Merge pull request #181 from ekw/master

Remove django-suit

docs/changelog.rst

@@ -1,6 +1,10 @@
 Changelog
 #########
 
+* 0.3.4
+  * BasicAuth support for document and thumbnail downloads, as well as the Push
+    API thanks to @thomasbrueggemann.  See `#179`_.
+
 * 0.3.3
   * Thumbnails in the UI and a Django-suit -based face-lift courtesy of @ekw!
   * Timezone, items per page, and default language are now all configurable,
@@ -163,4 +167,4 @@ Changelog
 .. _#148: https://github.com/danielquinn/paperless/pull/148
 .. _#150: https://github.com/danielquinn/paperless/pull/150
 .. _#172: https://github.com/danielquinn/paperless/issues/172
-
+.. _#179: https://github.com/danielquinn/paperless/pull/179

requirements.txt

@@ -3,7 +3,6 @@ Pillow>=3.1.1
 django-crispy-forms>=1.6.0
 django-extensions>=1.6.1
 django-filter>=1.0
-django-suit>=0.2.23
 djangorestframework>=3.4.4
 filemagic>=1.6
 langdetect>=1.0.5

src/documents/admin.py

@@ -64,7 +64,7 @@ class DocumentAdmin(admin.ModelAdmin):
         png_img = self._html_tag(
             "img",
             src="/fetch/thumb/{}".format(obj.id),
-            width=275,
+            width=180,
             alt="thumbnail",
             title=obj.file_name
         )

src/documents/mixins.py

@@ -1,3 +1,8 @@
+from django.contrib.auth.mixins import AccessMixin
+from django.contrib.auth import authenticate, login
+import base64
+
+
 class Renderable(object):
     """
     A handy mixin to make it easier/cleaner to print output based on a
@@ -7,3 +12,46 @@ class Renderable(object):
     def _render(self, text, verbosity):
         if self.verbosity >= verbosity:
             print(text)
+
+
+class SessionOrBasicAuthMixin(AccessMixin):
+    """
+    Session or Basic Authentication mixin for Django.
+    It determines if the requester is already logged in or if they have
+    provided proper http-authorization and returning the view if all goes
+    well, otherwise responding with a 401.
+
+    Base for mixin found here: https://djangosnippets.org/snippets/3073/
+    """
+
+    def dispatch(self, request, *args, **kwargs):
+
+        # check if user is authenticated via the session
+        if request.user.is_authenticated:
+
+            # Already logged in, just return the view.
+            return super(SessionOrBasicAuthMixin, self).dispatch(
+                request, *args, **kwargs
+            )
+
+        # apparently not authenticated via session, maybe via HTTP Basic?
+        if 'HTTP_AUTHORIZATION' in request.META:
+            auth = request.META['HTTP_AUTHORIZATION'].split()
+            if len(auth) == 2:
+                # NOTE: Support for only basic authentication
+                if auth[0].lower() == "basic":
+                    authString = base64.b64decode(auth[1]).decode('utf-8')
+                    uname, passwd = authString.split(':')
+                    user = authenticate(username=uname, password=passwd)
+                    if user is not None:
+                        if user.is_active:
+                            login(request, user)
+                            request.user = user
+                            return super(
+                                SessionOrBasicAuthMixin, self
+                            ).dispatch(
+                                request, *args, **kwargs
+                            )
+
+        # nope, really not authenticated
+        return self.handle_no_permission()

src/documents/views.py

@@ -1,4 +1,3 @@
-from django.contrib.auth.mixins import LoginRequiredMixin
 from django.http import HttpResponse
 from django.views.decorators.csrf import csrf_exempt
 from django.views.generic import DetailView, FormView, TemplateView
@@ -28,6 +27,7 @@ from .serialisers import (
     LogSerializer,
     TagSerializer
 )
+from .mixins import SessionOrBasicAuthMixin
 
 
 class IndexView(TemplateView):
@@ -41,7 +41,7 @@ class IndexView(TemplateView):
         return TemplateView.get_context_data(self, **kwargs)
 
 
-class FetchView(LoginRequiredMixin, DetailView):
+class FetchView(SessionOrBasicAuthMixin, DetailView):
 
     model = Document
 
@@ -74,7 +74,7 @@ class FetchView(LoginRequiredMixin, DetailView):
         return response
 
 
-class PushView(LoginRequiredMixin, FormView):
+class PushView(SessionOrBasicAuthMixin, FormView):
     """
     A crude REST-ish API for creating documents.
     """

src/paperless/settings.py

@@ -44,7 +44,6 @@ if os.path.exists("/etc/paperless.conf"):
 
 INSTALLED_APPS = [
 
-    'suit',
     'django.contrib.admin',
     'django.contrib.auth',
     'django.contrib.contenttypes',
@@ -61,22 +60,6 @@ INSTALLED_APPS = [
 
 ]
 
-SUIT_CONFIG = {
-    'ADMIN_NAME': 'Paperless',
-    'SEARCH_URL': '',
-    'LIST_PER_PAGE': int(os.getenv("PAPERLESS_LIST_PER_PAGE", 25)),
-    'HEADER_DATE_FORMAT': 'D m-d-Y',
-    'MENU': (
-        'sites',
-        {
-            'app': 'documents',
-            'label': 'Paperless',
-            'icon': 'icon-file',
-            'models': ('Document', 'Tag', 'Correspondent', 'log')
-        },
-    )
-}
-
 MIDDLEWARE_CLASSES = [
     'django.middleware.security.SecurityMiddleware',
     'django.contrib.sessions.middleware.SessionMiddleware',

src/paperless/version.py

@@ -1 +1 @@
-__version__ = (0, 3, 3)
+__version__ = (0, 3, 4)