Mercurial > kallithea
annotate pylons_app/lib/auth.py @ 77:e2600310e0b2
bugfix fot admin template
author | Marcin Kuzminski <marcin@python-blog.com> |
---|---|
date | Wed, 14 Apr 2010 00:51:23 +0200 |
parents | 08707974eae4 |
children | f24b9a2934cf |
rev | line source |
---|---|
41
71ffa932799d
Added app basic auth.
Marcin Kuzminski <marcin@python-blog.com>
parents:
diff
changeset
|
1 import logging |
71ffa932799d
Added app basic auth.
Marcin Kuzminski <marcin@python-blog.com>
parents:
diff
changeset
|
2 from datetime import datetime |
71ffa932799d
Added app basic auth.
Marcin Kuzminski <marcin@python-blog.com>
parents:
diff
changeset
|
3 import crypt |
52 | 4 from pylons import session, url |
5 from pylons.controllers.util import abort, redirect | |
6 from decorator import decorator | |
64
08707974eae4
Changed auth lib for sqlalchemy
Marcin Kuzminski <marcin@python-blog.com>
parents:
52
diff
changeset
|
7 from sqlalchemy.exc import OperationalError |
41
71ffa932799d
Added app basic auth.
Marcin Kuzminski <marcin@python-blog.com>
parents:
diff
changeset
|
8 log = logging.getLogger(__name__) |
64
08707974eae4
Changed auth lib for sqlalchemy
Marcin Kuzminski <marcin@python-blog.com>
parents:
52
diff
changeset
|
9 from pylons_app.model import meta |
08707974eae4
Changed auth lib for sqlalchemy
Marcin Kuzminski <marcin@python-blog.com>
parents:
52
diff
changeset
|
10 from pylons_app.model.db import Users, UserLogs |
08707974eae4
Changed auth lib for sqlalchemy
Marcin Kuzminski <marcin@python-blog.com>
parents:
52
diff
changeset
|
11 from sqlalchemy.orm.exc import NoResultFound, MultipleResultsFound |
41
71ffa932799d
Added app basic auth.
Marcin Kuzminski <marcin@python-blog.com>
parents:
diff
changeset
|
12 |
64
08707974eae4
Changed auth lib for sqlalchemy
Marcin Kuzminski <marcin@python-blog.com>
parents:
52
diff
changeset
|
13 def get_crypt_password(password): |
08707974eae4
Changed auth lib for sqlalchemy
Marcin Kuzminski <marcin@python-blog.com>
parents:
52
diff
changeset
|
14 return crypt.crypt(password, '6a') |
46
9db7782727b3
Static files for production fixed
Marcin Kuzminski <marcin@python-blog.com>
parents:
45
diff
changeset
|
15 |
9db7782727b3
Static files for production fixed
Marcin Kuzminski <marcin@python-blog.com>
parents:
45
diff
changeset
|
16 def admin_auth(username, password): |
64
08707974eae4
Changed auth lib for sqlalchemy
Marcin Kuzminski <marcin@python-blog.com>
parents:
52
diff
changeset
|
17 sa = meta.Session |
08707974eae4
Changed auth lib for sqlalchemy
Marcin Kuzminski <marcin@python-blog.com>
parents:
52
diff
changeset
|
18 password_crypt = get_crypt_password(password) |
46
9db7782727b3
Static files for production fixed
Marcin Kuzminski <marcin@python-blog.com>
parents:
45
diff
changeset
|
19 |
9db7782727b3
Static files for production fixed
Marcin Kuzminski <marcin@python-blog.com>
parents:
45
diff
changeset
|
20 try: |
64
08707974eae4
Changed auth lib for sqlalchemy
Marcin Kuzminski <marcin@python-blog.com>
parents:
52
diff
changeset
|
21 user = sa.query(Users).filter(Users.username == username).one() |
08707974eae4
Changed auth lib for sqlalchemy
Marcin Kuzminski <marcin@python-blog.com>
parents:
52
diff
changeset
|
22 except (NoResultFound, MultipleResultsFound, OperationalError) as e: |
46
9db7782727b3
Static files for production fixed
Marcin Kuzminski <marcin@python-blog.com>
parents:
45
diff
changeset
|
23 log.error(e) |
64
08707974eae4
Changed auth lib for sqlalchemy
Marcin Kuzminski <marcin@python-blog.com>
parents:
52
diff
changeset
|
24 user = None |
46
9db7782727b3
Static files for production fixed
Marcin Kuzminski <marcin@python-blog.com>
parents:
45
diff
changeset
|
25 |
64
08707974eae4
Changed auth lib for sqlalchemy
Marcin Kuzminski <marcin@python-blog.com>
parents:
52
diff
changeset
|
26 if user: |
08707974eae4
Changed auth lib for sqlalchemy
Marcin Kuzminski <marcin@python-blog.com>
parents:
52
diff
changeset
|
27 if user.active: |
08707974eae4
Changed auth lib for sqlalchemy
Marcin Kuzminski <marcin@python-blog.com>
parents:
52
diff
changeset
|
28 if user.username == username and user.password == password_crypt and user.admin: |
46
9db7782727b3
Static files for production fixed
Marcin Kuzminski <marcin@python-blog.com>
parents:
45
diff
changeset
|
29 log.info('user %s authenticated correctly', username) |
9db7782727b3
Static files for production fixed
Marcin Kuzminski <marcin@python-blog.com>
parents:
45
diff
changeset
|
30 return True |
9db7782727b3
Static files for production fixed
Marcin Kuzminski <marcin@python-blog.com>
parents:
45
diff
changeset
|
31 else: |
9db7782727b3
Static files for production fixed
Marcin Kuzminski <marcin@python-blog.com>
parents:
45
diff
changeset
|
32 log.error('user %s is disabled', username) |
9db7782727b3
Static files for production fixed
Marcin Kuzminski <marcin@python-blog.com>
parents:
45
diff
changeset
|
33 |
9db7782727b3
Static files for production fixed
Marcin Kuzminski <marcin@python-blog.com>
parents:
45
diff
changeset
|
34 return False |
9db7782727b3
Static files for production fixed
Marcin Kuzminski <marcin@python-blog.com>
parents:
45
diff
changeset
|
35 |
41
71ffa932799d
Added app basic auth.
Marcin Kuzminski <marcin@python-blog.com>
parents:
diff
changeset
|
36 def authfunc(environ, username, password): |
64
08707974eae4
Changed auth lib for sqlalchemy
Marcin Kuzminski <marcin@python-blog.com>
parents:
52
diff
changeset
|
37 sa = meta.Session |
08707974eae4
Changed auth lib for sqlalchemy
Marcin Kuzminski <marcin@python-blog.com>
parents:
52
diff
changeset
|
38 password_crypt = get_crypt_password(password) |
08707974eae4
Changed auth lib for sqlalchemy
Marcin Kuzminski <marcin@python-blog.com>
parents:
52
diff
changeset
|
39 |
42 | 40 try: |
64
08707974eae4
Changed auth lib for sqlalchemy
Marcin Kuzminski <marcin@python-blog.com>
parents:
52
diff
changeset
|
41 user = sa.query(Users).filter(Users.username == username).one() |
08707974eae4
Changed auth lib for sqlalchemy
Marcin Kuzminski <marcin@python-blog.com>
parents:
52
diff
changeset
|
42 except (NoResultFound, MultipleResultsFound, OperationalError) as e: |
42 | 43 log.error(e) |
64
08707974eae4
Changed auth lib for sqlalchemy
Marcin Kuzminski <marcin@python-blog.com>
parents:
52
diff
changeset
|
44 user = None |
08707974eae4
Changed auth lib for sqlalchemy
Marcin Kuzminski <marcin@python-blog.com>
parents:
52
diff
changeset
|
45 |
08707974eae4
Changed auth lib for sqlalchemy
Marcin Kuzminski <marcin@python-blog.com>
parents:
52
diff
changeset
|
46 if user: |
08707974eae4
Changed auth lib for sqlalchemy
Marcin Kuzminski <marcin@python-blog.com>
parents:
52
diff
changeset
|
47 if user.active: |
08707974eae4
Changed auth lib for sqlalchemy
Marcin Kuzminski <marcin@python-blog.com>
parents:
52
diff
changeset
|
48 if user.username == username and user.password == password_crypt: |
41
71ffa932799d
Added app basic auth.
Marcin Kuzminski <marcin@python-blog.com>
parents:
diff
changeset
|
49 log.info('user %s authenticated correctly', username) |
45 | 50 if environ: |
51 http_accept = environ.get('HTTP_ACCEPT') | |
52 | |
53 if http_accept.startswith('application/mercurial') or \ | |
54 environ['PATH_INFO'].find('raw-file') != -1: | |
64
08707974eae4
Changed auth lib for sqlalchemy
Marcin Kuzminski <marcin@python-blog.com>
parents:
52
diff
changeset
|
55 repo = environ['PATH_INFO'] |
45 | 56 for qry in environ['QUERY_STRING'].split('&'): |
57 if qry.startswith('cmd'): | |
41
71ffa932799d
Added app basic auth.
Marcin Kuzminski <marcin@python-blog.com>
parents:
diff
changeset
|
58 |
45 | 59 try: |
64
08707974eae4
Changed auth lib for sqlalchemy
Marcin Kuzminski <marcin@python-blog.com>
parents:
52
diff
changeset
|
60 user_log = UserLogs() |
08707974eae4
Changed auth lib for sqlalchemy
Marcin Kuzminski <marcin@python-blog.com>
parents:
52
diff
changeset
|
61 user_log.user_id = user.user_id |
08707974eae4
Changed auth lib for sqlalchemy
Marcin Kuzminski <marcin@python-blog.com>
parents:
52
diff
changeset
|
62 user_log.action = qry |
08707974eae4
Changed auth lib for sqlalchemy
Marcin Kuzminski <marcin@python-blog.com>
parents:
52
diff
changeset
|
63 user_log.repository = repo |
08707974eae4
Changed auth lib for sqlalchemy
Marcin Kuzminski <marcin@python-blog.com>
parents:
52
diff
changeset
|
64 user_log.action_date = datetime.now() |
08707974eae4
Changed auth lib for sqlalchemy
Marcin Kuzminski <marcin@python-blog.com>
parents:
52
diff
changeset
|
65 sa.add(user_log) |
08707974eae4
Changed auth lib for sqlalchemy
Marcin Kuzminski <marcin@python-blog.com>
parents:
52
diff
changeset
|
66 sa.commit() |
08707974eae4
Changed auth lib for sqlalchemy
Marcin Kuzminski <marcin@python-blog.com>
parents:
52
diff
changeset
|
67 log.info('Adding user %s, action %s', username, qry) |
45 | 68 except Exception as e: |
64
08707974eae4
Changed auth lib for sqlalchemy
Marcin Kuzminski <marcin@python-blog.com>
parents:
52
diff
changeset
|
69 sa.rollback() |
45 | 70 log.error(e) |
71 | |
41
71ffa932799d
Added app basic auth.
Marcin Kuzminski <marcin@python-blog.com>
parents:
diff
changeset
|
72 return True |
71ffa932799d
Added app basic auth.
Marcin Kuzminski <marcin@python-blog.com>
parents:
diff
changeset
|
73 else: |
71ffa932799d
Added app basic auth.
Marcin Kuzminski <marcin@python-blog.com>
parents:
diff
changeset
|
74 log.error('user %s is disabled', username) |
71ffa932799d
Added app basic auth.
Marcin Kuzminski <marcin@python-blog.com>
parents:
diff
changeset
|
75 |
71ffa932799d
Added app basic auth.
Marcin Kuzminski <marcin@python-blog.com>
parents:
diff
changeset
|
76 return False |
71ffa932799d
Added app basic auth.
Marcin Kuzminski <marcin@python-blog.com>
parents:
diff
changeset
|
77 |
52 | 78 |
79 @decorator | |
80 def authenticate(fn, *args, **kwargs): | |
81 if not session.get('admin_user', False): | |
82 redirect(url('admin_home'), 301) | |
83 return fn(*args, **kwargs) | |
84 |