##// END OF EJS Templates
rhodecode-enterprise-ce
RSS
auth: remove usage of pylons translator
marcink -
r2098:02199562 default
parent child Browse files
Show More
Show file before | Show file after | Hide comments
@@ -1,142 +1,142 b''
1 1 # -*- coding: utf-8 -*-
2 2
3 3 # Copyright (C) 2012-2017 RhodeCode GmbH
4 4 #
5 5 # This program is free software: you can redistribute it and/or modify
6 6 # it under the terms of the GNU Affero General Public License, version 3
7 7 # (only), as published by the Free Software Foundation.
8 8 #
9 9 # This program is distributed in the hope that it will be useful,
10 10 # but WITHOUT ANY WARRANTY; without even the implied warranty of
11 11 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
12 12 # GNU General Public License for more details.
13 13 #
14 14 # You should have received a copy of the GNU Affero General Public License
15 15 # along with this program. If not, see <http://www.gnu.org/licenses/>.
16 16 #
17 17 # This program is dual-licensed. If you wish to learn more about the
18 18 # RhodeCode Enterprise Edition, including its added features, Support services,
19 19 # and proprietary license terms, please see https://rhodecode.com/licenses/
20 20
21 21 """
22 22 RhodeCode authentication plugin for built in internal auth
23 23 """
24 24
25 25 import logging
26 26
27 from pylons.i18n.translation import lazy_ugettext as _
27 from rhodecode.translation import _
28 28
29 29 from rhodecode.authentication.base import RhodeCodeAuthPluginBase, hybrid_property
30 30 from rhodecode.authentication.routes import AuthnPluginResourceBase
31 31 from rhodecode.lib.utils2 import safe_str
32 32 from rhodecode.model.db import User
33 33
34 34 log = logging.getLogger(__name__)
35 35
36 36
37 37 def plugin_factory(plugin_id, *args, **kwds):
38 38 plugin = RhodeCodeAuthPlugin(plugin_id)
39 39 return plugin
40 40
41 41
42 42 class RhodecodeAuthnResource(AuthnPluginResourceBase):
43 43 pass
44 44
45 45
46 46 class RhodeCodeAuthPlugin(RhodeCodeAuthPluginBase):
47 47
48 48 def includeme(self, config):
49 49 config.add_authn_plugin(self)
50 50 config.add_authn_resource(self.get_id(), RhodecodeAuthnResource(self))
51 51 config.add_view(
52 52 'rhodecode.authentication.views.AuthnPluginViewBase',
53 53 attr='settings_get',
54 54 renderer='rhodecode:templates/admin/auth/plugin_settings.mako',
55 55 request_method='GET',
56 56 route_name='auth_home',
57 57 context=RhodecodeAuthnResource)
58 58 config.add_view(
59 59 'rhodecode.authentication.views.AuthnPluginViewBase',
60 60 attr='settings_post',
61 61 renderer='rhodecode:templates/admin/auth/plugin_settings.mako',
62 62 request_method='POST',
63 63 route_name='auth_home',
64 64 context=RhodecodeAuthnResource)
65 65
66 66 def get_display_name(self):
67 67 return _('Rhodecode')
68 68
69 69 @hybrid_property
70 70 def name(self):
71 71 return "rhodecode"
72 72
73 73 def user_activation_state(self):
74 74 def_user_perms = User.get_default_user().AuthUser().permissions['global']
75 75 return 'hg.register.auto_activate' in def_user_perms
76 76
77 77 def allows_authentication_from(
78 78 self, user, allows_non_existing_user=True,
79 79 allowed_auth_plugins=None, allowed_auth_sources=None):
80 80 """
81 81 Custom method for this auth that doesn't accept non existing users.
82 82 We know that user exists in our database.
83 83 """
84 84 allows_non_existing_user = False
85 85 return super(RhodeCodeAuthPlugin, self).allows_authentication_from(
86 86 user, allows_non_existing_user=allows_non_existing_user)
87 87
88 88 def auth(self, userobj, username, password, settings, **kwargs):
89 89 if not userobj:
90 90 log.debug('userobj was:%s skipping' % (userobj, ))
91 91 return None
92 92 if userobj.extern_type != self.name:
93 93 log.warning(
94 94 "userobj:%s extern_type mismatch got:`%s` expected:`%s`" %
95 95 (userobj, userobj.extern_type, self.name))
96 96 return None
97 97
98 98 user_attrs = {
99 99 "username": userobj.username,
100 100 "firstname": userobj.firstname,
101 101 "lastname": userobj.lastname,
102 102 "groups": [],
103 103 "email": userobj.email,
104 104 "admin": userobj.admin,
105 105 "active": userobj.active,
106 106 "active_from_extern": userobj.active,
107 107 "extern_name": userobj.user_id,
108 108 "extern_type": userobj.extern_type,
109 109 }
110 110
111 111 log.debug("User attributes:%s" % (user_attrs, ))
112 112 if userobj.active:
113 113 from rhodecode.lib import auth
114 114 crypto_backend = auth.crypto_backend()
115 115 password_encoded = safe_str(password)
116 116 password_match, new_hash = crypto_backend.hash_check_with_upgrade(
117 117 password_encoded, userobj.password)
118 118
119 119 if password_match and new_hash:
120 120 log.debug('user %s properly authenticated, but '
121 121 'requires hash change to bcrypt', userobj)
122 122 # if password match, and we use OLD deprecated hash,
123 123 # we should migrate this user hash password to the new hash
124 124 # we store the new returned by hash_check_with_upgrade function
125 125 user_attrs['_hash_migrate'] = new_hash
126 126
127 127 if userobj.username == User.DEFAULT_USER and userobj.active:
128 128 log.info(
129 129 'user %s authenticated correctly as anonymous user', userobj)
130 130 return user_attrs
131 131
132 132 elif userobj.username == username and password_match:
133 133 log.info('user %s authenticated correctly', userobj)
134 134 return user_attrs
135 135 log.info("user %s had a bad password when "
136 136 "authenticating on this plugin", userobj)
137 137 return None
138 138 else:
139 139 log.warning(
140 140 'user `%s` failed to authenticate via %s, reason: account not '
141 141 'active.', username, self.name)
142 142 return None
General Comments 0
You need to be logged in to leave comments. Login now