î
ªÍ Xì  ã               @   sØ   d  d l  m Z d  d l m Z d  d l m Z d  d l m Z d  d l m	 Z	 d  d l
 m Z d  d l m Z d d	 „  Z Gd
 d „  d e ƒ Z Gd d „  d e ƒ Z Gd d „  d e ƒ Z Gd d „  d e ƒ Z d S)é    )Úsettings)Úauth)Úload_backend)ÚRemoteUserBackend)ÚImproperlyConfigured)ÚMiddlewareMixin)ÚSimpleLazyObjectc             C   s+   t  |  d ƒ s$ t j |  ƒ |  _ n  |  j S)NÚ_cached_user)Úhasattrr   Úget_userr	   )Úrequest© r   úL/home/ubuntu/projects/ifolica/build/django/django/contrib/auth/middleware.pyr   
   s    r   c               @   s   e  Z d  Z d d „  Z d S)ÚAuthenticationMiddlewarec                sS   t  ˆ  d ƒ s4 t d t j d  k r* d n d ƒ ‚ t ‡  f d d †  ƒ ˆ  _ d  S)NÚsessionzóThe Django authentication middleware requires session middleware to be installed. Edit your MIDDLEWARE%s setting to insert 'django.contrib.sessions.middleware.SessionMiddleware' before 'django.contrib.auth.middleware.AuthenticationMiddleware'.Z_CLASSESÚ c                  s
   t  ˆ  ƒ S)N)r   r   )r   r   r   Ú<lambda>   s    z:AuthenticationMiddleware.process_request.<locals>.<lambda>)r
   ÚAssertionErrorr   Z
MIDDLEWAREr   Úuser)Úselfr   r   )r   r   Úprocess_request   s    z(AuthenticationMiddleware.process_requestN)Ú__name__Ú
__module__Ú__qualname__r   r   r   r   r   r      s   r   c               @   s"   e  Z d  Z d Z d d „  Z d S)ÚSessionAuthenticationMiddlewareab  
    Formerly, a middleware for invalidating a user's sessions that don't
    correspond to the user's current session authentication hash. However, it
    caused the "Vary: Cookie" header on all responses.

    It's now a shim to allow a single settings file to more easily support
    multiple versions of Django. Will be RemovedInDjango20Warning.
    c             C   s   d  S)Nr   )r   r   r   r   r   r   $   s    z/SessionAuthenticationMiddleware.process_requestN)r   r   r   Ú__doc__r   r   r   r   r   r      s   r   c               @   sF   e  Z d  Z d Z d Z d Z d d „  Z d d „  Z d d	 „  Z d
 S)ÚRemoteUserMiddlewareaý  
    Middleware for utilizing Web-server-provided authentication.

    If request.user is not authenticated, then this middleware attempts to
    authenticate the username passed in the ``REMOTE_USER`` request header.
    If authentication is successful, the user is automatically logged in to
    persist the user in the session.

    The header used is configurable and defaults to ``REMOTE_USER``.  Subclass
    this class and change the ``header`` attribute if you need to use a
    different header.
    ZREMOTE_USERTc             C   sé   t  | d ƒ s t d ƒ ‚ n  y | j |  j } Wn; t k
 ro |  j rg | j j rg |  j | ƒ n  d  SYn X| j j r± | j j	 ƒ  |  j
 | | ƒ k r¡ d  S|  j | ƒ n  t j d | ƒ } | rå | | _ t j | | ƒ n  d  S)Nr   zçThe Django remote user auth middleware requires the authentication middleware to be installed.  Edit your MIDDLEWARE setting to insert 'django.contrib.auth.middleware.AuthenticationMiddleware' before the RemoteUserMiddleware class.Zremote_user)r
   r   ZMETAÚheaderÚKeyErrorÚforce_logout_if_no_headerr   Zis_authenticatedÚ_remove_invalid_userZget_usernameÚclean_usernamer   ZauthenticateÚlogin)r   r   Úusernamer   r   r   r   r   <   s"    	!	z$RemoteUserMiddleware.process_requestc             C   sK   | j  t j } t j | ƒ } y | j | ƒ } Wn t k
 rF Yn X| S)zs
        Allows the backend to clean the username, if the backend defines a
        clean_username method.
        )r   r   ÚBACKEND_SESSION_KEYr   r!   ÚAttributeError)r   r#   r   Zbackend_strÚbackendr   r   r   r!   b   s    z#RemoteUserMiddleware.clean_usernamec             C   sg   y" t  | j j t j d ƒ ƒ } Wn t k
 rC t j | ƒ Yn  Xt | t ƒ rc t j | ƒ n  d S)z¡
        Removes the current authenticated user in the request which is invalid
        but only if the user is authenticated via the RemoteUserBackend.
        r   N)	r   r   Úgetr   r$   ÚImportErrorZlogoutÚ
isinstancer   )r   r   Zstored_backendr   r   r   r    o   s    "z)RemoteUserMiddleware._remove_invalid_userN)	r   r   r   r   r   r   r   r!   r    r   r   r   r   r   (   s   &r   c               @   s   e  Z d  Z d Z d Z d S)ÚPersistentRemoteUserMiddlewarea£  
    Middleware for Web-server provided authentication on logon pages.

    Like RemoteUserMiddleware but keeps the user authenticated even if
    the header (``REMOTE_USER``) is not found in the request. Useful
    for setups when the external authentication via ``REMOTE_USER``
    is only expected to happen on some "logon" URL and the rest of
    the application wants to use Django's authentication mechanism.
    FN)r   r   r   r   r   r   r   r   r   r*   ~   s   	r*   N)Zdjango.confr   Zdjango.contribr   Zdjango.contrib.authr   Zdjango.contrib.auth.backendsr   Zdjango.core.exceptionsr   Zdjango.utils.deprecationr   Zdjango.utils.functionalr   r   r   r   r   r*   r   r   r   r   Ú<module>   s   V