Show More
| @@ -1,76 +1,77 | |||
|
|
1 | 1 | from datetime import datetime |
|
|
2 | 2 | from decorator import decorator |
|
|
3 | 3 | from functools import wraps |
|
|
4 | 4 | from pylons import session, url |
|
|
5 | 5 | from pylons.controllers.util import abort, redirect |
|
|
6 | 6 | from pylons_app.model import meta |
|
|
7 | 7 | from pylons_app.model.db import Users |
|
|
8 | 8 | from sqlalchemy.exc import OperationalError |
|
|
9 | 9 | from sqlalchemy.orm.exc import NoResultFound, MultipleResultsFound |
|
|
10 | 10 | import crypt |
|
|
11 | 11 | import logging |
|
|
12 | 12 | log = logging.getLogger(__name__) |
|
|
13 | 13 | |
|
|
14 | 14 | def get_crypt_password(password): |
|
|
15 | 15 | """ |
|
|
16 | 16 | Cryptographic function used for password hashing |
|
|
17 | 17 | @param password: password to hash |
|
|
18 | 18 | """ |
|
|
19 | 19 | return crypt.crypt(password, '6a') |
|
|
20 | 20 | |
|
|
21 | 21 | def authfunc(environ, username, password): |
|
|
22 | 22 | sa = meta.Session |
|
|
23 | 23 | password_crypt = get_crypt_password(password) |
|
|
24 | 24 | try: |
|
|
25 | 25 | user = sa.query(Users).filter(Users.username == username).one() |
|
|
26 | 26 | except (NoResultFound, MultipleResultsFound, OperationalError) as e: |
|
|
27 | 27 | log.error(e) |
|
|
28 | 28 | user = None |
|
|
29 | 29 | |
|
|
30 | 30 | if user: |
|
|
31 | 31 | if user.active: |
|
|
32 | 32 | if user.username == username and user.password == password_crypt: |
|
|
33 | 33 | log.info('user %s authenticated correctly', username) |
|
|
34 | 34 | return True |
|
|
35 | 35 | else: |
|
|
36 | 36 | log.error('user %s is disabled', username) |
|
|
37 | 37 | |
|
|
38 | 38 | return False |
|
|
39 | 39 | |
|
|
40 | 40 | class AuthUser(object): |
|
|
41 | 41 | """ |
|
|
42 | 42 | A simple object that handles a mercurial username for authentication |
|
|
43 | 43 | """ |
|
|
44 |
username = ' |
|
|
|
44 | username = 'None' | |
|
|
45 | 45 | is_authenticated = False |
|
|
46 | 46 | is_admin = False |
|
|
47 | 47 | permissions = set() |
|
|
48 | 48 | group = set() |
|
|
49 | 49 | |
|
|
50 | 50 | def __init__(self): |
|
|
51 | 51 | pass |
|
|
52 | 52 | |
|
|
53 | 53 | #=============================================================================== |
|
|
54 | 54 | # DECORATORS |
|
|
55 | 55 | #=============================================================================== |
|
|
56 | 56 | class LoginRequired(object): |
|
|
57 | 57 | """ |
|
|
58 | 58 | Must be logged in to execute this function else redirect to login page |
|
|
59 | 59 | """ |
|
|
60 | 60 | def __init__(self): |
|
|
61 | 61 | pass |
|
|
62 | 62 | |
|
|
63 | 63 | def __call__(self, func): |
|
|
64 | user = session.get('hg_app_user', AuthUser()) | |
|
|
65 | log.info('Checking login required for %s', user.username) | |
|
|
66 | 64 | |
|
|
67 | 65 | @wraps(func) |
|
|
68 | 66 | def _wrapper(*fargs, **fkwargs): |
|
|
67 | user = session.get('hg_app_user', AuthUser()) | |
|
|
68 | log.info('Checking login required for user:%s', user.username) | |
|
|
69 | 69 | if user.is_authenticated: |
|
|
70 | 70 | log.info('user %s is authenticated', user.username) |
|
|
71 | 71 | func(*fargs) |
|
|
72 | 72 | else: |
|
|
73 | 73 | logging.info('user %s not authenticated', user.username) |
|
|
74 | logging.info('redirecting to login page') | |
|
|
74 | 75 | return redirect(url('login_home')) |
|
|
75 | 76 | |
|
|
76 | 77 | return _wrapper |
General Comments 0
You need to be logged in to leave comments.
Login now