--- /dev/null
+#
+# Copyright 2018 EveryUP Srl
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+
+"""
+ This Decorator is a modified version of django.contrib.auth.decorators, in order to avoid retirect to login_url
+ with AJAX calls.
+"""
+
+from django.http import HttpResponse
+from django.conf import settings
+from django.contrib.auth import REDIRECT_FIELD_NAME
+from django.shortcuts import resolve_url
+from django.utils.decorators import available_attrs
+from django.utils.six.moves.urllib.parse import urlparse
+from six import wraps
+from django.contrib.auth.views import redirect_to_login
+
+
+def user_passes_test(test_func, login_url=None, redirect_field_name=REDIRECT_FIELD_NAME):
+ """
+ Decorator for views that checks that the user passes the given test,
+ redirecting to the log-in page if necessary. The test should be a callable
+ that takes the user object and returns True if the user passes.
+ """
+
+ def decorator(view_func):
+ @wraps(view_func, assigned=available_attrs(view_func))
+ def _wrapped_view(request, *args, **kwargs):
+ if test_func(request.user):
+ return view_func(request, *args, **kwargs)
+ path = request.build_absolute_uri()
+ resolved_login_url = resolve_url(login_url or settings.LOGIN_URL)
+ # If the login url is the same scheme and net location then just
+ # use the path as the "next" url.
+ login_scheme, login_netloc = urlparse(resolved_login_url)[:2]
+ current_scheme, current_netloc = urlparse(path)[:2]
+ if ((not login_scheme or login_scheme == current_scheme) and
+ (not login_netloc or login_netloc == current_netloc)):
+ path = request.get_full_path()
+ raw_content_types = request.META.get('HTTP_ACCEPT', '*/*').split(',')
+ # if Browser call
+ if 'application/json' not in raw_content_types:
+ return redirect_to_login(path, resolved_login_url, redirect_field_name)
+ # if AJAX call
+ else:
+ return HttpResponse(status=401)
+ return _wrapped_view
+ return decorator
+
+
+def login_required(function=None, redirect_field_name=REDIRECT_FIELD_NAME, login_url=None):
+ """
+ Decorator for views that checks that the user is logged in, redirecting
+ to the log-in page if necessary.
+ """
+ actual_decorator = user_passes_test(
+ lambda u: u.is_authenticated,
+ login_url=login_url,
+ redirect_field_name=redirect_field_name
+ )
+ if function:
+ return actual_decorator(function)
+ return actual_decorator