Show More
| @@ -56,7 +56,7 b' beaker.cache.super_short_term.expire=10' | |||
|
|
56 | 56 | ### BEAKER SESSION #### |
|
|
57 | 57 | #################################### |
|
|
58 | 58 | ## Type of storage used for the session, current types are |
|
|
59 |
## |
|
|
|
59 | ## dbm, file, memcached, database, and memory. | |
|
|
60 | 60 | ## The storage uses the Container API |
|
|
61 | 61 | ##that is also used by the cache system. |
|
|
62 | 62 | beaker.session.type = file |
| @@ -30,7 +30,9 b' from pylons_app.lib.auth import AuthUser' | |||
|
|
30 | 30 | from pylons_app.lib.base import BaseController, render |
|
|
31 | 31 | from pylons_app.model.forms import LoginForm, RegisterForm |
|
|
32 | 32 | from pylons_app.model.user_model import UserModel |
|
|
33 | from sqlalchemy.exc import OperationalError | |
|
|
33 | 34 | import formencode |
|
|
35 | import datetime | |
|
|
34 | 36 | import logging |
|
|
35 | 37 | |
|
|
36 | 38 | log = logging.getLogger(__name__) |
| @@ -52,6 +54,21 b' class LoginController(BaseController):' | |||
|
|
52 | 54 | login_form = LoginForm() |
|
|
53 | 55 | try: |
|
|
54 | 56 | c.form_result = login_form.to_python(dict(request.POST)) |
|
|
57 | username = c.form_result['username'] | |
|
|
58 | user = UserModel().get_user_by_name(username) | |
|
|
59 | auth_user = AuthUser() | |
|
|
60 | auth_user.username = user.username | |
|
|
61 | auth_user.is_authenticated = True | |
|
|
62 | auth_user.is_admin = user.admin | |
|
|
63 | auth_user.user_id = user.user_id | |
|
|
64 | auth_user.name = user.name | |
|
|
65 | auth_user.lastname = user.lastname | |
|
|
66 | session['hg_app_user'] = auth_user | |
|
|
67 | session.save() | |
|
|
68 | log.info('user %s is now authenticated', username) | |
|
|
69 | ||
|
|
70 | user.update_lastlogin() | |
|
|
71 | ||
|
|
55 | 72 | if c.came_from: |
|
|
56 | 73 | return redirect(c.came_from) |
|
|
57 | 74 | else: |
| @@ -67,7 +84,8 b' class LoginController(BaseController):' | |||
|
|
67 | 84 | |
|
|
68 | 85 | return render('/login.html') |
|
|
69 | 86 | |
|
|
70 |
@HasPermissionAnyDecorator('hg.admin', 'hg.register.auto_activate', |
|
|
|
87 | @HasPermissionAnyDecorator('hg.admin', 'hg.register.auto_activate', | |
|
|
88 | 'hg.register.manual_activate') | |
|
|
71 | 89 | def register(self): |
|
|
72 | 90 | user_model = UserModel() |
|
|
73 | 91 | c.auto_active = False |
| @@ -232,7 +232,7 b' class LoginRequired(object):' | |||
|
|
232 | 232 | p = request.environ.get('PATH_INFO') |
|
|
233 | 233 | if request.environ.get('QUERY_STRING'): |
|
|
234 | 234 | p+='?'+request.environ.get('QUERY_STRING') |
|
|
235 | log.debug('redirecting to login page with %',p) | |
|
|
235 | log.debug('redirecting to login page with %s',p) | |
|
|
236 | 236 | return redirect(url('login_home',came_from=p)) |
|
|
237 | 237 | |
|
|
238 | 238 | class PermsDecorator(object): |
| @@ -1,7 +1,11 b'' | |||
|
|
1 | 1 | from pylons_app.model.meta import Base |
|
|
2 | from sqlalchemy import * | |
|
|
2 | 3 | from sqlalchemy.orm import relation, backref |
|
|
3 |
from sqlalchemy import |
|
|
|
4 | from sqlalchemy.orm.session import Session | |
|
|
4 | 5 | from vcs.utils.lazy import LazyProperty |
|
|
6 | import logging | |
|
|
7 | ||
|
|
8 | log = logging.getLogger(__name__) | |
|
|
5 | 9 | |
|
|
6 | 10 | class HgAppSettings(Base): |
|
|
7 | 11 | __tablename__ = 'hg_app_settings' |
| @@ -43,6 +47,20 b' class User(Base):' | |||
|
|
43 | 47 | def __repr__(self): |
|
|
44 | 48 | return "<User('id:%s:%s')>" % (self.user_id, self.username) |
|
|
45 | 49 |
|
|
|
50 | def update_lastlogin(self): | |
|
|
51 | """Update user lastlogin""" | |
|
|
52 | import datetime | |
|
|
53 | ||
|
|
54 | try: | |
|
|
55 | session = Session.object_session(self) | |
|
|
56 | self.last_login = datetime.datetime.now() | |
|
|
57 | session.add(self) | |
|
|
58 | session.commit() | |
|
|
59 | log.debug('updated user %s lastlogin',self) | |
|
|
60 | except Exception: | |
|
|
61 | session.rollback() | |
|
|
62 | ||
|
|
63 | ||
|
|
46 | 64 | class UserLog(Base): |
|
|
47 | 65 | __tablename__ = 'user_logs' |
|
|
48 | 66 | __table_args__ = {'useexisting':True} |
| @@ -26,11 +26,11 b' from pylons import session' | |||
|
|
26 | 26 | from pylons.i18n.translation import _ |
|
|
27 | 27 | from pylons_app.lib.auth import check_password, get_crypt_password |
|
|
28 | 28 | from pylons_app.model import meta |
|
|
29 | from pylons_app.model.user_model import UserModel | |
|
|
29 | 30 | from pylons_app.model.db import User, Repository |
|
|
30 | 31 | from sqlalchemy.exc import OperationalError |
|
|
31 | 32 | from sqlalchemy.orm.exc import NoResultFound, MultipleResultsFound |
|
|
32 | 33 | from webhelpers.pylonslib.secure_form import authentication_token |
|
|
33 | import datetime | |
|
|
34 | 34 | import formencode |
|
|
35 | 35 | import logging |
|
|
36 | 36 | import os |
| @@ -93,11 +93,10 b' class ValidAuth(formencode.validators.Fa' | |||
|
|
93 | 93 | e_dict_disable = {'username':messages['disabled_account']} |
|
|
94 | 94 | |
|
|
95 | 95 | def validate_python(self, value, state): |
|
|
96 | sa = meta.Session | |
|
|
97 | 96 | password = value['password'] |
|
|
98 | 97 | username = value['username'] |
|
|
99 | 98 | try: |
|
|
100 |
user = |
|
|
|
99 | user = UserModel().get_user_by_name(username) | |
|
|
101 | 100 | except (NoResultFound, MultipleResultsFound, OperationalError) as e: |
|
|
102 | 101 | log.error(e) |
|
|
103 | 102 | user = None |
| @@ -106,27 +105,8 b' class ValidAuth(formencode.validators.Fa' | |||
|
|
106 | 105 | error_dict=self.e_dict) |
|
|
107 | 106 | if user: |
|
|
108 | 107 | if user.active: |
|
|
109 |
if user.username == username and check_password(password, |
|
|
|
110 | from pylons_app.lib.auth import AuthUser | |
|
|
111 | auth_user = AuthUser() | |
|
|
112 | auth_user.username = username | |
|
|
113 | auth_user.is_authenticated = True | |
|
|
114 | auth_user.is_admin = user.admin | |
|
|
115 | auth_user.user_id = user.user_id | |
|
|
116 | auth_user.name = user.name | |
|
|
117 | auth_user.lastname = user.lastname | |
|
|
118 | session['hg_app_user'] = auth_user | |
|
|
119 | session.save() | |
|
|
120 | log.info('user %s is now authenticated', username) | |
|
|
121 | ||
|
|
122 | try: | |
|
|
123 | user.last_login = datetime.datetime.now() | |
|
|
124 | sa.add(user) | |
|
|
125 | sa.commit() | |
|
|
126 | except (OperationalError) as e: | |
|
|
127 | log.error(e) | |
|
|
128 | sa.rollback() | |
|
|
129 | ||
|
|
108 | if user.username == username and check_password(password, | |
|
|
109 | user.password): | |
|
|
130 | 110 | return value |
|
|
131 | 111 | else: |
|
|
132 | 112 | log.warning('user %s not authenticated', username) |
| @@ -140,21 +120,19 b' class ValidAuth(formencode.validators.Fa' | |||
|
|
140 | 120 | value, state, |
|
|
141 | 121 | error_dict=self.e_dict_disable) |
|
|
142 | 122 | |
|
|
143 | meta.Session.remove() | |
|
|
144 | ||
|
|
145 | ||
|
|
146 | 123 | class ValidRepoUser(formencode.validators.FancyValidator): |
|
|
147 | 124 | |
|
|
148 | 125 | def to_python(self, value, state): |
|
|
149 | sa = meta.Session | |
|
|
150 | 126 | try: |
|
|
151 |
self.user_db = |
|
|
|
127 | self.user_db = meta.Session.query(User)\ | |
|
|
152 | 128 | .filter(User.active == True)\ |
|
|
153 | 129 | .filter(User.username == value).one() |
|
|
154 | 130 | except Exception: |
|
|
155 | 131 | raise formencode.Invalid(_('This username is not valid'), |
|
|
156 | 132 | value, state) |
|
|
133 | finally: | |
|
|
157 | 134 |
meta.Session.remove() |
|
|
135 | ||
|
|
158 | 136 | return self.user_db.user_id |
|
|
159 | 137 | |
|
|
160 | 138 | def ValidRepoName(edit, old_data): |
General Comments 0
You need to be logged in to leave comments.
Login now