appengine_django/auth/__init__.py - Issue 908: [issue6] Google's Users API Integration

Delta Between Two Patch Sets: appengine_django/auth/init.py

Issue 908: [issue6] Google's Users API Integration (Closed) SVN Base: http://google-app-engine-django.googlecode.com/svn/trunk/

Left Patch Set: Doc tests Created 4 months, 3 weeks ago

Right Patch Set: Created 5 months ago

Use n/p to move between diff chunks; N/P to move between comments. Please Sign in to add in-line comments.

Jump to:

Left: Side by side diff | Download
Right: Side by side diff | Download

LEFT	RIGHT
1 # Copyright 2008 Google Inc.

2 #

3 # Licensed under the Apache License, Version 2.0 (the "License");	1 # Licensed under the Apache License, Version 2.0 (the "License");
	mattbrown.nz 2008/05/09 10:40:20 You should probably add an Author or Copyright lin You should probably add an Author or Copyright line too. aalbrecht 2008/05/09 20:23:23 On 2008/05/09 10:40:20, mattbrown.nz wrote: > You On 2008/05/09 10:40:20, mattbrown.nz wrote: > You should probably add an Author or Copyright line too. Done.
4 # you may not use this file except in compliance with the License.	2 # you may not use this file except in compliance with the License.

5 # You may obtain a copy of the License at	3 # You may obtain a copy of the License at

6 #	4 #

7 # http://www.apache.org/licenses/LICENSE-2.0	5 # http://www.apache.org/licenses/LICENSE-2.0

8 #	6 #

9 # Unless required by applicable law or agreed to in writing, software	7 # Unless required by applicable law or agreed to in writing, software

10 # distributed under the License is distributed on an "AS IS" BASIS,	8 # distributed under the License is distributed on an "AS IS" BASIS,

11 # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.	9 # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.

12 # See the License for the specific language governing permissions and	10 # See the License for the specific language governing permissions and

13 # limitations under the License.	11 # limitations under the License.

14	12

15 """	13 """

16 Authentication module that mimics the behavior of Django's authentication	14 Authentication module that mimics the behavior of Django's authentication

17 implementation.	15 implementation.

18	16

	17 To use this authentication module in an Appengine/Django project:

	18 - add 'appengine_django.auth.middleware.AuthenticationMiddleware'

	19 to MIDDLEWARE_CLASSES

	20 - add 'appengine_django.auth.context_processors.auth'

	21 to TEMPLATE_CONTEXT_PROCESSORS

	22

19 Limitations:	23 Limitations:

	24 - all user manipulation methods are not available

20 - all user permissions methods are not available	25 - all user permissions methods are not available

	26 - user.get_profile method not implemented

	27 - db.UserProperty returns user.User instead of DjangoUser

21 """	28 """

22	29

23 from datetime import datetime	30 from datetime import datetime

24 import urllib	31 import urllib

25	32

26 from django.db.models.manager import EmptyManager	33 from django.db.models.manager import EmptyManager

27 from django.http import HttpResponseRedirect	34 from django.http import HttpResponseRedirect

28 from django.template import Node	35 from django.template import Node

29 from django.utils.encoding import smart_str	36 from django.utils.encoding import smart_str

30	37

31 from google.appengine.api import datastore_types	38 from google.appengine.api import datastore_types

	39 from google.appengine.api import mail

32 from google.appengine.api import users	40 from google.appengine.api import users

33 from google.appengine.ext.db import UserProperty

34 from google.appengine.ext.webapp import template	41 from google.appengine.ext.webapp import template

35	42

36 from appengine_django import models	43 from appengine_django import models

37	44

38 register = template.create_template_register()	45 register = template.create_template_register()

39 template.register_template_library("appengine_django.auth")	46 template.register_template_library("appengine_django.auth")

	47
	mattbrown.nz 2008/05/09 10:40:20 add extra blank line add extra blank line aalbrecht 2008/05/09 20:23:23 On 2008/05/09 10:40:20, mattbrown.nz wrote: > add On 2008/05/09 10:40:20, mattbrown.nz wrote: > add extra blank line Done.
	48 class CallableString(str):

	49 """String subclass that returns the string if it's called as a function.

	50 This class is required for the user's email attribute."""
	mattbrown.nz 2008/05/09 10:40:20 closing """ on next line. closing """ on next line. aalbrecht 2008/05/09 20:23:23 On 2008/05/09 10:40:20, mattbrown.nz wrote: > clos On 2008/05/09 10:40:20, mattbrown.nz wrote: > closing """ on next line. Done.
	51 def __call__(self):

	52 return str(self)

	53

	54

	55 class DjangoUser(users.User):

	56 """Appengine User subclass that mimics the behavior of an Django user.
	mattbrown.nz 2008/05/09 10:40:20 App Engine (nitpick) App Engine (nitpick) aalbrecht 2008/05/09 20:23:23 On 2008/05/09 10:40:20, mattbrown.nz wrote: > App On 2008/05/09 10:40:20, mattbrown.nz wrote: > App Engine (nitpick) Done.
	57

	58 This class is added to datastore_types when importing this module

	59 to make it usable for db.UserProperty().
	mattbrown.nz 2008/05/09 10:40:20 I don't believe this is possible. See further comm I don't believe this is possible. See further comments below. aalbrecht 2008/05/09 20:23:23 On 2008/05/09 10:40:20, mattbrown.nz wrote: > I do On 2008/05/09 10:40:20, mattbrown.nz wrote: > I don't believe this is possible. See further comments below. Maybe this docstring is not clear enough. I don't want to use this class as a property, but as a value for UserProperty. (see below)
	60 """

	61 id = None

	62 is_active = True

	63 first_name = None

	64 last_name = None

	65 password = None

	66 _groups = EmptyManager()

	67 _user_permissions = EmptyManager()

	68

	69 def __init__(self, args, *kw):

	70 super(DjangoUser, self).__init__(args, *kw)

	71 self.email = CallableString(self._User__email)

	72

	73 def __unicode__(self):

	74 return self.username

	75

	76 def __str__(self):

	77 return unicode(self).encode('utf-8')

	78

	79 def _get_username(self):

	80 return self.nickname()

	81 username = property(fget=_get_username)

	82

	83 def _is_superuser(self):

	84 return users.is_current_user_admin()

	85 is_superuser = property(fget=_is_superuser)

	86 is_staff = property(fget=_is_superuser)

	87

	88 def _default_now(self):

	89 return datetime.now()

	90 last_login = property(fget=_default_now)

	91 date_joined = property(fget=_default_now)

	92

	93 def save(self):

	94 raise NotImplementedError

	95

	96 def delete(self):

	97 raise NotImplementedError

	98

	99 def set_password(self, raw_password):

	100 raise NotImplementedError

	101

	102 def check_password(self, raw_password):

	103 raise NotImplementedError

	104

	105 def set_unusable_password(self):

	106 raise NotImplementedError

	107

	108 def has_usable_password(self):

	109 raise NotImplementedError

	110

	111 def _get_groups(self):

	112 return self._groups

	113 groups = property(_get_groups)

	114

	115 def _get_user_permissions(self):

	116 return self._user_permissions

	117 user_permissions = property(_get_user_permissions)

	118

	119 def get_group_permissions(self):

	120 return self._user_permissions

	121

	122 def get_all_permissions(self):

	123 return self._user_permissions

	124

	125 def has_perm(self, perm):

	126 return False

	127

	128 def has_perms(self, perm_list):

	129 return False

	130

	131 def has_module_perms(self, module):

	132 return False

	133

	134 def get_and_delete_messages(self):

	135 return []

	136

	137 def is_anonymous(self):

	138 """Always return False"""

	139 return False

	140

	141 def is_authenticated(self):

	142 """Always return True"""

	143 return True

	144

	145 def get_absolute_url(self):

	146 return "/users/%s/" % urllib.quote(smart_str(self.username))

	147

	148 def get_full_name(self):

	149 return ""

	150

	151 def email_user(self, subject, message, from_email=None):

	152 """Sends an email to this user"""

	153 mail.send_mail(sender=from_email,
	mattbrown.nz 2008/05/09 10:40:20 The App Engine email API requires from_email to be The App Engine email API requires from_email to be an app administrator. There is no easy way for the code to discover this and default to it, but it would be good to document it in the function docstring as it's the sort of thing people will easily forget. aalbrecht 2008/05/09 20:23:23 On 2008/05/09 10:40:20, mattbrown.nz wrote: > The On 2008/05/09 10:40:20, mattbrown.nz wrote: > The App Engine email API requires from_email to be an app administrator. > > There is no easy way for the code to discover this and default to it, but it > would be good to document it in the function docstring as it's the sort of thing > people will easily forget. The docstring now mentions the email API requirement, from_email parameter isn't optional anymore. In addition Django's mail module is imported instead of the mail module found in google.appengine.api (regarding to issue 9, r16)
	154 to=self.email,

	155 subject=subject,

	156 message=message)

	157

	158 def get_profile(self):

	159 raise NotImplementedError

	160 datastore_types._PROPERTY_TYPES.append(DjangoUser)
	mattbrown.nz 2008/05/09 10:40:20 model properties need to be descended from db.Prop model properties need to be descended from db.Property and need to provide at least the make_value_for_datastore and get_value_for_datastore methods. This class doesn't provide any of those methods and I can't see how it would be able to be used as a property within a model. You'll need to create a DjangoUserProperty class derived from db.Property to achieve this. aalbrecht 2008/05/09 20:23:23 On 2008/05/09 10:40:20, mattbrown.nz wrote: > mode On 2008/05/09 10:40:20, mattbrown.nz wrote: > model properties need to be descended from db.Property and need to provide at > least the make_value_for_datastore and get_value_for_datastore methods. > > This class doesn't provide any of those methods and I can't see how it would be > able to be used as a property within a model. > > You'll need to create a DjangoUserProperty class derived from db.Property to > achieve this. I have to admit, this part maybe needs some discussion. This class should be both a Django-like request.user attribute and accepted as a value for db.UserProperty. Here's a short example... Let's assume I have this model defined: class MyItem(BaseModel): itemdata = db.StringProperty() owner = db.UserProperty() To create a new instance of this model I do: item = MyItem(itemdata="foo", owner=request.user) from within a view; in templates/views I can call request.user.is_authenticated() and so on... To make this work DjangoUser needs to be added to _PROPERTY_TYPES. Then it passes the type check in google.api.database_types.ToPropertyPb (line 938, it passes the test in line 975, because it is a users.User instance). But please correct me if I completely misunderstood something here or if you have some other suggestions on how this class should behave. mattbrown.nz 2008/05/11 03:01:20 On 2008/05/09 20:23:23, aalbrecht wrote: > 975, b On 2008/05/09 20:23:23, aalbrecht wrote: > 975, because it is a users.User instance). But please correct me if I completely > misunderstood something here or if you have some other suggestions on how this > class should behave. OK, thanks for the example it definitely clarifies the use case. I think the way you should do this is to create a new property class DjangoUserProperty(UserProperty): ... That property would then take care of up/downscaling a DjangoUser object to/from a users.User object in the make_value_for_datastore and get_value_from_datastore methods. This has two advantages: 1) You don't need to go poking around with the internals of datastore_types. Your make_value_for_datastore method ensures that the datastore only ever sees users.User objects from the property. 2) Retrieving the value of the property will return a DjangoUser rather than a users.User solving one of the outstanding issues you list. Does this sound reasonable to you? aalbrecht 2008/05/13 14:20:24 The DjangoUser class is now a model. I think this The DjangoUser class is now a model. I think this is necessary to add support for permissions and several other user related things in the future. Furthermore the problems introduced with the previous mixture of a users.User subclass and the Django User behavior are resolved with this solution. In addition the get_profile() method is implemented, too.
40	161

41	162

42 def login_required(function):	163 def login_required(function):

43 """Implementation of Django's login_required decorator.	164 """Implementation of Django's login_required decorator.

44	165

45 The login redirect URL is always set to request.path	166 The login redirect URL is always set to request.path

46 """	167 """

47 def login_required_wrapper(request, args, *kw):	168 def login_required_wrapper(request, args, *kw):

48 if request.user.is_authenticated():	169 if request.user.is_authenticated():

49 return function(request, args, *kw)	170 return function(request, args, *kw)

50 return HttpResponseRedirect(users.create_login_url(request.path))	171 return HttpResponseRedirect(users.create_login_url(request.path))

51 return login_required_wrapper	172 return login_required_wrapper

52	173

53	174

54 class AuthLoginUrlsNode(Node):	175 class AuthLoginUrlsNode(Node):

55 """Template node that creates an appengine login or logout URL.	176 """Template node that creates an appengine login or logout URL.

56	177

57 If create_login_url is True the appengine's login URL is rendered into	178 If create_login_url is True the appengine's login URL is rendered into

58 the template, otherwise the logout URL.	179 the template, otherwise the logout URL.

59 """	180 """

60 def __init__(self, create_login_url, redirect):	181 def __init__(self, create_login_url, redirect):

61 self.redirect = redirect	182 self.redirect = redirect

62 self.create_login_url = create_login_url	183 self.create_login_url = create_login_url

63	184

64 def render(self, context):	185 def render(self, context):

65 if self.create_login_url:	186 if self.create_login_url:

66 return users.create_login_url(self.redirect)	187 return users.create_login_url(self.redirect)

67 else:	188 else:

68 return users.create_logout_url(self.redirect)	189 return users.create_logout_url(self.redirect)

69

70	190
	mattbrown.nz 2008/05/09 10:40:20 add blank line add blank line aalbrecht 2008/05/09 20:23:23 On 2008/05/09 10:40:20, mattbrown.nz wrote: > add On 2008/05/09 10:40:20, mattbrown.nz wrote: > add blank line Done.
71 def auth_login_urls(parser, token):	191 def auth_login_urls(parser, token):

72 """Template tag registered as 'auth_login_url' and 'auth_logout_url'	192 """Template tag registered as 'auth_login_url' and 'auth_logout_url'

73 when the module is imported.	193 when the module is imported.

74	194

75 Both tags take an optional argument that specifies the redirect URL and	195 Both tags take an optional argument that specifies the redirect URL and

76 defaults to '/'.	196 defaults to '/'.

77 """	197 """

78 bits = list(token.split_contents())	198 bits = list(token.split_contents())

79 if len(bits) == 2:	199 if len(bits) == 2:

80 redirect = bits[1]	200 redirect = bits[1]

81 else:	201 else:

82 redirect = "/"	202 redirect = "/"

83 login = bits[0] == "auth_login_url"	203 login = bits[0] == "auth_login_url"

84 return AuthLoginUrlsNode(login, redirect)	204 return AuthLoginUrlsNode(login, redirect)

85 register.tag("auth_login_url", auth_login_urls)	205 register.tag("auth_login_url", auth_login_urls)

86 register.tag("auth_logout_url", auth_login_urls)	206 register.tag("auth_logout_url", auth_login_urls)

LEFT	RIGHT

Delta Between Two Patch Sets: appengine_django/auth/__init__.py

Delta Between Two Patch Sets: appengine_django/auth/init.py