Mercurial > kallithea
comparison rhodecode/lib/auth.py @ 2025:7e979933ffec beta
more work on improving info logging
author | Marcin Kuzminski <marcin@python-works.com> |
---|---|
date | Thu, 23 Feb 2012 03:39:35 +0200 |
parents | 72c525a7e7ad |
children | 61f9aeb2129e |
comparison
equal
deleted
inserted
replaced
2024:370e995e46c2 | 2025:7e979933ffec |
---|---|
171 | 171 |
172 log.debug('Authenticating user using RhodeCode account') | 172 log.debug('Authenticating user using RhodeCode account') |
173 if user is not None and not user.ldap_dn: | 173 if user is not None and not user.ldap_dn: |
174 if user.active: | 174 if user.active: |
175 if user.username == 'default' and user.active: | 175 if user.username == 'default' and user.active: |
176 log.info('user %s authenticated correctly as anonymous user', | 176 log.info('user %s authenticated correctly as anonymous user' % |
177 username) | 177 username) |
178 return True | 178 return True |
179 | 179 |
180 elif user.username == username and check_password(password, | 180 elif user.username == username and check_password(password, |
181 user.password): | 181 user.password): |
182 log.info('user %s authenticated correctly' % username) | 182 log.info('user %s authenticated correctly' % username) |
183 return True | 183 return True |
184 else: | 184 else: |
185 log.warning('user %s is disabled' % username) | 185 log.warning('user %s tried auth but is disabled' % username) |
186 | 186 |
187 else: | 187 else: |
188 log.debug('Regular authentication failed') | 188 log.debug('Regular authentication failed') |
189 user_obj = User.get_by_username(username, case_insensitive=True) | 189 user_obj = User.get_by_username(username, case_insensitive=True) |
190 | 190 |
432 log.debug('Checking API KEY access for %s' % cls) | 432 log.debug('Checking API KEY access for %s' % cls) |
433 if user.api_key == request.GET.get('api_key'): | 433 if user.api_key == request.GET.get('api_key'): |
434 api_access_ok = True | 434 api_access_ok = True |
435 else: | 435 else: |
436 log.debug("API KEY token not valid") | 436 log.debug("API KEY token not valid") |
437 | 437 loc = "%s:%s" % (cls.__class__.__name__, func.__name__) |
438 log.debug('Checking if %s is authenticated @ %s' % (user.username, cls)) | 438 log.debug('Checking if %s is authenticated @ %s' % (user.username, loc)) |
439 if user.is_authenticated or api_access_ok: | 439 if user.is_authenticated or api_access_ok: |
440 log.debug('user %s is authenticated' % user.username) | 440 log.info('user %s is authenticated and granted access to %s' % ( |
441 user.username, loc) | |
442 ) | |
441 return func(*fargs, **fkwargs) | 443 return func(*fargs, **fkwargs) |
442 else: | 444 else: |
443 log.warn('user %s NOT authenticated' % user.username) | 445 log.warn('user %s NOT authenticated on func: %s' % ( |
446 user, loc) | |
447 ) | |
444 p = url.current() | 448 p = url.current() |
445 | 449 |
446 log.debug('redirecting to login page with %s' % p) | 450 log.debug('redirecting to login page with %s' % p) |
447 return redirect(url('login_home', came_from=p)) | 451 return redirect(url('login_home', came_from=p)) |
448 | 452 |
500 if self.check_permissions(): | 504 if self.check_permissions(): |
501 log.debug('Permission granted for %s %s' % (cls, self.user)) | 505 log.debug('Permission granted for %s %s' % (cls, self.user)) |
502 return func(*fargs, **fkwargs) | 506 return func(*fargs, **fkwargs) |
503 | 507 |
504 else: | 508 else: |
505 log.warning('Permission denied for %s %s' % (cls, self.user)) | 509 log.debug('Permission denied for %s %s' % (cls, self.user)) |
506 anonymous = self.user.username == 'default' | 510 anonymous = self.user.username == 'default' |
507 | 511 |
508 if anonymous: | 512 if anonymous: |
509 p = url.current() | 513 p = url.current() |
510 | 514 |
647 log.debug('Permission granted %s @ %s', self.granted_for, | 651 log.debug('Permission granted %s @ %s', self.granted_for, |
648 check_Location or 'unspecified location') | 652 check_Location or 'unspecified location') |
649 return True | 653 return True |
650 | 654 |
651 else: | 655 else: |
652 log.warning('Permission denied for %s @ %s', self.granted_for, | 656 log.debug('Permission denied for %s @ %s', self.granted_for, |
653 check_Location or 'unspecified location') | 657 check_Location or 'unspecified location') |
654 return False | 658 return False |
655 | 659 |
656 def check_permissions(self): | 660 def check_permissions(self): |
657 """Dummy function for overriding""" | 661 """Dummy function for overriding""" |