/
auth.py
26 lines (21 loc) · 862 Bytes
/
auth.py
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
from tastypie.authentication import ApiKeyAuthentication
from tastypie.authorization import Authorization
class DeveloperApiKeyAuthentication(ApiKeyAuthentication):
"""
Extends the build in ApiKeyAuthentication and adds in checking
for a user's superuser status.
"""
def get_key(self, user, api_key):
"""
Attempts to find the API key for the user. Uses ``ApiKey`` by default
In addition this checks if the user is a superuser.
If the user is not even if he has a key he will still be unauthorized.
"""
from tastypie.models import ApiKey
if not user.profile.is_superuser:
return self._unauthorized()
try:
key = ApiKey.objects.get(user=user, key=api_key)
except ApiKey.DoesNotExist:
return self._unauthorized()
return True