_vgU `ddlZddlmZddlmZddlmZmZddlm Z dgZ d d d d d d Z dS)N)login) AnonymousUser)ImproperlyConfiguredPermissionDenied)get_user authenticateTF)required permanentoverridectjtStjfd}|S)a. Decorator that looks for a signed token in the URL and authenticates a user. If a valid token is found, the user is available as ``request.user`` in the view. Else, :exc:`~django.core.exceptions.PermissionDenied` is raised, resulting in an HTTP 403 Forbidden error. :obj:`authenticate` may be applied to a view directly:: @authenticate def view(request): ... or with arguments:: @authenticate(scope="status-page") def view(request): ... If ``scope`` is set, a :ref:`scoped token ` is expected. If ``max_age`` is set, override the :data:`SESAME_MAX_AGE` setting. Set ``required`` to :obj:`False` to set ``request.user`` to an :class:`~django.contrib.auth.models.AnonymousUser` and execute the view when the token is invalid, instead of raising an exception. Then, you can check if ``request.user.is_authenticated``. :obj:`authenticate` doesn't log the user in permanently. It is intended to provide direct access to a specific resource without exposing all other private resources. This makes it more acceptable to use the less secure authentication mechanism provided by django-sesame. Set ``permanent`` to :obj:`True` to call :func:`~django.contrib.auth.login` after a user is authenticated. :obj:`authenticate` doesn't care if a user is already logged in. It looks for a signed token anyway and overrides ``request.user``. Set ``override`` to :obj:`False` to skip authentication if a user is already logged in. N)scopemax_ager r r c bt|dr|jjrs  |g|Ri|Srt|dstdt |rdndj|i|}||n t |_r |tr|t|| |g|Ri|S)Nusersessionz=authenticate(permanent=True) requires django.contrib.sessionsF)update_last_loginrr) hasattrris_authenticatedrrformatrrr) requestargskwargsrrr r r rviews N/var/www/pixelcanvas.ch/venv/lib/python3.11/site-packages/sesame/decorators.pywrapperzauthenticate..wrapperIs 7F # # 2 (E 2h 241$111&11 1  WWi88 &O   '0:eed%,///     $/tt]__  # " "  !) '4 tG-d---f---) functoolspartialr wraps)rrrr r r rs`````` rr r sf |      _T..........: Nr)Nr N) rdjango.contrib.authrdjango.contrib.auth.modelsrdjango.core.exceptionsrrutilsr__all__r rrr(s%%%%%%444444IIIIIIII    [  [[[[[[[r