Mercurial > kallithea
changeset 1621:cbc2b1913cdf beta
Added basic automatic user creation for container auth
| author | Liad Shani <liadff@gmail.com> |
|---|---|
| date | Sat, 29 Oct 2011 17:03:33 +0200 |
| parents | 41696fc73c4d |
| children | d58e514c0a39 |
| files | rhodecode/lib/auth.py rhodecode/lib/helpers.py rhodecode/model/user.py |
| diffstat | 3 files changed, 55 insertions(+), 5 deletions(-) [+] |
line wrap: on
line diff
--- a/rhodecode/lib/auth.py Sat Oct 29 16:36:26 2011 +0200 +++ b/rhodecode/lib/auth.py Sat Oct 29 17:03:33 2011 +0200 @@ -223,9 +223,31 @@ pass return False +def login_container_auth(username): + user = User.get_by_username(username) + if user is None: + user_model = UserModel() + user_attrs = { + 'name': username, + 'lastname': None, + 'email': None, + } + if not user_model.create_for_container_auth(username, user_attrs): + return None + user = User.get_by_username(username) + log.info('User %s was created by container authentication', username) + + if not user.active: + return None + + user.update_lastlogin() + log.debug('User %s is now logged in by container authentication', user.username) + return user + def get_container_username(environ, cfg=config): from paste.httpheaders import REMOTE_USER from paste.deploy.converters import asbool + username = REMOTE_USER(environ) if not username and asbool(cfg.get('proxypass_auth_enabled', False)): @@ -278,14 +300,12 @@ is_user_loaded = user_model.fill_data(self, user_id=self.user_id) elif self.username: log.debug('Auth User lookup by USER NAME %s', self.username) - dbuser = User.get_by_username(self.username) - if dbuser is not None and dbuser.active: + dbuser = login_container_auth(self.username) + if dbuser is not None: for k, v in dbuser.get_dict().items(): setattr(self, k, v) self.set_authenticated() is_user_loaded = True - log.debug('User %s is now logged in', self.username) - dbuser.update_lastlogin() if not is_user_loaded: if self.anonymous_user.active is True:
--- a/rhodecode/lib/helpers.py Sat Oct 29 16:36:26 2011 +0200 +++ b/rhodecode/lib/helpers.py Sat Oct 29 17:03:33 2011 +0200 @@ -455,7 +455,8 @@ def gravatar_url(email_address, size=30): if not str2bool(config['app_conf'].get('use_gravatar')) or \ - email_address == 'anonymous@rhodecode.org': + not email_address or \ + email_address == 'anonymous@rhodecode.org': return url("/images/user%s.png" % size) ssl_enabled = 'https' == request.environ.get('wsgi.url_scheme')
--- a/rhodecode/model/user.py Sat Oct 29 16:36:26 2011 +0200 +++ b/rhodecode/model/user.py Sat Oct 29 17:03:33 2011 +0200 @@ -92,6 +92,35 @@ self.sa.rollback() raise + def create_for_container_auth(self, username, attrs): + """ + Creates the given user if it's not already in the database + + :param username: + :param attrs: + """ + if self.get_by_username(username, case_insensitive=True) is None: + try: + new_user = User() + new_user.username = username + new_user.password = None + new_user.api_key = generate_api_key(username) + new_user.email = attrs['email'] + new_user.active = True + new_user.name = attrs['name'] + new_user.lastname = attrs['lastname'] + + self.sa.add(new_user) + self.sa.commit() + return True + except (DatabaseError,): + log.error(traceback.format_exc()) + self.sa.rollback() + raise + log.debug('User %s already exists. Skipping creation of account for container auth.', + username) + return False + def create_ldap(self, username, password, user_dn, attrs): """ Checks if user is in database, if not creates this user marked