools/pluginapi.py +++ b/mediagoblin/tools/pluginapi.py @@ -29,7 +29,7 @@ How do plugins work? ==================== Plugins are structured like any Python project. You create a Python package. -In that package, you define a high-level ``__init__.py`` module that has a +In that package, you define a high-level ``__init__.py`` module that has a ``hooks`` dict that maps hooks to callables that implement those hooks. Additionally, you want a LICENSE file that specifies the license and a @@ -58,6 +58,8 @@ Lifecycle import logging +from functools import wraps + from mediagoblin import mg_globals @@ -205,3 +207,34 @@ def get_config(key): global_config = mg_globals.global_config plugin_section = global_config.get('plugins', {}) return plugin_section.get(key, {}) + + +def api_auth(controller): + @wraps(controller) + def wrapper(request, *args, **kw): + auth_candidates = [] + + for auth in PluginManager().get_hook_callables('auth'): + _log.debug('Plugin auth: {0}'.format(auth)) + if auth.trigger(request): + auth_candidates.append(auth) + + # If we can't find any authentication methods, we should not let them + # pass. + if not auth_candidates: + from webob import exc + return exc.HTTPForbidden() + + # For now, just select the first one in the list + auth = auth_candidates[0] + + _log.debug('Using {0} to authorize request {1}'.format( + auth, request.url)) + + if not auth(request, *args, **kw): + from webob import exc + return exc.HTTPForbidden() + + return controller(request, *args, **kw) + + return wrapper -- cgit v1.2.3