feat: Support Basic Authentication for show details

pennersr · Mar 4, 2018 · d2fd3b1 · d2fd3b1
1 parent 7dbd412
commit d2fd3b1
Show file tree

Hide file tree

Showing 2 changed files with 24 additions and 2 deletions.
diff --git a/README.rst b/README.rst
@@ -35,6 +35,11 @@ Install the app::
         'healthpoint'
     ]
 
+    # If specified, this user is able to see the details for each
+    # individual check in the endpoint.
+    HEALTHPOINT_BASICAUTH_USERNAME = 'john'
+    HEALTHPOINT_BASICAUTH_PASSWORD = 'doe'
+
     # urls.py
     urlpatterns = [
         ...

diff --git a/healthpoint/views.py b/healthpoint/views.py
@@ -1,8 +1,26 @@
+from django.conf import settings
 from django.http import JsonResponse
 
 from healthpoint.registry import get_health_checks
 
 
+def _show_health_details(request):
+    # Only staff members are allowed to see details...
+    user = getattr(request, 'user', None)
+    if user is not None and (user.is_staff or user.is_superuser):
+        return True
+    ba_username = getattr(settings, 'HEALTHPOINT_BASICAUTH_USERNAME', None)
+    ba_password = getattr(settings, 'HEALTHPOINT_BASICAUTH_PASSWORD', None)
+    authorization = request.META.get('HTTP_AUTHORIZATION')
+    if ba_username and ba_password and authorization:
+        method, _, auth = authorization.partition(' ')
+        if method.lower() == 'basic':
+            auth = auth.strip().decode('base64')
+            username, password = auth.partition(':')
+            return (username == ba_username and password == ba_password)
+    return False
+
+
 def health(request):
     data = {'success': {}, 'error': {}}
     status = 200
@@ -15,7 +33,6 @@ def health(request):
         if not success:
             status = 500
     # Only staff members are allowed to see details...
-    user = getattr(request, 'user', None)
-    if user is None or not user.is_staff or not user.is_superuser:
+    if not _show_health_details(request):
         data = {}
     return JsonResponse(data, status=status)