Show More
| @@ -0,0 +1,37 b'' | |||
|
|
1 | import logging | |
|
|
2 | from formencode import htmlfill | |
|
|
3 | from pylons import request, response, session, tmpl_context as c, url | |
|
|
4 | from pylons.controllers.util import abort, redirect | |
|
|
5 | from pylons_app.lib.base import BaseController, render | |
|
|
6 | import formencode | |
|
|
7 | from pylons_app.model.forms import LoginForm | |
|
|
8 | from pylons_app.lib.auth import AuthUser | |
|
|
9 | ||
|
|
10 | log = logging.getLogger(__name__) | |
|
|
11 | ||
|
|
12 | class LoginController(BaseController): | |
|
|
13 | ||
|
|
14 | def index(self): | |
|
|
15 | if session.get('hg_app_user', AuthUser()).is_authenticated: | |
|
|
16 | return redirect(url('hg_home')) | |
|
|
17 | ||
|
|
18 | if request.POST: | |
|
|
19 | #import Login Form validator class | |
|
|
20 | login_form = LoginForm() | |
|
|
21 | try: | |
|
|
22 | c.form_result = login_form.to_python(dict(request.POST)) | |
|
|
23 | return redirect(url('hg_home')) | |
|
|
24 | ||
|
|
25 | except formencode.Invalid as errors: | |
|
|
26 | c.form_errors = errors.error_dict | |
|
|
27 | return htmlfill.render( | |
|
|
28 | render('/login.html'), | |
|
|
29 | defaults=errors.value, | |
|
|
30 | encoding="UTF-8") | |
|
|
31 | ||
|
|
32 | return render('/login.html') | |
|
|
33 | ||
|
|
34 | def logout(self): | |
|
|
35 | session['hg_app_user'] = AuthUser() | |
|
|
36 | session.save() | |
|
|
37 | redirect(url('hg_home')) | |
| @@ -0,0 +1,42 b'' | |||
|
|
1 | ## -*- coding: utf-8 -*- | |
|
|
2 | <%! | |
|
|
3 | from pylons_app.lib import filters | |
|
|
4 | %> | |
|
|
5 | <%inherit file="base/base.html"/> | |
|
|
6 | <%def name="title()"> | |
|
|
7 | ${c.repos_prefix} Mercurial Repositories | |
|
|
8 | </%def> | |
|
|
9 | <%def name="breadcrumbs()"> | |
|
|
10 | ${c.repos_prefix} Mercurial Repositories | |
|
|
11 | </%def> | |
|
|
12 | <%def name="page_nav()"> | |
|
|
13 | ${self.menu('home')} | |
|
|
14 | </%def> | |
|
|
15 | <%def name="main()"> | |
|
|
16 | <div> | |
|
|
17 | <br /> | |
|
|
18 | <h2>${_('Login')}</h2> | |
|
|
19 | ${h.form(h.url.current())} | |
|
|
20 | <table> | |
|
|
21 | <tr> | |
|
|
22 | <td>${_('Username')}</td> | |
|
|
23 | <td>${h.text('username')}</td> | |
|
|
24 | <td>${self.get_form_error('username')} | |
|
|
25 | ||
|
|
26 | </td> | |
|
|
27 | </tr> | |
|
|
28 | <tr> | |
|
|
29 | <td>${_('Password')}</td> | |
|
|
30 | <td>${h.password('password')}</td> | |
|
|
31 | <td>${self.get_form_error('password')}</td> | |
|
|
32 | </tr> | |
|
|
33 | <tr> | |
|
|
34 | <td></td> | |
|
|
35 | <td>${h.submit('login','login')}</td> | |
|
|
36 | </tr> | |
|
|
37 | </table> | |
|
|
38 | ${h.end_form()} | |
|
|
39 | </div> | |
|
|
40 | </%def> | |
|
|
41 | ||
|
|
42 | ||
| @@ -16,24 +16,88 b' ignore_key_missing False If Tru' | |||
|
|
16 | 16 | <name> = formencode.validators.<name of validator> |
|
|
17 | 17 | <name> must equal form name |
|
|
18 | 18 | list=[1,2,3,4,5] |
|
|
19 |
for |
|
|
|
19 | for SELECT use formencode.All(OneOf(list), Int()) | |
|
|
20 | 20 | |
|
|
21 | 21 | """ |
|
|
22 | ||
|
|
22 | from formencode.validators import UnicodeString, OneOf, Int, Number, Regex | |
|
|
23 | from pylons import session | |
|
|
24 | from pylons.i18n.translation import _ | |
|
|
25 | from pylons_app.lib.auth import get_crypt_password | |
|
|
26 | from pylons_app.model import meta | |
|
|
27 | from pylons_app.model.db import Users | |
|
|
28 | from sqlalchemy.exc import OperationalError | |
|
|
29 | from sqlalchemy.orm.exc import NoResultFound, MultipleResultsFound | |
|
|
30 | from webhelpers.pylonslib.secure_form import authentication_token | |
|
|
23 | 31 | import formencode |
|
|
24 | from formencode.validators import UnicodeString, OneOf, Int, Number, Regex | |
|
|
25 | from pylons.i18n.translation import _ | |
|
|
26 | from webhelpers.pylonslib.secure_form import authentication_token | |
|
|
32 | import logging | |
|
|
33 | log = logging.getLogger(__name__) | |
|
|
34 | ||
|
|
27 | 35 | |
|
|
36 | #this is needed to translate the messages using _() in validators | |
|
|
37 | class State_obj(object): | |
|
|
38 | _ = staticmethod(_) | |
|
|
39 | ||
|
|
40 | #=============================================================================== | |
|
|
41 | # VALIDATORS | |
|
|
42 | #=============================================================================== | |
|
|
28 | 43 | class ValidAuthToken(formencode.validators.FancyValidator): |
|
|
29 | 44 | messages = {'invalid_token':_('Token mismatch')} |
|
|
30 | 45 | |
|
|
31 | 46 | def validate_python(self, value, state): |
|
|
32 | 47 | |
|
|
33 | 48 | if value != authentication_token(): |
|
|
34 |
raise formencode.Invalid(self.message('invalid_token', state, |
|
|
|
49 | raise formencode.Invalid(self.message('invalid_token', state, | |
|
|
50 | search_number=value), value, state) | |
|
|
51 | ||
|
|
52 | class ValidAuth(formencode.validators.FancyValidator): | |
|
|
53 | messages = { | |
|
|
54 | 'invalid_password':_('invalid password'), | |
|
|
55 | 'invalid_login':_('invalid user name'), | |
|
|
56 | 'disabled_account':_('Your acccount is disabled') | |
|
|
57 | ||
|
|
58 | } | |
|
|
59 | #error mapping | |
|
|
60 | e_dict = {'username':messages['invalid_login'], | |
|
|
61 | 'password':messages['invalid_password']} | |
|
|
62 | ||
|
|
63 | def validate_python(self, value, state): | |
|
|
64 | sa = meta.Session | |
|
|
65 | crypted_passwd = get_crypt_password(value['password']) | |
|
|
66 | username = value['username'] | |
|
|
67 | try: | |
|
|
68 | user = sa.query(Users).filter(Users.username == username).one() | |
|
|
69 | except (NoResultFound, MultipleResultsFound, OperationalError) as e: | |
|
|
70 | log.error(e) | |
|
|
71 | user = None | |
|
|
72 | print value | |
|
|
73 | if user: | |
|
|
74 | if user.active: | |
|
|
75 | if user.username == username and user.password == crypted_passwd: | |
|
|
76 | log.info('user %s authenticated correctly', username) | |
|
|
77 | from pylons_app.lib.auth import AuthUser | |
|
|
78 | auth_user = AuthUser() | |
|
|
79 | auth_user.username = username | |
|
|
80 | auth_user.is_authenticated = True | |
|
|
81 | auth_user.is_admin = user.admin | |
|
|
82 | session['hg_app_user'] = auth_user | |
|
|
83 | session.save() | |
|
|
84 | return value | |
|
|
85 | else: | |
|
|
86 | log.warning('user %s not authenticated', username) | |
|
|
87 | raise formencode.Invalid(self.message('invalid_password', | |
|
|
88 | state=State_obj), value, state, | |
|
|
89 | error_dict=self.e_dict) | |
|
|
90 | else: | |
|
|
91 | log.warning('user %s is disabled', username) | |
|
|
92 | raise formencode.Invalid(self.message('disabled_account', | |
|
|
93 | state=State_obj), | |
|
|
94 | value, state, error_dict=self.e_dict) | |
|
|
35 | 95 | |
|
|
36 | 96 | |
|
|
97 | ||
|
|
98 | #=============================================================================== | |
|
|
99 | # FORMS | |
|
|
100 | #=============================================================================== | |
|
|
37 | 101 | class LoginForm(formencode.Schema): |
|
|
38 | 102 | allow_extra_fields = True |
|
|
39 | 103 | filter_extra_fields = True |
| @@ -56,3 +120,7 b' class LoginForm(formencode.Schema):' | |||
|
|
56 | 120 | ) |
|
|
57 | 121 | |
|
|
58 | 122 | |
|
|
123 | #chained validators have access to all data | |
|
|
124 | chained_validators = [ValidAuth] | |
|
|
125 | ||
|
|
126 | ||
| @@ -10,10 +10,7 b' from pylons_app.lib import filters' | |||
|
|
10 | 10 | ${c.repos_prefix} Mercurial Repositories |
|
|
11 | 11 | </%def> |
|
|
12 | 12 | <%def name="page_nav()"> |
|
|
13 | <ul class="page-nav"> | |
|
|
14 | <li class="current">${_('Home')}</li> | |
|
|
15 | <li>${h.link_to(u'Admin',h.url('admin_home'))}</li> | |
|
|
16 | </ul> | |
|
|
13 | ${self.menu('home')} | |
|
|
17 | 14 | </%def> |
|
|
18 | 15 | <%def name="main()"> |
|
|
19 | 16 | <%def name="get_sort(name)"> |
General Comments 0
You need to be logged in to leave comments.
Login now