Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

Django RSS Feed Authentication

Tags:

python

authentication

django

rss

I am looking into adding RSS feeds to one of my Django apps and I would like to be able to have them be authenticated.

I want to use the new syndication framework in Django 1.2. I've read the docs on how to do this and have the basic feeds setup.

I am new to authenticating feeds, so I am not sure what the best approach to take is or what my options really are.

Each user has a unique sub domain and I would like the URL structure to look something like this: http://mysubdomain.mysite.com/myapp/rss/ if possible.

I don't want the feeds to be publicly available, is it possible to use the users username and password for the authentication? Have you found that most feed readers support this? If it's not possible to authenticate for each user, should I try to use a uuid to give them a unique url or is that not secure enough?

As you can probably tell I am not sure what direction to take with this, so any advice on the best way to do this would be very much appreciated.

Thanks

like image 446
imns Avatar asked Sep 28 '10 23:09

imns

2 Answers

This is an old thread, but I recently encountered the same question. I solved it by overloading the __call__ method of the Feed object:

from django.http import HttpResponse

class ArticleFeed(Feed):
    "snip [standard definitions of title, link, methods...]"

    def __call__(self,request,*args,**kwargs):
        if not request.user.is_authenticated():
            return HttpResponse(status=401)
        else:
            return super().__call__(request,*args,**kwargs)
like image 186
orion Avatar answered Oct 15 '22 03:10

orion

Have you tried wrapping the syndication view django.contrib.syndication.views.feed into a view that requires login? RSS feeds should normally be fetched over HTTP, so this should work!

# Import Django's standard feed view.
from django.contrib.auth.decorators import login_required
from django.django.contrib.syndication.views import feed

# Wrap it in a new feed view that requires authentication!
private_feed = login_required(feed)

Caveat: I've never tried this!

Edit!

To be safe with RSS readers that don't support redirection, return a HTTP 401 status code with the following:

authentication_url = '/accounts/login'
def feed_safe_login_required ( view ):
    def _ ( request, *args, **kwargs ):
        if not request.user.is_authenticated:
            return HttpResponseNotAuthorized, authentication_url
    return _

feed = feed_safe_login_required(django.contrib.syndication.views.feed)

Where HttpResponseNotAuthorized is as defined in this django snippet.

like image 22
André Caron Avatar answered Oct 15 '22 03:10

André Caron
Sign in to Comment

Related questions

Implicitly invoking parent class initializer
Python's subprocessing with pipes and large files
unittest tests reuse for family of classes
How do you invoke a python script inside a jar file using python?
Complex form widgets in Django
Python multiprocessing doesn't play nicely with uuid.uuid4()
How to compile Python scripts for use in FORTRAN?
Summary count for Python logging
How to tell process id within Python
How to make every Class Method call a specified method before execution?
is_tarfile() returns True for a blank file
sqlalchemy's create_all doesn't create sequences automatically
Python scene change detection
Capturing event of client disconnecting! - Gevent/Python
python http request with token
What Web/application servers to use for Python [closed]
Simple Django form / model save question
What is a 'good practice' way to write a Python GTK+ application?
How do I know when a child process died?
Python - how can I override the functionality of a class before it's imported by a different module?

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!