##// END OF EJS Templates
upstream » kallithea
RSS

Clone from https://kallithea-scm.org/repos/kallithea

auth: return early in LoginRequired on invalid IP...
Thomas De Schampheleire -
r5115:4cad3a52 default
parent child Browse files
Show More
Show file before | Show file after | Hide comments
@@ -719,6 +719,14 b' def set_available_permissions(config):'
719 719 #==============================================================================
720 720 # CHECK DECORATORS
721 721 #==============================================================================
722
723 def redirect_to_login(message=None):
724 from kallithea.lib import helpers as h
725 p = url.current()
726 h.flash(h.literal(message), category='warning')
727 log.debug('Redirecting to login page, origin: %s' % p)
728 return redirect(url('login_home', came_from=p))
729
722 730 class LoginRequired(object):
723 731 """
724 732 Must be logged in to execute this function else
@@ -738,14 +746,11 b' class LoginRequired(object):'
738 746 cls = fargs[0]
739 747 user = cls.authuser
740 748 loc = "%s:%s" % (cls.__class__.__name__, func.__name__)
749 log.debug('Checking access for user %s @ %s' % (user, loc))
741 750
742 751 # check if our IP is allowed
743 ip_access_valid = True
744 752 if not user.ip_allowed:
745 from kallithea.lib import helpers as h
746 h.flash(h.literal(_('IP %s not allowed' % (user.ip_addr))),
747 category='warning')
748 ip_access_valid = False
753 return redirect_to_login(_('IP %s not allowed' % (user.ip_addr)))
749 754
750 755 # check if we used an APIKEY and it's a valid one
751 756 # defined whitelist of controllers which API access will be enabled
@@ -775,21 +780,17 b' class LoginRequired(object):'
775 780 log.debug('Checking if %s is authenticated @ %s' % (user.username, loc))
776 781 reason = 'RegularAuth' if user.is_authenticated else 'APIAuth'
777 782
778 if ip_access_valid and (user.is_authenticated or api_access_valid):
783 if user.is_authenticated or api_access_valid:
779 784 log.info('user %s authenticating with:%s IS authenticated on func %s '
780 785 % (user, reason, loc)
781 786 )
782 787 return func(*fargs, **fkwargs)
783 788 else:
784 789 log.warning('user %s authenticating with:%s NOT authenticated on func: %s: '
785 'IP_ACCESS:%s API_ACCESS:%s'
786 % (user, reason, loc, ip_access_valid, api_access_valid)
790 'API_ACCESS:%s'
791 % (user, reason, loc, api_access_valid)
787 792 )
788 p = url.current()
789
790 log.debug('redirecting to login page with %s' % p)
791 return redirect(url('login_home', came_from=p))
792
793 return redirect_to_login()
793 794
794 795 class NotAnonymous(object):
795 796 """
@@ -808,13 +809,8 b' class NotAnonymous(object):'
808 809 anonymous = self.user.username == User.DEFAULT_USER
809 810
810 811 if anonymous:
811 p = url.current()
812
813 import kallithea.lib.helpers as h
814 h.flash(_('You need to be a registered user to '
815 'perform this action'),
816 category='warning')
817 return redirect(url('login_home', came_from=p))
812 return redirect_to_login(_('You need to be a registered user to '
813 'perform this action'))
818 814 else:
819 815 return func(*fargs, **fkwargs)
820 816
@@ -845,14 +841,7 b' class PermsDecorator(object):'
845 841 anonymous = self.user.username == User.DEFAULT_USER
846 842
847 843 if anonymous:
848 p = url.current()
849
850 import kallithea.lib.helpers as h
851 h.flash(_('You need to be signed in to '
852 'view this page'),
853 category='warning')
854 return redirect(url('login_home', came_from=p))
855
844 return redirect_to_login(_('You need to be signed in to view this page'))
856 845 else:
857 846 # redirect with forbidden ret code
858 847 return abort(403)
General Comments 0
You need to be logged in to leave comments. Login now