django user auth + gwt

Question

I have a django server app that communicates with a gwt front-end using JSON. I want to introduce user authentication to the app and have started to incorporate the framework provided by django. At this point I have set up the server to respond with the user authentication form when necessary (using the @login_required decorator scheme described in the above link), but I'm not sure what to do with this in GWT.

If you are using GWT with django and have implemented user auth, it would be great to hear how you set things up.

Thanks.

Answer 1

I never used Django, but you probably can set what will be returned when login is required.

You can, for instance, return a message so the client can prompt the user with the authentication form. Of course, you would need to account for this situation in every call, but then you could create a abstract request class to do this.

Answer 2

The autotest project used gwt and django combination. Have a look at http://autotest.kernel.org/browser/trunk/frontend source code. To be specific I would modify http://autotest.kernel.org/browser/trunk/frontend/afe/json%5Frpc/serviceHandler.py and add something like below (which would filter login, logout and is__logged__in and for all other functions it would invoke request.user.is_authenticated() to make sure that all other json rpc are protected)

def invokeServiceEndpoint(self, meth, request, response, args):
  if meth.func_name == "login" or meth.func_name == "logout" or meth.func_name == "is_loggedin":
    return meth(request, *args)
  else:
    if request.user.is_authenticated():
      return meth(request.user, *args)
    else:
      from studio.rpc_exceptions import AccessDeniedException
      raise AccessDeniedException()