A bit of reading of the source code and the documentation of django-piston [2] leads me to understand that django-piston has been designed from the ground to enable you to easily write your own authentication handler. Out of the box it comes with "HttpBasicAuthentication" and OAuthAuthentication. "HttpBasicAuthentication" is a very good example how to implement a DjangoAuthentication.
An authentication handler is a class, which must have 2 methods: is_authenticated, challenge
class DjangoAuthentication(object):
"""
Django authentication.
"""
def __init__(self, login_url=None, redirect_field_name=REDIRECT_FIELD_NAME):
if not login_url:
login_url = settings.LOGIN_URL
self.login_url = login_url
self.redirect_field_name = redirect_field_name
self.request = None
def is_authenticated(self, request):
"""
This method call the `is_authenticated` method of django
User in django.contrib.auth.models.
`is_authenticated`: Will be called when checking for
authentication. It returns True if the user is authenticated
False otherwise.
"""
self.request = request
return request.user.is_authenticated()
def challenge(self):
"""
`challenge`: In cases where `is_authenticated` returns
False, the result of this method will be returned.
This will usually be a `HttpResponse` object with
some kind of challenge headers and 401 code on it.
"""
path = urlquote(self.request.get_full_path())
tup = self.login_url, self.redirect_field_name, path
return HttpResponseRedirect('%s?%s=%s' %tup)
The implementation is relatively simple, is_authenticated uses the method with the same name available from a django User and the challenge redirect the user to the login page.
This post will end the series on django-piston it was for me a pretext to get familliar with this great app that make creating a RESTFUL api for django easy. You can find all the modifications I did into my fork on bitbucket [3]
[1] http://bitbucket.org/yml/django-piston/src/a8bcb7f9756e/examples/blogserver/templates/edit_ajaxy_post.html#cl-6
[2] http://bitbucket.org/jespern/django-piston/wiki/Documentation#authentication
[3] http://bitbucket.org/yml/django-piston/