Mercurial > kallithea
comparison rhodecode/lib/auth.py @ 1950:4ae17f819ee8 beta
#344 optional firstname lastname on user creation
- on display fallback to username if both empty
author | Marcin Kuzminski <marcin@python-works.com> |
---|---|
date | Fri, 27 Jan 2012 04:46:00 +0200 |
parents | 89efedac4e6c |
children | a76e9bacbedc |
comparison
equal
deleted
inserted
replaced
1949:0471cbe8b4a7 | 1950:4ae17f819ee8 |
---|---|
126 return RhodeCodeCrypto.hash_string(password) | 126 return RhodeCodeCrypto.hash_string(password) |
127 | 127 |
128 | 128 |
129 def check_password(password, hashed): | 129 def check_password(password, hashed): |
130 return RhodeCodeCrypto.hash_check(password, hashed) | 130 return RhodeCodeCrypto.hash_check(password, hashed) |
131 | |
131 | 132 |
132 def generate_api_key(str_, salt=None): | 133 def generate_api_key(str_, salt=None): |
133 """ | 134 """ |
134 Generates API KEY from given string | 135 Generates API KEY from given string |
135 | 136 |
235 except (Exception,): | 236 except (Exception,): |
236 log.error(traceback.format_exc()) | 237 log.error(traceback.format_exc()) |
237 pass | 238 pass |
238 return False | 239 return False |
239 | 240 |
241 | |
240 def login_container_auth(username): | 242 def login_container_auth(username): |
241 user = User.get_by_username(username) | 243 user = User.get_by_username(username) |
242 if user is None: | 244 if user is None: |
243 user_attrs = { | 245 user_attrs = { |
244 'name': username, | 246 'name': username, |
258 | 260 |
259 log.debug('User %s is now logged in by container authentication', | 261 log.debug('User %s is now logged in by container authentication', |
260 user.username) | 262 user.username) |
261 return user | 263 return user |
262 | 264 |
265 | |
263 def get_container_username(environ, config): | 266 def get_container_username(environ, config): |
264 username = None | 267 username = None |
265 | 268 |
266 if str2bool(config.get('container_auth_enabled', False)): | 269 if str2bool(config.get('container_auth_enabled', False)): |
267 from paste.httpheaders import REMOTE_USER | 270 from paste.httpheaders import REMOTE_USER |
275 username = username.partition('@')[0] | 278 username = username.partition('@')[0] |
276 username = username.rpartition('\\')[2] | 279 username = username.rpartition('\\')[2] |
277 log.debug('Received username %s from container', username) | 280 log.debug('Received username %s from container', username) |
278 | 281 |
279 return username | 282 return username |
283 | |
280 | 284 |
281 class AuthUser(object): | 285 class AuthUser(object): |
282 """ | 286 """ |
283 A simple object that handles all attributes of user in RhodeCode | 287 A simple object that handles all attributes of user in RhodeCode |
284 | 288 |
300 self.is_authenticated = False | 304 self.is_authenticated = False |
301 self.admin = False | 305 self.admin = False |
302 self.permissions = {} | 306 self.permissions = {} |
303 self._api_key = api_key | 307 self._api_key = api_key |
304 self.propagate_data() | 308 self.propagate_data() |
309 self._instance = None | |
305 | 310 |
306 def propagate_data(self): | 311 def propagate_data(self): |
307 user_model = UserModel() | 312 user_model = UserModel() |
308 self.anonymous_user = User.get_by_username('default', cache=True) | 313 self.anonymous_user = User.get_by_username('default', cache=True) |
309 is_user_loaded = False | 314 is_user_loaded = False |
348 | 353 |
349 @property | 354 @property |
350 def is_admin(self): | 355 def is_admin(self): |
351 return self.admin | 356 return self.admin |
352 | 357 |
353 @property | |
354 def full_contact(self): | |
355 return '%s %s <%s>' % (self.name, self.lastname, self.email) | |
356 | |
357 def __repr__(self): | 358 def __repr__(self): |
358 return "<AuthUser('id:%s:%s|%s')>" % (self.user_id, self.username, | 359 return "<AuthUser('id:%s:%s|%s')>" % (self.user_id, self.username, |
359 self.is_authenticated) | 360 self.is_authenticated) |
360 | 361 |
361 def set_authenticated(self, authenticated=True): | 362 def set_authenticated(self, authenticated=True): |
362 if self.user_id != self.anonymous_user.user_id: | 363 if self.user_id != self.anonymous_user.user_id: |
363 self.is_authenticated = authenticated | 364 self.is_authenticated = authenticated |
364 | 365 |
365 def get_cookie_store(self): | 366 def get_cookie_store(self): |
366 return {'username':self.username, | 367 return {'username': self.username, |
367 'user_id': self.user_id, | 368 'user_id': self.user_id, |
368 'is_authenticated':self.is_authenticated} | 369 'is_authenticated': self.is_authenticated} |
369 | 370 |
370 @classmethod | 371 @classmethod |
371 def from_cookie_store(cls, cookie_store): | 372 def from_cookie_store(cls, cookie_store): |
372 user_id = cookie_store.get('user_id') | 373 user_id = cookie_store.get('user_id') |
373 username = cookie_store.get('username') | 374 username = cookie_store.get('username') |
374 api_key = cookie_store.get('api_key') | 375 api_key = cookie_store.get('api_key') |
375 return AuthUser(user_id, api_key, username) | 376 return AuthUser(user_id, api_key, username) |
376 | 377 |
378 | |
377 def set_available_permissions(config): | 379 def set_available_permissions(config): |
378 """ | 380 """ |
379 This function will propagate pylons globals with all available defined | 381 This function will propagate pylons globals with all available defined |
380 permission given in db. We don't want to check each time from db for new | 382 permission given in db. We don't want to check each time from db for new |
381 permissions since adding a new permission also requires application restart | 383 permissions since adding a new permission also requires application restart |
386 """ | 388 """ |
387 log.info('getting information about all available permissions') | 389 log.info('getting information about all available permissions') |
388 try: | 390 try: |
389 sa = meta.Session | 391 sa = meta.Session |
390 all_perms = sa.query(Permission).all() | 392 all_perms = sa.query(Permission).all() |
391 except: | 393 except Exception: |
392 pass | 394 pass |
393 finally: | 395 finally: |
394 meta.Session.remove() | 396 meta.Session.remove() |
395 | 397 |
396 config['available_permissions'] = [x.permission_name for x in all_perms] | 398 config['available_permissions'] = [x.permission_name for x in all_perms] |