xhSSKJr SSKJrJrJr SSKJr SSKJ r SSK J r SSK J r SSKJr SSKJr SS KJr SS KJr \"S S 55r"S S\5r"SS\5r"SS\5rg)) dataclass)AnyLiteralOptional) sync_to_async)settings) SESSION_KEY AnonymousUser) HttpRequest) HttpBearer) SessionAuth)APITokenc>\rSrSr%\\S'\S\S'Sr\\S'Sr g)Authuser_id)sessiontoken auth_typeNdata) __name__ __module__ __qualname____firstlineno__int__annotations__rrr__static_attributes__r%/code/glitchtip/api/authentication.pyrrs L)**D#r rc$\rSrSr%Sr\\S'Srg)AuthHttpRequestz>Django HttpRequest that is known to be authenticated by a userauthrN)rrrr__doc__rrrrr r!r#r#s H Jr r#c:\rSrSrSrS\S\\S\\4Sjr Sr g) rz Check if user is logged in by checking session This avoids an unnecessary database call. request.auth will result in the user id requestkeyreturnc# [RS:Xa URR[5nO1[ URR5"[5IShvN nU(a[ [U5S5$S$N"7f)Nz&django.contrib.sessions.backends.cacher)rSESSION_ENGINErgetr rrr)selfr)r*rs r! authenticateSessionAuth.authenticate#sf  " "&N Noo))+6G*'//*=*=>{KKG07tCL),ATALsA!B#B$#BrN) rrrrr&r rstrrr0rrr r!rrs0 B"B)1#B $Br rc`^\rSrSrSrS\S\\4U4SjjrSr S\S\ S\\ 4Sjr S r U=r$) TokenAuth.z API Token based authentication always connects to a specific user. Store the token object under data for checking scopes permissions. r)r+c>UR(a1URRS;aSUlUR5$[TU]U5$)N)setup_wizard_hash)resolver_matchurl_namer%get_anonsuper__call__)r/r) __class__s r!r<TokenAuth.__call__4sJ  ! !g&<&<&E&EJ '  GL==? "w((r c# [5$7f)Nr )r/s r!r:TokenAuth.get_anon>s s r*c# [RRUSS9IShvN n[ UR SUS9$N![Ra gf=f7f)NT)ruser__is_activer)r)robjectsaget DoesNotExistrr)r/r)r*rs r!r0TokenAuth.authenticateAsZ "**//c4/PPEEMM777 Q$$  s5A!A?AAAAAAAr)rrrrr&r rrr<r:r2rr0r __classcell__)r=s@r!r4r4.sG ) ) )8+8C8HTN88r r4N) dataclassesrtypingrrr asgiref.syncr django.confrdjango.contrib.authr django.contrib.auth.modelsr django.httpr ninja.securityr rBaseSessionAuthapps.api_tokens.modelsrrr#r4rr r!rRse!))& +4#%9+   k B/B$8 8r