Mercurial > kallithea
annotate pylons_app/lib/auth.py @ 52:25e516447a33
implemented autentication
author | marcink |
---|---|
date | Thu, 08 Apr 2010 12:00:06 +0200 |
parents | 8e250e86a670 |
children | 08707974eae4 |
rev | line source |
---|---|
41
71ffa932799d
Added app basic auth.
Marcin Kuzminski <marcin@python-blog.com>
parents:
diff
changeset
|
1 import sqlite3 |
71ffa932799d
Added app basic auth.
Marcin Kuzminski <marcin@python-blog.com>
parents:
diff
changeset
|
2 import os |
71ffa932799d
Added app basic auth.
Marcin Kuzminski <marcin@python-blog.com>
parents:
diff
changeset
|
3 import logging |
71ffa932799d
Added app basic auth.
Marcin Kuzminski <marcin@python-blog.com>
parents:
diff
changeset
|
4 from os.path import dirname as dn |
71ffa932799d
Added app basic auth.
Marcin Kuzminski <marcin@python-blog.com>
parents:
diff
changeset
|
5 from datetime import datetime |
71ffa932799d
Added app basic auth.
Marcin Kuzminski <marcin@python-blog.com>
parents:
diff
changeset
|
6 import crypt |
52 | 7 from pylons import session, url |
8 from pylons.controllers.util import abort, redirect | |
9 from decorator import decorator | |
41
71ffa932799d
Added app basic auth.
Marcin Kuzminski <marcin@python-blog.com>
parents:
diff
changeset
|
10 log = logging.getLogger(__name__) |
71ffa932799d
Added app basic auth.
Marcin Kuzminski <marcin@python-blog.com>
parents:
diff
changeset
|
11 ROOT = dn(dn(dn(os.path.realpath(__file__)))) |
71ffa932799d
Added app basic auth.
Marcin Kuzminski <marcin@python-blog.com>
parents:
diff
changeset
|
12 |
44 | 13 def get_sqlite_conn_cur(): |
41
71ffa932799d
Added app basic auth.
Marcin Kuzminski <marcin@python-blog.com>
parents:
diff
changeset
|
14 conn = sqlite3.connect(os.path.join(ROOT, 'auth.sqlite')) |
71ffa932799d
Added app basic auth.
Marcin Kuzminski <marcin@python-blog.com>
parents:
diff
changeset
|
15 cur = conn.cursor() |
71ffa932799d
Added app basic auth.
Marcin Kuzminski <marcin@python-blog.com>
parents:
diff
changeset
|
16 return conn, cur |
71ffa932799d
Added app basic auth.
Marcin Kuzminski <marcin@python-blog.com>
parents:
diff
changeset
|
17 |
46
9db7782727b3
Static files for production fixed
Marcin Kuzminski <marcin@python-blog.com>
parents:
45
diff
changeset
|
18 |
9db7782727b3
Static files for production fixed
Marcin Kuzminski <marcin@python-blog.com>
parents:
45
diff
changeset
|
19 def admin_auth(username, password): |
9db7782727b3
Static files for production fixed
Marcin Kuzminski <marcin@python-blog.com>
parents:
45
diff
changeset
|
20 conn, cur = get_sqlite_conn_cur() |
9db7782727b3
Static files for production fixed
Marcin Kuzminski <marcin@python-blog.com>
parents:
45
diff
changeset
|
21 password_crypt = crypt.crypt(password, '6a') |
9db7782727b3
Static files for production fixed
Marcin Kuzminski <marcin@python-blog.com>
parents:
45
diff
changeset
|
22 |
9db7782727b3
Static files for production fixed
Marcin Kuzminski <marcin@python-blog.com>
parents:
45
diff
changeset
|
23 try: |
9db7782727b3
Static files for production fixed
Marcin Kuzminski <marcin@python-blog.com>
parents:
45
diff
changeset
|
24 cur.execute("SELECT * FROM users WHERE username=?", (username,)) |
9db7782727b3
Static files for production fixed
Marcin Kuzminski <marcin@python-blog.com>
parents:
45
diff
changeset
|
25 data = cur.fetchone() |
9db7782727b3
Static files for production fixed
Marcin Kuzminski <marcin@python-blog.com>
parents:
45
diff
changeset
|
26 except sqlite3.OperationalError as e: |
9db7782727b3
Static files for production fixed
Marcin Kuzminski <marcin@python-blog.com>
parents:
45
diff
changeset
|
27 data = None |
9db7782727b3
Static files for production fixed
Marcin Kuzminski <marcin@python-blog.com>
parents:
45
diff
changeset
|
28 log.error(e) |
9db7782727b3
Static files for production fixed
Marcin Kuzminski <marcin@python-blog.com>
parents:
45
diff
changeset
|
29 |
9db7782727b3
Static files for production fixed
Marcin Kuzminski <marcin@python-blog.com>
parents:
45
diff
changeset
|
30 if data: |
9db7782727b3
Static files for production fixed
Marcin Kuzminski <marcin@python-blog.com>
parents:
45
diff
changeset
|
31 if data[3]: |
9db7782727b3
Static files for production fixed
Marcin Kuzminski <marcin@python-blog.com>
parents:
45
diff
changeset
|
32 if data[1] == username and data[2] == password_crypt and data[4]: |
9db7782727b3
Static files for production fixed
Marcin Kuzminski <marcin@python-blog.com>
parents:
45
diff
changeset
|
33 log.info('user %s authenticated correctly', username) |
9db7782727b3
Static files for production fixed
Marcin Kuzminski <marcin@python-blog.com>
parents:
45
diff
changeset
|
34 return True |
9db7782727b3
Static files for production fixed
Marcin Kuzminski <marcin@python-blog.com>
parents:
45
diff
changeset
|
35 else: |
9db7782727b3
Static files for production fixed
Marcin Kuzminski <marcin@python-blog.com>
parents:
45
diff
changeset
|
36 log.error('user %s is disabled', username) |
9db7782727b3
Static files for production fixed
Marcin Kuzminski <marcin@python-blog.com>
parents:
45
diff
changeset
|
37 |
9db7782727b3
Static files for production fixed
Marcin Kuzminski <marcin@python-blog.com>
parents:
45
diff
changeset
|
38 return False |
9db7782727b3
Static files for production fixed
Marcin Kuzminski <marcin@python-blog.com>
parents:
45
diff
changeset
|
39 |
41
71ffa932799d
Added app basic auth.
Marcin Kuzminski <marcin@python-blog.com>
parents:
diff
changeset
|
40 def authfunc(environ, username, password): |
44 | 41 conn, cur = get_sqlite_conn_cur() |
41
71ffa932799d
Added app basic auth.
Marcin Kuzminski <marcin@python-blog.com>
parents:
diff
changeset
|
42 password_crypt = crypt.crypt(password, '6a') |
71ffa932799d
Added app basic auth.
Marcin Kuzminski <marcin@python-blog.com>
parents:
diff
changeset
|
43 |
42 | 44 try: |
45 cur.execute("SELECT * FROM users WHERE username=?", (username,)) | |
46 data = cur.fetchone() | |
47 except sqlite3.OperationalError as e: | |
48 data = None | |
49 log.error(e) | |
41
71ffa932799d
Added app basic auth.
Marcin Kuzminski <marcin@python-blog.com>
parents:
diff
changeset
|
50 if data: |
71ffa932799d
Added app basic auth.
Marcin Kuzminski <marcin@python-blog.com>
parents:
diff
changeset
|
51 if data[3]: |
71ffa932799d
Added app basic auth.
Marcin Kuzminski <marcin@python-blog.com>
parents:
diff
changeset
|
52 if data[1] == username and data[2] == password_crypt: |
71ffa932799d
Added app basic auth.
Marcin Kuzminski <marcin@python-blog.com>
parents:
diff
changeset
|
53 log.info('user %s authenticated correctly', username) |
45 | 54 if environ: |
55 http_accept = environ.get('HTTP_ACCEPT') | |
56 | |
57 if http_accept.startswith('application/mercurial') or \ | |
58 environ['PATH_INFO'].find('raw-file') != -1: | |
59 cmd = environ['PATH_INFO'] | |
60 for qry in environ['QUERY_STRING'].split('&'): | |
61 if qry.startswith('cmd'): | |
62 cmd += "|" + qry | |
41
71ffa932799d
Added app basic auth.
Marcin Kuzminski <marcin@python-blog.com>
parents:
diff
changeset
|
63 |
45 | 64 try: |
52 | 65 cur.execute("""INSERT INTO |
45 | 66 user_logs |
52 | 67 VALUES(?,?,?,?)""", |
45 | 68 (None, data[0], cmd, datetime.now())) |
69 conn.commit() | |
70 except Exception as e: | |
71 conn.rollback() | |
72 log.error(e) | |
73 | |
41
71ffa932799d
Added app basic auth.
Marcin Kuzminski <marcin@python-blog.com>
parents:
diff
changeset
|
74 return True |
71ffa932799d
Added app basic auth.
Marcin Kuzminski <marcin@python-blog.com>
parents:
diff
changeset
|
75 else: |
71ffa932799d
Added app basic auth.
Marcin Kuzminski <marcin@python-blog.com>
parents:
diff
changeset
|
76 log.error('user %s is disabled', username) |
71ffa932799d
Added app basic auth.
Marcin Kuzminski <marcin@python-blog.com>
parents:
diff
changeset
|
77 |
71ffa932799d
Added app basic auth.
Marcin Kuzminski <marcin@python-blog.com>
parents:
diff
changeset
|
78 return False |
71ffa932799d
Added app basic auth.
Marcin Kuzminski <marcin@python-blog.com>
parents:
diff
changeset
|
79 |
52 | 80 |
81 @decorator | |
82 def authenticate(fn, *args, **kwargs): | |
83 if not session.get('admin_user', False): | |
84 redirect(url('admin_home'), 301) | |
85 return fn(*args, **kwargs) | |
86 | |
41
71ffa932799d
Added app basic auth.
Marcin Kuzminski <marcin@python-blog.com>
parents:
diff
changeset
|
87 def create_user_table(): |
52 | 88 """ |
41
71ffa932799d
Added app basic auth.
Marcin Kuzminski <marcin@python-blog.com>
parents:
diff
changeset
|
89 Create a auth database |
52 | 90 """ |
44 | 91 conn, cur = get_sqlite_conn_cur() |
41
71ffa932799d
Added app basic auth.
Marcin Kuzminski <marcin@python-blog.com>
parents:
diff
changeset
|
92 try: |
71ffa932799d
Added app basic auth.
Marcin Kuzminski <marcin@python-blog.com>
parents:
diff
changeset
|
93 log.info('creating table %s', 'users') |
52 | 94 cur.execute("""DROP TABLE IF EXISTS users """) |
95 cur.execute("""CREATE TABLE users | |
48
8e250e86a670
Css fixes, implemented removal of users, and display draft
Marcin Kuzminski <marcin@python-blog.com>
parents:
46
diff
changeset
|
96 (user_id INTEGER PRIMARY KEY AUTOINCREMENT, |
41
71ffa932799d
Added app basic auth.
Marcin Kuzminski <marcin@python-blog.com>
parents:
diff
changeset
|
97 username TEXT, |
71ffa932799d
Added app basic auth.
Marcin Kuzminski <marcin@python-blog.com>
parents:
diff
changeset
|
98 password TEXT, |
46
9db7782727b3
Static files for production fixed
Marcin Kuzminski <marcin@python-blog.com>
parents:
45
diff
changeset
|
99 active INTEGER, |
52 | 100 admin INTEGER)""") |
41
71ffa932799d
Added app basic auth.
Marcin Kuzminski <marcin@python-blog.com>
parents:
diff
changeset
|
101 log.info('creating table %s', 'user_logs') |
52 | 102 cur.execute("""DROP TABLE IF EXISTS user_logs """) |
103 cur.execute("""CREATE TABLE user_logs | |
41
71ffa932799d
Added app basic auth.
Marcin Kuzminski <marcin@python-blog.com>
parents:
diff
changeset
|
104 (id INTEGER PRIMARY KEY AUTOINCREMENT, |
71ffa932799d
Added app basic auth.
Marcin Kuzminski <marcin@python-blog.com>
parents:
diff
changeset
|
105 user_id INTEGER, |
71ffa932799d
Added app basic auth.
Marcin Kuzminski <marcin@python-blog.com>
parents:
diff
changeset
|
106 last_action TEXT, |
52 | 107 last_action_date DATETIME)""") |
41
71ffa932799d
Added app basic auth.
Marcin Kuzminski <marcin@python-blog.com>
parents:
diff
changeset
|
108 conn.commit() |
71ffa932799d
Added app basic auth.
Marcin Kuzminski <marcin@python-blog.com>
parents:
diff
changeset
|
109 except: |
71ffa932799d
Added app basic auth.
Marcin Kuzminski <marcin@python-blog.com>
parents:
diff
changeset
|
110 conn.rollback() |
71ffa932799d
Added app basic auth.
Marcin Kuzminski <marcin@python-blog.com>
parents:
diff
changeset
|
111 raise |
71ffa932799d
Added app basic auth.
Marcin Kuzminski <marcin@python-blog.com>
parents:
diff
changeset
|
112 |
71ffa932799d
Added app basic auth.
Marcin Kuzminski <marcin@python-blog.com>
parents:
diff
changeset
|
113 cur.close() |
71ffa932799d
Added app basic auth.
Marcin Kuzminski <marcin@python-blog.com>
parents:
diff
changeset
|
114 |
46
9db7782727b3
Static files for production fixed
Marcin Kuzminski <marcin@python-blog.com>
parents:
45
diff
changeset
|
115 def create_user(username, password, admin=False): |
44 | 116 conn, cur = get_sqlite_conn_cur() |
41
71ffa932799d
Added app basic auth.
Marcin Kuzminski <marcin@python-blog.com>
parents:
diff
changeset
|
117 password_crypt = crypt.crypt(password, '6a') |
71ffa932799d
Added app basic auth.
Marcin Kuzminski <marcin@python-blog.com>
parents:
diff
changeset
|
118 log.info('creating user %s', username) |
71ffa932799d
Added app basic auth.
Marcin Kuzminski <marcin@python-blog.com>
parents:
diff
changeset
|
119 try: |
52 | 120 cur.execute("""INSERT INTO users values (?,?,?,?,?) """, |
46
9db7782727b3
Static files for production fixed
Marcin Kuzminski <marcin@python-blog.com>
parents:
45
diff
changeset
|
121 (None, username, password_crypt, 1, admin)) |
41
71ffa932799d
Added app basic auth.
Marcin Kuzminski <marcin@python-blog.com>
parents:
diff
changeset
|
122 conn.commit() |
71ffa932799d
Added app basic auth.
Marcin Kuzminski <marcin@python-blog.com>
parents:
diff
changeset
|
123 except: |
71ffa932799d
Added app basic auth.
Marcin Kuzminski <marcin@python-blog.com>
parents:
diff
changeset
|
124 conn.rollback() |
71ffa932799d
Added app basic auth.
Marcin Kuzminski <marcin@python-blog.com>
parents:
diff
changeset
|
125 raise |
71ffa932799d
Added app basic auth.
Marcin Kuzminski <marcin@python-blog.com>
parents:
diff
changeset
|
126 |
71ffa932799d
Added app basic auth.
Marcin Kuzminski <marcin@python-blog.com>
parents:
diff
changeset
|
127 if __name__ == "__main__": |
71ffa932799d
Added app basic auth.
Marcin Kuzminski <marcin@python-blog.com>
parents:
diff
changeset
|
128 create_user_table() |
46
9db7782727b3
Static files for production fixed
Marcin Kuzminski <marcin@python-blog.com>
parents:
45
diff
changeset
|
129 create_user('marcink', 'qweqwe', True) |
41
71ffa932799d
Added app basic auth.
Marcin Kuzminski <marcin@python-blog.com>
parents:
diff
changeset
|
130 create_user('lukaszd', 'qweqwe') |
71ffa932799d
Added app basic auth.
Marcin Kuzminski <marcin@python-blog.com>
parents:
diff
changeset
|
131 create_user('adriand', 'qweqwe') |
71ffa932799d
Added app basic auth.
Marcin Kuzminski <marcin@python-blog.com>
parents:
diff
changeset
|
132 create_user('radek', 'qweqwe') |
71ffa932799d
Added app basic auth.
Marcin Kuzminski <marcin@python-blog.com>
parents:
diff
changeset
|
133 create_user('skrzeka', 'qweqwe') |
71ffa932799d
Added app basic auth.
Marcin Kuzminski <marcin@python-blog.com>
parents:
diff
changeset
|
134 create_user('bart', 'qweqwe') |
71ffa932799d
Added app basic auth.
Marcin Kuzminski <marcin@python-blog.com>
parents:
diff
changeset
|
135 create_user('maho', 'qweqwe') |
71ffa932799d
Added app basic auth.
Marcin Kuzminski <marcin@python-blog.com>
parents:
diff
changeset
|
136 create_user('michalg', 'qweqwe') |
71ffa932799d
Added app basic auth.
Marcin Kuzminski <marcin@python-blog.com>
parents:
diff
changeset
|
137 |
71ffa932799d
Added app basic auth.
Marcin Kuzminski <marcin@python-blog.com>
parents:
diff
changeset
|
138 #authfunc('', 'marcink', 'qweqwe') |