##// END OF EJS Templates
upstream » kallithea
RSS

Clone from https://kallithea-scm.org/repos/kallithea

Changed auth lib for sqlalchemy
Marcin Kuzminski -
r64:08707974 default
parent child Browse files
Show More
Show file before | Show file after | Hide comments
@@ -1,35 +1,31 b''
1 import sqlite3
2 import os
3 import logging
1 import logging
4 from os.path import dirname as dn
5 from datetime import datetime
2 from datetime import datetime
6 import crypt
3 import crypt
7 from pylons import session, url
4 from pylons import session, url
8 from pylons.controllers.util import abort, redirect
5 from pylons.controllers.util import abort, redirect
9 from decorator import decorator
6 from decorator import decorator
7 from sqlalchemy.exc import OperationalError
10 log = logging.getLogger(__name__)
8 log = logging.getLogger(__name__)
11 ROOT = dn(dn(dn(os.path.realpath(__file__))))
9 from pylons_app.model import meta
10 from pylons_app.model.db import Users, UserLogs
11 from sqlalchemy.orm.exc import NoResultFound, MultipleResultsFound
12
12
13 def get_sqlite_conn_cur():
13 def get_crypt_password(password):
14 conn = sqlite3.connect(os.path.join(ROOT, 'auth.sqlite'))
14 return crypt.crypt(password, '6a')
15 cur = conn.cursor()
16 return conn, cur
17
18
15
19 def admin_auth(username, password):
16 def admin_auth(username, password):
20 conn, cur = get_sqlite_conn_cur()
17 sa = meta.Session
21 password_crypt = crypt.crypt(password, '6a')
18 password_crypt = get_crypt_password(password)
22
19
23 try:
20 try:
24 cur.execute("SELECT * FROM users WHERE username=?", (username,))
21 user = sa.query(Users).filter(Users.username == username).one()
25 data = cur.fetchone()
22 except (NoResultFound, MultipleResultsFound, OperationalError) as e:
26 except sqlite3.OperationalError as e:
27 data = None
28 log.error(e)
23 log.error(e)
24 user = None
29
25
30 if data:
26 if user:
31 if data[3]:
27 if user.active:
32 if data[1] == username and data[2] == password_crypt and data[4]:
28 if user.username == username and user.password == password_crypt and user.admin:
33 log.info('user %s authenticated correctly', username)
29 log.info('user %s authenticated correctly', username)
34 return True
30 return True
35 else:
31 else:
@@ -38,37 +34,39 b' def admin_auth(username, password):'
38 return False
34 return False
39
35
40 def authfunc(environ, username, password):
36 def authfunc(environ, username, password):
41 conn, cur = get_sqlite_conn_cur()
37 sa = meta.Session
42 password_crypt = crypt.crypt(password, '6a')
38 password_crypt = get_crypt_password(password)
43
39
44 try:
40 try:
45 cur.execute("SELECT * FROM users WHERE username=?", (username,))
41 user = sa.query(Users).filter(Users.username == username).one()
46 data = cur.fetchone()
42 except (NoResultFound, MultipleResultsFound, OperationalError) as e:
47 except sqlite3.OperationalError as e:
48 data = None
49 log.error(e)
43 log.error(e)
50 if data:
44 user = None
51 if data[3]:
45
52 if data[1] == username and data[2] == password_crypt:
46 if user:
47 if user.active:
48 if user.username == username and user.password == password_crypt:
53 log.info('user %s authenticated correctly', username)
49 log.info('user %s authenticated correctly', username)
54 if environ:
50 if environ:
55 http_accept = environ.get('HTTP_ACCEPT')
51 http_accept = environ.get('HTTP_ACCEPT')
56
52
57 if http_accept.startswith('application/mercurial') or \
53 if http_accept.startswith('application/mercurial') or \
58 environ['PATH_INFO'].find('raw-file') != -1:
54 environ['PATH_INFO'].find('raw-file') != -1:
59 cmd = environ['PATH_INFO']
55 repo = environ['PATH_INFO']
60 for qry in environ['QUERY_STRING'].split('&'):
56 for qry in environ['QUERY_STRING'].split('&'):
61 if qry.startswith('cmd'):
57 if qry.startswith('cmd'):
62 cmd += "|" + qry
63
58
64 try:
59 try:
65 cur.execute("""INSERT INTO
60 user_log = UserLogs()
66 user_logs
61 user_log.user_id = user.user_id
67 VALUES(?,?,?,?)""",
62 user_log.action = qry
68 (None, data[0], cmd, datetime.now()))
63 user_log.repository = repo
69 conn.commit()
64 user_log.action_date = datetime.now()
65 sa.add(user_log)
66 sa.commit()
67 log.info('Adding user %s, action %s', username, qry)
70 except Exception as e:
68 except Exception as e:
71 conn.rollback()
69 sa.rollback()
72 log.error(e)
70 log.error(e)
73
71
74 return True
72 return True
@@ -84,55 +82,3 b' def authenticate(fn, *args, **kwargs):'
84 redirect(url('admin_home'), 301)
82 redirect(url('admin_home'), 301)
85 return fn(*args, **kwargs)
83 return fn(*args, **kwargs)
86
84
87 def create_user_table():
88 """
89 Create a auth database
90 """
91 conn, cur = get_sqlite_conn_cur()
92 try:
93 log.info('creating table %s', 'users')
94 cur.execute("""DROP TABLE IF EXISTS users """)
95 cur.execute("""CREATE TABLE users
96 (user_id INTEGER PRIMARY KEY AUTOINCREMENT,
97 username TEXT,
98 password TEXT,
99 active INTEGER,
100 admin INTEGER)""")
101 log.info('creating table %s', 'user_logs')
102 cur.execute("""DROP TABLE IF EXISTS user_logs """)
103 cur.execute("""CREATE TABLE user_logs
104 (id INTEGER PRIMARY KEY AUTOINCREMENT,
105 user_id INTEGER,
106 last_action TEXT,
107 last_action_date DATETIME)""")
108 conn.commit()
109 except:
110 conn.rollback()
111 raise
112
113 cur.close()
114
115 def create_user(username, password, admin=False):
116 conn, cur = get_sqlite_conn_cur()
117 password_crypt = crypt.crypt(password, '6a')
118 log.info('creating user %s', username)
119 try:
120 cur.execute("""INSERT INTO users values (?,?,?,?,?) """,
121 (None, username, password_crypt, 1, admin))
122 conn.commit()
123 except:
124 conn.rollback()
125 raise
126
127 if __name__ == "__main__":
128 create_user_table()
129 create_user('marcink', 'qweqwe', True)
130 create_user('lukaszd', 'qweqwe')
131 create_user('adriand', 'qweqwe')
132 create_user('radek', 'qweqwe')
133 create_user('skrzeka', 'qweqwe')
134 create_user('bart', 'qweqwe')
135 create_user('maho', 'qweqwe')
136 create_user('michalg', 'qweqwe')
137
138 #authfunc('', 'marcink', 'qweqwe')
General Comments 0
You need to be logged in to leave comments. Login now