Commit 920e2fa8 authored by Valentin Samir's avatar Valentin Samir

[tv] Mise en place d'une authentifications pour la radio hors zone crans

parent fdf52bee
import urlparse
from functools import wraps
from django.conf import settings
from django.contrib.auth import REDIRECT_FIELD_NAME
from django.core.exceptions import PermissionDenied
from django.utils.decorators import available_attrs
def request_passes_test(test_func, login_url=None, redirect_field_name=REDIRECT_FIELD_NAME):
"""
Decorator for views that checks that the user passes the given test,
redirecting to the log-in page if necessary. The test should be a callable
that takes the user object and returns True if the user passes.
"""
def decorator(view_func):
@wraps(view_func, assigned=available_attrs(view_func))
def _wrapped_view(request, *args, **kwargs):
if test_func(request):
return view_func(request, *args, **kwargs)
path = request.build_absolute_uri()
# If the login url is the same scheme and net location then just
# use the path as the "next" url.
login_scheme, login_netloc = urlparse.urlparse(login_url or
settings.LOGIN_URL)[:2]
current_scheme, current_netloc = urlparse.urlparse(path)[:2]
if ((not login_scheme or login_scheme == current_scheme) and
(not login_netloc or login_netloc == current_netloc)):
path = request.get_full_path()
from django.contrib.auth.views import redirect_to_login
return redirect_to_login(path, login_url, redirect_field_name)
return _wrapped_view
return decorator
......@@ -3,5 +3,6 @@ from django.conf.urls import patterns as patterns
import views
urlpatterns = patterns('',
('^$', views.tv)
('^$', views.tv),
('^auth$', views.icecast_auth),
)
......@@ -5,28 +5,35 @@ import imp
import pickle
import ipaddr
import urllib
import hashlib
import datetime
import tv.dns as tv_dns
import tv.radio.config as tv_config
#from gestion import config.dns
from django.conf import settings
import django.shortcuts
from django.views.decorators.csrf import csrf_exempt
from django.http import HttpResponse, HttpResponseForbidden
#from django.contrib.auth.decorators import login_required
from django.contrib import messages
from django.contrib.auth.models import User
from django.template import RequestContext
from decorators import request_passes_test
import gestion.config
import gestion.config.tv
net_tv = [ipaddr.IPNetwork(net) for net in gestion.config.NETs['fil'] + gestion.config.prefix['fil']]
net_crans = [ipaddr.IPNetwork(net) for net in gestion.config.NETs['all'] + gestion.config.prefix['subnet']]
SAP_FILE_URL = gestion.config.tv.SAP_FILE_PIC
BASE_IMAGE_URL = gestion.config.tv.BASE_IMAGE_URL
IMAGE_SUFFIX = gestion.config.tv.IMAGE_SUFFIX
SMALL_IMAGE_SUFFIX = gestion.config.tv.SMALL_IMAGE_SUFFIX
def get_client_ip(request):
x_forwarded_for = request.META.get('HTTP_X_FORWARDED_FOR')
if x_forwarded_for:
......@@ -50,6 +57,11 @@ def chaines():
except:
return {}
def check_local_or_logged(request):
ip=ipaddr.IPAddress(get_client_ip(request))
return True in [ip in net for net in net_crans] or request.user.is_authenticated()
@request_passes_test(check_local_or_logged)
def tv(request):
ip=ipaddr.IPAddress(get_client_ip(request))
if not True in [ip in net for net in net_tv]:
......@@ -60,9 +72,44 @@ def tv(request):
tnt=[(name, "udp://@%s:1234" % tv_dns.idn(name, fqdn=True, charset=None), image_url_for_channel(ip)) for (name, ip) in chaines().get('TNT', {}).items()]
sat=[(name, "udp://@%s:1234" % tv_dns.idn(name, fqdn=True, charset=None), image_url_for_channel(ip)) for (name, ip) in chaines().get('SAT', {}).items()]
# radio=[(name, "udp://@%s:1234" % tv_dns.idn(name, fqdn=True, charset=None), image_url_for_channel(ip)) for (name, ip) in chaines().get('Radio', {}).items()]
radio=[(name, "http://tv.crans.org:8000/%s" % tv_config.multicast['Radio'][name.encode('utf8')][0], image_url_for_channel(ip)) for (name, ip) in chaines().get('Radio', {}).items()]
if request.user.is_authenticated():
radio=[(name, "http://%s:%s@tv.crans.org:8000/%s" % (request.user.username, radio_password(request.user), tv_config.multicast['Radio'][name.encode('utf8')][0]), image_url_for_channel(ip)) for (name, ip) in chaines().get('Radio', {}).items()]
else:
radio=[(name, "http://tv.crans.org:8000/%s" % tv_config.multicast['Radio'][name.encode('utf8')][0], image_url_for_channel(ip)) for (name, ip) in chaines().get('Radio', {}).items()]
tnt.sort()
sat.sort()
radio.sort()
params={ 'tnt' : tnt, 'sat': sat, 'radio': radio }
params={ 'tnt' : tnt, 'sat': sat, 'radio': radio, 'user': request.user }
return django.shortcuts.render_to_response("tv/index.html", params, context_instance=RequestContext(request))
def radio_password(user):
hash = hashlib.md5("%s~%s~%s" % (user.username, datetime.datetime.now().date(), settings.SECRET_KEY))
return hash.hexdigest()
@csrf_exempt
def icecast_auth(request):
actions = ["mount_add", "mount_remove", "listener_add", "listener_remove"]
response = HttpResponse()
response["icecast-auth-user"]=1
response["icecast-auth-timelimit"]=86400
if request.method == 'POST':
POST = request.POST
if not POST["action"] in actions:
return HttpResponseForbidden()
if POST["action"] == "listener_add":
ip=ipaddr.IPAddress(POST["ip"])
# Si ip crans on accepte
if True in [ip in net for net in net_crans]:
return response
# Sinon, il faut s'authentifier
elif POST["user"] and POST["pass"]:
try:
user = User.objects.get(username=POST["user"])
# Si user/pass sont ok
if POST["pass"] == radio_password(user):
return response
except User.DoesNotExist:
return HttpResponseForbidden()
else:
return response
return HttpResponseForbidden()
......@@ -180,7 +180,11 @@ function init(){
{% endif %}
</ul><br clear="all"/><ul>
{% for key, url, img in radio %}
{% if user.is_authenticated %}
<li class="tv"><a href="{{url}}" onclick="return play_radio('{{url}}')">
{% else %}
<li class="tv"><a href="{{url}}.m3u" onclick="return play_radio('{{url}}')">
{% endif %}
<div class="image_tv">
<img src="{{img}}"/>
<span class="image_tv" >{{key}}</span>
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment