Django RSS Feed Authentication

2018-06-17 01:36:34

I am looking into adding RSS feeds to one of my Django apps and I would like to be able to have them be authenticated.

I want to use the new syndication framework in Django 1.2. I've read the docs on how to do this and have the basic feeds setup.

I am new to authenticating feeds, so I am not sure what the best approach to take is or what my options really are.

Each user has a unique sub domain and I would like the URL structure to look something like this: http://mysubdomain.mysite.com/myapp/rss/ if possible.

I don't want the feeds to be publicly available, is it possible to use the users username and password for the authentication? Have you found that most feed readers support this? If it's not possible to authenticate for each user, should I try to use a uuid to give them a unique url or is that not secure enough?

As you can probably tell I am not sure what direction to take with this, so any advice on the best way to do this would be very much appreciated.

Thanks

Have you tried wrapping the syndication view django.contrib.syndication.views.feed into a view that requires login? RSS feeds should normally be fetched over HTTP, so this should work!

# Import Django's standard feed view.
from django.contrib.auth.decorators import login_required
from django.django.contrib.syndication.views import feed

# Wrap it in a new feed view that requires authentication!
private_feed = login_required(feed)

Caveat: I've never tried this!

Edit !

To be safe with RSS readers that don't support redirection, return a HTTP 401 status code with the following:

authentication_url = '/accounts/login'
def feed_safe_login_required ( view ):
    def _ ( request, *args, **kwargs ):
        if not request.user.is_authenticated:
            return HttpResponseNotAuthorized, authentication_url
    return _

feed = feed_safe_login_required(django.contrib.syndication.views.feed)

Where HttpResponseNotAuthorized is as defined in this django snippet.

This is an old thread, but I recently encountered the same question. I solved it by overloading the __call__ method of the Feed object:

from django.http import HttpResponse

class ArticleFeed(Feed):
    "snip [standard definitions of title, link, methods...]"

    def __call__(self,request,*args,**kwargs):
        if not request.user.is_authenticated():
            return HttpResponse(status=401)
        else:
            return super().__call__(request,*args,**kwargs)

链接地址: http://www.djcxy.com/p/48258.html

上一篇: 使用AS3的Flash CS5中时髦的SWF加载问题

下一篇: Django RSS源认证