45 lines
1.3 KiB
Python
45 lines
1.3 KiB
Python
from typing import Any, Optional
|
|
|
|
from django.conf import settings
|
|
from django.http import HttpRequest
|
|
|
|
from ninja.security.apikey import APIKeyCookie
|
|
|
|
__all__ = ["SessionAuth", "SessionAuthSuperUser", "SessionAuthIsStaff"]
|
|
|
|
|
|
class SessionAuth(APIKeyCookie):
|
|
"Reusing Django session authentication"
|
|
|
|
param_name: str = settings.SESSION_COOKIE_NAME
|
|
|
|
def authenticate(self, request: HttpRequest, key: Optional[str]) -> Optional[Any]:
|
|
if request.user.is_authenticated:
|
|
return request.user
|
|
|
|
return None
|
|
|
|
|
|
class SessionAuthSuperUser(APIKeyCookie):
|
|
"Reusing Django session authentication & verify that the user is a super user"
|
|
|
|
param_name: str = settings.SESSION_COOKIE_NAME
|
|
|
|
def authenticate(self, request: HttpRequest, key: Optional[str]) -> Optional[Any]:
|
|
is_superuser = getattr(request.user, "is_superuser", None)
|
|
if request.user.is_authenticated and is_superuser:
|
|
return request.user
|
|
|
|
return None
|
|
|
|
|
|
class SessionAuthIsStaff(SessionAuthSuperUser):
|
|
def authenticate(self, request: HttpRequest, key: Optional[str]) -> Optional[Any]:
|
|
result = super().authenticate(request, key)
|
|
if result is not None:
|
|
return result
|
|
if request.user.is_authenticated and getattr(request.user, "is_staff", None):
|
|
return request.user
|
|
|
|
return None
|