Source code for intranet.apps.api.authentication

from django.contrib import auth
from django.views.decorators.debug import sensitive_variables
from rest_framework import authentication, exceptions


[docs]class ApiBasicAuthentication(authentication.BasicAuthentication):
[docs]    @sensitive_variables("password")
    def authenticate_credentials(self, userid, password, request=None):
        """Authenticate the userid and password."""

        user = auth.authenticate(username=userid, password=password)

        if user is None or (user and not user.is_active):
            raise exceptions.AuthenticationFailed("Invalid username/password.")

        return (user, None)


[docs]class CsrfExemptSessionAuthentication(authentication.SessionAuthentication):
[docs]    def enforce_csrf(self, request):
        return