##// END OF EJS Templates
rhodecode-enterprise-ce
RSS
authn: Rename 'container' -> 'headers' in authentication.
johbo -
r106:5d16fb96 default
parent child Browse files
Show More
Show file before | Show file after | Hide comments
@@ -222,12 +222,8 b' class RhodeCodeAuthPluginBase(object):'
222 @hybrid_property
222 @hybrid_property
223 def is_container_auth(self):
223 def is_container_auth(self):
224 """
224 """
225 Returns bool if this module uses container auth.
225 Deprecated method that indicates if this authentication plugin uses
226
226 HTTP headers as authentication method.
227 This property will trigger an automatic call to authenticate on
228 a visit to the website or during a push/pull.
229
230 :returns: bool
231 """
227 """
232 return False
228 return False
233
229
@@ -292,7 +288,7 b' class RhodeCodeAuthPluginBase(object):'
292 """
288 """
293 Helper method for user fetching in plugins, by default it's using
289 Helper method for user fetching in plugins, by default it's using
294 simple fetch by username, but this method can be custimized in plugins
290 simple fetch by username, but this method can be custimized in plugins
295 eg. container auth plugin to fetch user by environ params
291 eg. headers auth plugin to fetch user by environ params
296
292
297 :param username: username if given to fetch from database
293 :param username: username if given to fetch from database
298 :param kwargs: extra arguments needed for user fetching.
294 :param kwargs: extra arguments needed for user fetching.
@@ -495,9 +491,9 b' def authenticate(username, password, env'
495 Authentication function used for access control,
491 Authentication function used for access control,
496 It tries to authenticate based on enabled authentication modules.
492 It tries to authenticate based on enabled authentication modules.
497
493
498 :param username: username can be empty for container auth
494 :param username: username can be empty for headers auth
499 :param password: password can be empty for container auth
495 :param password: password can be empty for headers auth
500 :param environ: environ headers passed for container auth
496 :param environ: environ headers passed for headers auth
501 :param auth_type: type of authentication, either `HTTP_TYPE` or `VCS_TYPE`
497 :param auth_type: type of authentication, either `HTTP_TYPE` or `VCS_TYPE`
502 :param skip_missing: ignores plugins that are in db but not in environment
498 :param skip_missing: ignores plugins that are in db but not in environment
503 :returns: None if auth failed, plugin_user dict if auth is correct
499 :returns: None if auth failed, plugin_user dict if auth is correct
@@ -505,7 +501,7 b' def authenticate(username, password, env'
505 if not auth_type or auth_type not in [HTTP_TYPE, VCS_TYPE]:
501 if not auth_type or auth_type not in [HTTP_TYPE, VCS_TYPE]:
506 raise ValueError('auth type must be on of http, vcs got "%s" instead'
502 raise ValueError('auth type must be on of http, vcs got "%s" instead'
507 % auth_type)
503 % auth_type)
508 container_only = environ and not (username and password)
504 headers_only = environ and not (username and password)
509
505
510 authn_registry = get_current_registry().getUtility(IAuthnPluginRegistry)
506 authn_registry = get_current_registry().getUtility(IAuthnPluginRegistry)
511 for plugin in authn_registry.get_plugins_for_authentication():
507 for plugin in authn_registry.get_plugins_for_authentication():
@@ -513,9 +509,9 b' def authenticate(username, password, env'
513 user = plugin.get_user(username)
509 user = plugin.get_user(username)
514 display_user = user.username if user else username
510 display_user = user.username if user else username
515
511
516 if container_only and not plugin.is_container_auth:
512 if headers_only and not plugin.is_headers_auth:
517 log.debug('Auth type is for container only and plugin `%s` is not '
513 log.debug('Auth type is for headers only and plugin `%s` is not '
518 'container plugin, skipping...', plugin.get_id())
514 'headers plugin, skipping...', plugin.get_id())
519 continue
515 continue
520
516
521 # load plugin settings from RhodeCode database
517 # load plugin settings from RhodeCode database
Show file before | Show file after | Hide comments
@@ -123,9 +123,9 b' class LoginView(object):'
123 if user.is_authenticated and not user.is_default and user.ip_allowed:
123 if user.is_authenticated and not user.is_default and user.ip_allowed:
124 raise HTTPFound(came_from)
124 raise HTTPFound(came_from)
125
125
126 # check if we use container plugin, and try to login using it.
126 # check if we use headers plugin, and try to login using it.
127 try:
127 try:
128 log.debug('Running PRE-AUTH for container based authentication')
128 log.debug('Running PRE-AUTH for headers based authentication')
129 auth_info = authenticate(
129 auth_info = authenticate(
130 '', '', self.request.environ, HTTP_TYPE, skip_missing=True)
130 '', '', self.request.environ, HTTP_TYPE, skip_missing=True)
131 if auth_info:
131 if auth_info:
@@ -167,7 +167,7 b' class LoginView(object):'
167 return render_ctx
167 return render_ctx
168
168
169 except UserCreationError as e:
169 except UserCreationError as e:
170 # container auth or other auth functions that create users on
170 # headers auth or other auth functions that create users on
171 # the fly can throw this exception signaling that there's issue
171 # the fly can throw this exception signaling that there's issue
172 # with user creation, explanation should be provided in
172 # with user creation, explanation should be provided in
173 # Exception itself
173 # Exception itself
General Comments 0
You need to be logged in to leave comments. Login now