Python rest_framework.authentication.SessionAuthentication() Examples

The following are 2 code examples of rest_framework.authentication.SessionAuthentication(). You can vote up the ones you like or vote down the ones you don't like, and go to the original project or source file by following the links above each example. You may also want to check out all available functions/classes of the module rest_framework.authentication , or try the search function .
Example #1
Source File: yasg.py    From django-bananas with MIT License 6 votes vote down vote up
def get_schema_view(self):
        view = get_schema_view(
            openapi.Info(
                title="Django Bananas Admin API Schema",
                default_version=BananasVersioning.default_version,
                description="API for django-bananas.js",
                # terms_of_service="https://www.google.com/policies/terms/",
                # license=openapi.License(name="BSD License"),
            ),
            # validators=["flex", "ssv"],
            public=False,
            generator_class=BananasOpenAPISchemaGenerator,
            authentication_classes=(SessionAuthentication,),
            permission_classes=(permissions.AllowAny,),
            patterns=self.urls,
        )
        view.versioning_class = BananasVersioning

        return view 
Example #2
Source File: rest.py    From coursys with GNU General Public License v3.0 5 votes vote down vote up
def has_permission(self, request, view):
        if not request.user or not request.user.is_authenticated:
            # must be authenticated one way or another
            return False

        authenticator = request.successful_authenticator
        required_permissions = view.consumer_permissions

        if isinstance(authenticator, authentication.SessionAuthentication):
            # CAS authenticated: the world is your oyster
            return True

        elif isinstance(authenticator, OAuthAuthentication):
            # OAuth authenticated: check that the consumer is allowed to do these things

            # re-find the Token, since it isn't stashed in the request
            # could be avoided if: http://code.larlet.fr/django-oauth-plus/issue/40/set-requestconsumer-and-requesttoken-to
            oauth_req = get_oauth_request(request)
            token = get_object_or_404(Token, key=oauth_req['oauth_token'], consumer__key=oauth_req['oauth_consumer_key'])

            # consumer must have asked for all of the permissions being used
            allowed_perms = ConsumerInfo.allowed_permissions(token)
            return set(required_permissions) <= set(allowed_perms)

        else:
            raise ValueError("Unknown authentication method.")