Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- # NOTE: these are Django new style middleware classes, won't work with
- # Django < 1.10
- from django.conf import settings
- ACAH = [
- 'Content-Type', 'X-Amz-Date', 'Authorization',
- 'X-Api-Key', 'X-Amz-Security-Token', 'x-requested-with',
- ]
- ACAM = ['DELETE', 'GET', 'OPTIONS', 'PUT', 'POST']
- ACCESS_CONTROL_ALLOW_ORIGIN = getattr(
- settings, 'ACCESS_CONTROL_ALLOW_ORIGIN', '*'
- )
- class ApiGatewayCorsMiddleware(object):
- """
- Add CORS headers to the response. Optionally specify
- ACCESS_CONTROL_ALLOW_ORIGIN in django settings
- """
- def __init__(self, get_response):
- self.get_response = get_response
- def __call__(self, request):
- response = self.get_response(request)
- response['Access-Control-Allow-Headers'] = ','.join(ACAH)
- response['Access-Control-Allow-Methods'] = ','.join(ACAM)
- response['Access-Control-Allow-Origin'] = ACCESS_CONTROL_ALLOW_ORIGIN
- return response
- COGNITO_DEBUG_CLAIMS = getattr(settings, 'COGNITO_DEBUG_CLAIMS', {})
- class CognitoAuthMiddleware(object):
- """
- Attach Cognito User Pool claims to the request.
- Optionally fake claims for local development using
- COGNITO_DEBUG_CLAIMS in settings
- """
- def __init__(self, get_response):
- self.get_response = get_response
- def get_user_claims(self, request, attrs=None):
- claims = request.META.get(
- 'API_GATEWAY_AUTHORIZER', {}
- ).get('claims', COGNITO_DEBUG_CLAIMS)
- if attrs:
- return {attr: claims[attr] for attr in attrs}
- return claims
- def __call__(self, request):
- claims = self.get_user_claims(request)
- # Stash claims to request
- request.authorizer_claims = claims
- response = self.get_response(request)
- return response
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement