From 5e13c97167bfa86304e8b2efcc27edee380ba780 Mon Sep 17 00:00:00 2001
From: Tanner Prestegard <tanner.prestegard@ligo.org>
Date: Tue, 3 Apr 2018 09:01:10 -0500
Subject: [PATCH] move LigoAuthentication from events.api.views to
 events.api.backends

---
 config/settings/base.py        |  3 +++
 gracedb/events/api/backends.py | 28 ++++++++++++++++++++++++++++
 gracedb/events/api/views.py    | 23 +----------------------
 3 files changed, 32 insertions(+), 22 deletions(-)
 create mode 100644 gracedb/events/api/backends.py

diff --git a/config/settings/base.py b/config/settings/base.py
index d2af7d8a7..07538188c 100644
--- a/config/settings/base.py
+++ b/config/settings/base.py
@@ -309,6 +309,9 @@ REST_FRAMEWORK = {
         'event_creation': '1/second',
         'annotation'    : '10/second',
     },
+    'DEFAULT_AUTHENTICATION_CLASSES': (
+        'events.api.backends.LigoAuthentication',
+    ),
 }
 
 # Location of packages installed by bower
diff --git a/gracedb/events/api/backends.py b/gracedb/events/api/backends.py
new file mode 100644
index 000000000..ec1ce23ba
--- /dev/null
+++ b/gracedb/events/api/backends.py
@@ -0,0 +1,28 @@
+from django.contrib.auth import get_user_model
+from django.utils.translation import ugettext_lazy as _
+from rest_framework import authentication, exceptions
+
+
+UserModel = get_user_model()
+
+# We do not want to handle authentication here because it has already
+# been taken care of by Apache/Shib or Apache/mod_ssl. Moreover the
+# auth middleware has already added a user to the request object. To
+# play well with the django rest framework, we need to pretend like we
+# authenticated the user. Remember that the request object here is a
+# *wrapped* version of the Django request, so we have to dig inside it
+# for the user.
+class LigoAuthentication(authentication.BaseAuthentication):
+    def authenticate(self, request):
+        user = None
+        try:
+            user = request._request.user
+        except:
+            pass
+
+        if isinstance(user, UserModel):
+            return (user, None)
+        else:
+            raise exceptions.AuthenticationFailed(_('Bad user'))
+
+
diff --git a/gracedb/events/api/views.py b/gracedb/events/api/views.py
index 4a657461c..cf4d806bd 100644
--- a/gracedb/events/api/views.py
+++ b/gracedb/events/api/views.py
@@ -28,6 +28,7 @@ from ..forms import CreateEventForm
 from ..permission_utils import user_has_perm, filter_events_for_user, \
     is_external, check_external_file_access
 
+from .backends import LigoAuthentication
 from .throttles import EventCreationThrottle, AnnotationThrottle
 
 from core.vfile import VersionedFile
@@ -83,28 +84,6 @@ import StringIO
 
 use_in(LIGOLWContentHandler)
 
-# 
-# We do not want to handle authentication here because it has already
-# been taken care of by Apache/Shib or Apache/mod_ssl. Moreover the 
-# auth middleware has already added a user to the request object. To
-# play well with the django rest framework, we need to pretend like we
-# authenticated the user. Remember that the request object here is a 
-# *wrapped* version of the Django request, so we have to dig inside it
-# for the user.
-#
-class LigoAuthentication(authentication.BaseAuthentication):
-    def authenticate(self, request):
-        user = None
-        try: 
-            user = request._request.user
-        except:
-            pass                    
-
-        if isinstance(user, User):
-            return (user, None)
-        else:
-            raise exceptions.AuthenticationFailed("Bad user")
-
 #
 # A custom permission class for the EventDetail view. 
 #
-- 
GitLab