Added http basic authentication to results resources

mwatts15 · mwatts15 · commit 10aed85104a1 · 2017-02-27T19:54:46.000-06:00
diff --git a/codespeed/auth.py b/codespeed/auth.py
@@ -0,0 +1,33 @@
+import logging
+from functools import wraps
+from django.contrib.auth import authenticate
+from django.http import HttpResponse, HttpResponseForbidden
+from base64 import b64decode
+
+
+def basic_auth_required(realm='default'):
+    def _helper(func):
+        @wraps(func)
+        def _decorator(request, *args, **kwargs):
+            if 'HTTP_AUTHORIZATION' in request.META:
+                http_auth = request.META['HTTP_AUTHORIZATION']
+                authmeth, auth = http_auth.split(' ', 1)
+                if authmeth.lower() == 'basic':
+                    authb = b64decode(auth.strip())
+                    auth = authb.decode()
+                    username, password = auth.split(':', 1)
+                    user = authenticate(username=username, password=password)
+                    if user is not None:
+                        logging.info(
+                            'Authentication succeeded for {}'.format(username))
+                        return func(request, *args, **kwargs)
+                    else:
+                        return HttpResponseForbidden()
+            res = HttpResponse()
+            res.status_code = 401
+            res.reason_phrase = 'Unauthorized'
+            res['WWW-Authenticate'] = 'Basic realm="{}"'.format(realm)
+            return res
+        return _decorator
+
+    return _helper
diff --git a/codespeed/views.py b/codespeed/views.py
@@ -14,6 +14,7 @@
 from django.views.decorators.csrf import csrf_exempt
 from django.template import RequestContext
 from django.conf import settings
+from .auth import basic_auth_required
 
 from .models import (Environment, Report, Project, Revision, Result,
                      Executable, Benchmark, Branch)
@@ -697,6 +698,7 @@ def displaylogs(request):
 
 @csrf_exempt
 @require_POST
+@basic_auth_required('results')
 def add_result(request):
     response, error = save_result(request.POST)
     if error:
@@ -710,6 +712,7 @@ def add_result(request):
 
 @csrf_exempt
 @require_POST
+@basic_auth_required('results')
 def add_json_results(request):
     if not request.POST.get('json'):
         return HttpResponseBadRequest("No key 'json' in POST payload")
