diff options
Diffstat (limited to 'rest_framework/authentication.py')
| -rw-r--r-- | rest_framework/authentication.py | 19 |
1 files changed, 11 insertions, 8 deletions
diff --git a/rest_framework/authentication.py b/rest_framework/authentication.py index 76ee4bd6..c15568db 100644 --- a/rest_framework/authentication.py +++ b/rest_framework/authentication.py @@ -1,10 +1,11 @@ """ Provides a set of pluggable authentication policies. """ +from __future__ import unicode_literals from django.contrib.auth import authenticate from django.utils.encoding import DjangoUnicodeDecodeError -from rest_framework import exceptions +from rest_framework import exceptions, HTTP_HEADER_ENCODING from rest_framework.compat import CsrfViewMiddleware from rest_framework.compat import smart_text from rest_framework.authtoken.models import Token @@ -43,23 +44,25 @@ class BasicAuthentication(BaseAuthentication): Returns a `User` if a correct username and password have been supplied using HTTP Basic authentication. Otherwise returns `None`. """ - auth = request.META.get('HTTP_AUTHORIZATION', '').split() + auth = request.META.get('HTTP_AUTHORIZATION', b'') + if type(auth) == type(''): + # Work around django test client oddness + auth = auth.encode(HTTP_HEADER_ENCODING) + auth = auth.split() - if not auth or auth[0].lower() != "basic": + if not auth or auth[0].lower() != b'basic': return None if len(auth) != 2: raise exceptions.AuthenticationFailed('Invalid basic header') - encoding = api_settings.HTTP_HEADER_ENCODING try: - auth_parts = base64.b64decode(auth[1].encode(encoding)).partition(':') - except TypeError: + auth_parts = base64.b64decode(auth[1]).decode(HTTP_HEADER_ENCODING).partition(':') + except (TypeError, UnicodeDecodeError): raise exceptions.AuthenticationFailed('Invalid basic header') try: - userid = smart_text(auth_parts[0]) - password = smart_text(auth_parts[2]) + userid, password = auth_parts[0], auth_parts[2] except DjangoUnicodeDecodeError: raise exceptions.AuthenticationFailed('Invalid basic header') |