Show More
| @@ -222,12 +222,8 b' class RhodeCodeAuthPluginBase(object):' | |||
|
|
222 | 222 | @hybrid_property |
|
|
223 | 223 | def is_container_auth(self): |
|
|
224 | 224 | """ |
|
|
225 | Returns bool if this module uses container auth. | |
|
|
226 | ||
|
|
227 | This property will trigger an automatic call to authenticate on | |
|
|
228 | a visit to the website or during a push/pull. | |
|
|
229 | ||
|
|
230 | :returns: bool | |
|
|
225 | Deprecated method that indicates if this authentication plugin uses | |
|
|
226 | HTTP headers as authentication method. | |
|
|
231 | 227 | """ |
|
|
232 | 228 | return False |
|
|
233 | 229 | |
| @@ -292,7 +288,7 b' class RhodeCodeAuthPluginBase(object):' | |||
|
|
292 | 288 | """ |
|
|
293 | 289 | Helper method for user fetching in plugins, by default it's using |
|
|
294 | 290 | simple fetch by username, but this method can be custimized in plugins |
|
|
295 |
eg. |
|
|
|
291 | eg. headers auth plugin to fetch user by environ params | |
|
|
296 | 292 | |
|
|
297 | 293 | :param username: username if given to fetch from database |
|
|
298 | 294 | :param kwargs: extra arguments needed for user fetching. |
| @@ -495,9 +491,9 b' def authenticate(username, password, env' | |||
|
|
495 | 491 | Authentication function used for access control, |
|
|
496 | 492 | It tries to authenticate based on enabled authentication modules. |
|
|
497 | 493 | |
|
|
498 |
:param username: username can be empty for |
|
|
|
499 |
:param password: password can be empty for |
|
|
|
500 |
:param environ: environ headers passed for |
|
|
|
494 | :param username: username can be empty for headers auth | |
|
|
495 | :param password: password can be empty for headers auth | |
|
|
496 | :param environ: environ headers passed for headers auth | |
|
|
501 | 497 | :param auth_type: type of authentication, either `HTTP_TYPE` or `VCS_TYPE` |
|
|
502 | 498 | :param skip_missing: ignores plugins that are in db but not in environment |
|
|
503 | 499 | :returns: None if auth failed, plugin_user dict if auth is correct |
| @@ -505,7 +501,7 b' def authenticate(username, password, env' | |||
|
|
505 | 501 | if not auth_type or auth_type not in [HTTP_TYPE, VCS_TYPE]: |
|
|
506 | 502 | raise ValueError('auth type must be on of http, vcs got "%s" instead' |
|
|
507 | 503 | % auth_type) |
|
|
508 |
|
|
|
|
504 | headers_only = environ and not (username and password) | |
|
|
509 | 505 | |
|
|
510 | 506 | authn_registry = get_current_registry().getUtility(IAuthnPluginRegistry) |
|
|
511 | 507 | for plugin in authn_registry.get_plugins_for_authentication(): |
| @@ -513,9 +509,9 b' def authenticate(username, password, env' | |||
|
|
513 | 509 | user = plugin.get_user(username) |
|
|
514 | 510 | display_user = user.username if user else username |
|
|
515 | 511 | |
|
|
516 |
if |
|
|
|
517 |
log.debug('Auth type is for |
|
|
|
518 |
' |
|
|
|
512 | if headers_only and not plugin.is_headers_auth: | |
|
|
513 | log.debug('Auth type is for headers only and plugin `%s` is not ' | |
|
|
514 | 'headers plugin, skipping...', plugin.get_id()) | |
|
|
519 | 515 | continue |
|
|
520 | 516 | |
|
|
521 | 517 | # load plugin settings from RhodeCode database |
| @@ -123,9 +123,9 b' class LoginView(object):' | |||
|
|
123 | 123 | if user.is_authenticated and not user.is_default and user.ip_allowed: |
|
|
124 | 124 | raise HTTPFound(came_from) |
|
|
125 | 125 | |
|
|
126 |
# check if we use |
|
|
|
126 | # check if we use headers plugin, and try to login using it. | |
|
|
127 | 127 | try: |
|
|
128 |
log.debug('Running PRE-AUTH for |
|
|
|
128 | log.debug('Running PRE-AUTH for headers based authentication') | |
|
|
129 | 129 | auth_info = authenticate( |
|
|
130 | 130 | '', '', self.request.environ, HTTP_TYPE, skip_missing=True) |
|
|
131 | 131 | if auth_info: |
| @@ -167,7 +167,7 b' class LoginView(object):' | |||
|
|
167 | 167 | return render_ctx |
|
|
168 | 168 | |
|
|
169 | 169 | except UserCreationError as e: |
|
|
170 |
# |
|
|
|
170 | # headers auth or other auth functions that create users on | |
|
|
171 | 171 | # the fly can throw this exception signaling that there's issue |
|
|
172 | 172 | # with user creation, explanation should be provided in |
|
|
173 | 173 | # Exception itself |
General Comments 0
You need to be logged in to leave comments.
Login now