##// END OF EJS Templates
rhodecode-enterprise-ce
RSS
auth: optimized logging with lazy eval of params formatting
super-admin -
r5029:1b199612 default
parent child Browse files
Show More
Show file before | Show file after | Hide comments
@@ -1,99 +1,101 b''
1 # -*- coding: utf-8 -*-
1 # -*- coding: utf-8 -*-
2
2
3 # Copyright (C) 2012-2020 RhodeCode GmbH
3 # Copyright (C) 2012-2020 RhodeCode GmbH
4 #
4 #
5 # This program is free software: you can redistribute it and/or modify
5 # This program is free software: you can redistribute it and/or modify
6 # it under the terms of the GNU Affero General Public License, version 3
6 # it under the terms of the GNU Affero General Public License, version 3
7 # (only), as published by the Free Software Foundation.
7 # (only), as published by the Free Software Foundation.
8 #
8 #
9 # This program is distributed in the hope that it will be useful,
9 # This program is distributed in the hope that it will be useful,
10 # but WITHOUT ANY WARRANTY; without even the implied warranty of
10 # but WITHOUT ANY WARRANTY; without even the implied warranty of
11 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
11 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
12 # GNU General Public License for more details.
12 # GNU General Public License for more details.
13 #
13 #
14 # You should have received a copy of the GNU Affero General Public License
14 # You should have received a copy of the GNU Affero General Public License
15 # along with this program. If not, see <http://www.gnu.org/licenses/>.
15 # along with this program. If not, see <http://www.gnu.org/licenses/>.
16 #
16 #
17 # This program is dual-licensed. If you wish to learn more about the
17 # This program is dual-licensed. If you wish to learn more about the
18 # RhodeCode Enterprise Edition, including its added features, Support services,
18 # RhodeCode Enterprise Edition, including its added features, Support services,
19 # and proprietary license terms, please see https://rhodecode.com/licenses/
19 # and proprietary license terms, please see https://rhodecode.com/licenses/
20
20
21 import logging
21 import logging
22 import importlib
22 import importlib
23
23
24 from pyramid.authentication import SessionAuthenticationPolicy
24 from pyramid.authentication import SessionAuthenticationPolicy
25
25
26 from rhodecode.authentication.registry import AuthenticationPluginRegistry
26 from rhodecode.authentication.registry import AuthenticationPluginRegistry
27 from rhodecode.authentication.routes import root_factory
27 from rhodecode.authentication.routes import root_factory
28 from rhodecode.authentication.routes import AuthnRootResource
28 from rhodecode.authentication.routes import AuthnRootResource
29 from rhodecode.apps._base import ADMIN_PREFIX
29 from rhodecode.apps._base import ADMIN_PREFIX
30 from rhodecode.model.settings import SettingsModel
30 from rhodecode.model.settings import SettingsModel
31
31
32 log = logging.getLogger(__name__)
32 log = logging.getLogger(__name__)
33
33
34 legacy_plugin_prefix = 'py:'
34 legacy_plugin_prefix = 'py:'
35 plugin_default_auth_ttl = 30
35 plugin_default_auth_ttl = 30
36
36
37
37
38 def _import_legacy_plugin(plugin_id):
38 def _import_legacy_plugin(plugin_id):
39 module_name = plugin_id.split(legacy_plugin_prefix, 1)[-1]
39 module_name = plugin_id.split(legacy_plugin_prefix, 1)[-1]
40 module = importlib.import_module(module_name)
40 module = importlib.import_module(module_name)
41 return module.plugin_factory(plugin_id=plugin_id)
41 return module.plugin_factory(plugin_id=plugin_id)
42
42
43
43
44 def discover_legacy_plugins(config, prefix=legacy_plugin_prefix):
44 def discover_legacy_plugins(config, prefix=legacy_plugin_prefix):
45 """
45 """
46 Function that imports the legacy plugins stored in the 'auth_plugins'
46 Function that imports the legacy plugins stored in the 'auth_plugins'
47 setting in database which are using the specified prefix. Normally 'py:' is
47 setting in database which are using the specified prefix. Normally 'py:' is
48 used for the legacy plugins.
48 used for the legacy plugins.
49 """
49 """
50
50 log.debug('authentication: running legacy plugin discovery for prefix %s',
51 log.debug('authentication: running legacy plugin discovery for prefix %s',
51 legacy_plugin_prefix)
52 legacy_plugin_prefix)
52 try:
53 try:
53 auth_plugins = SettingsModel().get_setting_by_name('auth_plugins')
54 auth_plugins = SettingsModel().get_setting_by_name('auth_plugins')
54 enabled_plugins = auth_plugins.app_settings_value
55 enabled_plugins = auth_plugins.app_settings_value
55 legacy_plugins = [id_ for id_ in enabled_plugins if id_.startswith(prefix)]
56 legacy_plugins = [id_ for id_ in enabled_plugins if id_.startswith(prefix)]
56 except Exception:
57 except Exception:
57 legacy_plugins = []
58 legacy_plugins = []
58
59
59 for plugin_id in legacy_plugins:
60 for plugin_id in legacy_plugins:
60 log.debug('Legacy plugin discovered: "%s"', plugin_id)
61 log.debug('Legacy plugin discovered: "%s"', plugin_id)
61 try:
62 try:
62 plugin = _import_legacy_plugin(plugin_id)
63 plugin = _import_legacy_plugin(plugin_id)
63 config.include(plugin.includeme)
64 config.include(plugin.includeme)
64 except Exception as e:
65 except Exception as e:
65 log.exception(
66 log.exception(
66 'Exception while loading legacy authentication plugin '
67 'Exception while loading legacy authentication plugin '
67 '"{}": {}'.format(plugin_id, e.message))
68 '"%s": %s', plugin_id, e)
68
69
69
70
70 def includeme(config):
71 def includeme(config):
72
71 # Set authentication policy.
73 # Set authentication policy.
72 authn_policy = SessionAuthenticationPolicy()
74 authn_policy = SessionAuthenticationPolicy()
73 config.set_authentication_policy(authn_policy)
75 config.set_authentication_policy(authn_policy)
74
76
75 # Create authentication plugin registry and add it to the pyramid registry.
77 # Create authentication plugin registry and add it to the pyramid registry.
76 authn_registry = AuthenticationPluginRegistry(config.get_settings())
78 authn_registry = AuthenticationPluginRegistry(config.get_settings())
77 config.add_directive('add_authn_plugin', authn_registry.add_authn_plugin)
79 config.add_directive('add_authn_plugin', authn_registry.add_authn_plugin)
78 config.registry.registerUtility(authn_registry)
80 config.registry.registerUtility(authn_registry)
79
81
80 # Create authentication traversal root resource.
82 # Create authentication traversal root resource.
81 authn_root_resource = root_factory()
83 authn_root_resource = root_factory()
82 config.add_directive('add_authn_resource',
84 config.add_directive('add_authn_resource',
83 authn_root_resource.add_authn_resource)
85 authn_root_resource.add_authn_resource)
84
86
85 # Add the authentication traversal route.
87 # Add the authentication traversal route.
86 config.add_route('auth_home',
88 config.add_route('auth_home',
87 ADMIN_PREFIX + '/auth*traverse',
89 ADMIN_PREFIX + '/auth*traverse',
88 factory=root_factory)
90 factory=root_factory)
89 # Add the authentication settings root views.
91 # Add the authentication settings root views.
90 config.add_view('rhodecode.authentication.views.AuthSettingsView',
92 config.add_view('rhodecode.authentication.views.AuthSettingsView',
91 attr='index',
93 attr='index',
92 request_method='GET',
94 request_method='GET',
93 route_name='auth_home',
95 route_name='auth_home',
94 context=AuthnRootResource)
96 context=AuthnRootResource)
95 config.add_view('rhodecode.authentication.views.AuthSettingsView',
97 config.add_view('rhodecode.authentication.views.AuthSettingsView',
96 attr='auth_settings',
98 attr='auth_settings',
97 request_method='POST',
99 request_method='POST',
98 route_name='auth_home',
100 route_name='auth_home',
99 context=AuthnRootResource)
101 context=AuthnRootResource)
General Comments 0
You need to be logged in to leave comments. Login now