Mercurial > kallithea
comparison rhodecode/lib/auth.py @ 2025:7e979933ffec beta
more work on improving info logging
| author | Marcin Kuzminski <marcin@python-works.com> |
|---|---|
| date | Thu, 23 Feb 2012 03:39:35 +0200 |
| parents | 72c525a7e7ad |
| children | 61f9aeb2129e |
comparison
equal
deleted
inserted
replaced
| 2024:370e995e46c2 | 2025:7e979933ffec |
|---|---|
| 171 | 171 |
| 172 log.debug('Authenticating user using RhodeCode account') | 172 log.debug('Authenticating user using RhodeCode account') |
| 173 if user is not None and not user.ldap_dn: | 173 if user is not None and not user.ldap_dn: |
| 174 if user.active: | 174 if user.active: |
| 175 if user.username == 'default' and user.active: | 175 if user.username == 'default' and user.active: |
| 176 log.info('user %s authenticated correctly as anonymous user', | 176 log.info('user %s authenticated correctly as anonymous user' % |
| 177 username) | 177 username) |
| 178 return True | 178 return True |
| 179 | 179 |
| 180 elif user.username == username and check_password(password, | 180 elif user.username == username and check_password(password, |
| 181 user.password): | 181 user.password): |
| 182 log.info('user %s authenticated correctly' % username) | 182 log.info('user %s authenticated correctly' % username) |
| 183 return True | 183 return True |
| 184 else: | 184 else: |
| 185 log.warning('user %s is disabled' % username) | 185 log.warning('user %s tried auth but is disabled' % username) |
| 186 | 186 |
| 187 else: | 187 else: |
| 188 log.debug('Regular authentication failed') | 188 log.debug('Regular authentication failed') |
| 189 user_obj = User.get_by_username(username, case_insensitive=True) | 189 user_obj = User.get_by_username(username, case_insensitive=True) |
| 190 | 190 |
| 432 log.debug('Checking API KEY access for %s' % cls) | 432 log.debug('Checking API KEY access for %s' % cls) |
| 433 if user.api_key == request.GET.get('api_key'): | 433 if user.api_key == request.GET.get('api_key'): |
| 434 api_access_ok = True | 434 api_access_ok = True |
| 435 else: | 435 else: |
| 436 log.debug("API KEY token not valid") | 436 log.debug("API KEY token not valid") |
| 437 | 437 loc = "%s:%s" % (cls.__class__.__name__, func.__name__) |
| 438 log.debug('Checking if %s is authenticated @ %s' % (user.username, cls)) | 438 log.debug('Checking if %s is authenticated @ %s' % (user.username, loc)) |
| 439 if user.is_authenticated or api_access_ok: | 439 if user.is_authenticated or api_access_ok: |
| 440 log.debug('user %s is authenticated' % user.username) | 440 log.info('user %s is authenticated and granted access to %s' % ( |
| 441 user.username, loc) | |
| 442 ) | |
| 441 return func(*fargs, **fkwargs) | 443 return func(*fargs, **fkwargs) |
| 442 else: | 444 else: |
| 443 log.warn('user %s NOT authenticated' % user.username) | 445 log.warn('user %s NOT authenticated on func: %s' % ( |
| 446 user, loc) | |
| 447 ) | |
| 444 p = url.current() | 448 p = url.current() |
| 445 | 449 |
| 446 log.debug('redirecting to login page with %s' % p) | 450 log.debug('redirecting to login page with %s' % p) |
| 447 return redirect(url('login_home', came_from=p)) | 451 return redirect(url('login_home', came_from=p)) |
| 448 | 452 |
| 500 if self.check_permissions(): | 504 if self.check_permissions(): |
| 501 log.debug('Permission granted for %s %s' % (cls, self.user)) | 505 log.debug('Permission granted for %s %s' % (cls, self.user)) |
| 502 return func(*fargs, **fkwargs) | 506 return func(*fargs, **fkwargs) |
| 503 | 507 |
| 504 else: | 508 else: |
| 505 log.warning('Permission denied for %s %s' % (cls, self.user)) | 509 log.debug('Permission denied for %s %s' % (cls, self.user)) |
| 506 anonymous = self.user.username == 'default' | 510 anonymous = self.user.username == 'default' |
| 507 | 511 |
| 508 if anonymous: | 512 if anonymous: |
| 509 p = url.current() | 513 p = url.current() |
| 510 | 514 |
| 647 log.debug('Permission granted %s @ %s', self.granted_for, | 651 log.debug('Permission granted %s @ %s', self.granted_for, |
| 648 check_Location or 'unspecified location') | 652 check_Location or 'unspecified location') |
| 649 return True | 653 return True |
| 650 | 654 |
| 651 else: | 655 else: |
| 652 log.warning('Permission denied for %s @ %s', self.granted_for, | 656 log.debug('Permission denied for %s @ %s', self.granted_for, |
| 653 check_Location or 'unspecified location') | 657 check_Location or 'unspecified location') |
| 654 return False | 658 return False |
| 655 | 659 |
| 656 def check_permissions(self): | 660 def check_permissions(self): |
| 657 """Dummy function for overriding""" | 661 """Dummy function for overriding""" |