##// END OF EJS Templates
moved loged in user propagation out of forms,...
marcink -
r442:d66a7fa7 default
parent child Browse files
Show More
@@ -56,7 +56,7 b' beaker.cache.super_short_term.expire=10'
56 ### BEAKER SESSION ####
56 ### BEAKER SESSION ####
57 ####################################
57 ####################################
58 ## Type of storage used for the session, current types are
58 ## Type of storage used for the session, current types are
59 ## dbm, file, memcached, database, and memory.
59 ## dbm, file, memcached, database, and memory.
60 ## The storage uses the Container API
60 ## The storage uses the Container API
61 ##that is also used by the cache system.
61 ##that is also used by the cache system.
62 beaker.session.type = file
62 beaker.session.type = file
@@ -30,7 +30,9 b' from pylons_app.lib.auth import AuthUser'
30 from pylons_app.lib.base import BaseController, render
30 from pylons_app.lib.base import BaseController, render
31 from pylons_app.model.forms import LoginForm, RegisterForm
31 from pylons_app.model.forms import LoginForm, RegisterForm
32 from pylons_app.model.user_model import UserModel
32 from pylons_app.model.user_model import UserModel
33 from sqlalchemy.exc import OperationalError
33 import formencode
34 import formencode
35 import datetime
34 import logging
36 import logging
35
37
36 log = logging.getLogger(__name__)
38 log = logging.getLogger(__name__)
@@ -52,6 +54,21 b' class LoginController(BaseController):'
52 login_form = LoginForm()
54 login_form = LoginForm()
53 try:
55 try:
54 c.form_result = login_form.to_python(dict(request.POST))
56 c.form_result = login_form.to_python(dict(request.POST))
57 username = c.form_result['username']
58 user = UserModel().get_user_by_name(username)
59 auth_user = AuthUser()
60 auth_user.username = user.username
61 auth_user.is_authenticated = True
62 auth_user.is_admin = user.admin
63 auth_user.user_id = user.user_id
64 auth_user.name = user.name
65 auth_user.lastname = user.lastname
66 session['hg_app_user'] = auth_user
67 session.save()
68 log.info('user %s is now authenticated', username)
69
70 user.update_lastlogin()
71
55 if c.came_from:
72 if c.came_from:
56 return redirect(c.came_from)
73 return redirect(c.came_from)
57 else:
74 else:
@@ -67,7 +84,8 b' class LoginController(BaseController):'
67
84
68 return render('/login.html')
85 return render('/login.html')
69
86
70 @HasPermissionAnyDecorator('hg.admin', 'hg.register.auto_activate', 'hg.register.manual_activate')
87 @HasPermissionAnyDecorator('hg.admin', 'hg.register.auto_activate',
88 'hg.register.manual_activate')
71 def register(self):
89 def register(self):
72 user_model = UserModel()
90 user_model = UserModel()
73 c.auto_active = False
91 c.auto_active = False
@@ -232,7 +232,7 b' class LoginRequired(object):'
232 p = request.environ.get('PATH_INFO')
232 p = request.environ.get('PATH_INFO')
233 if request.environ.get('QUERY_STRING'):
233 if request.environ.get('QUERY_STRING'):
234 p+='?'+request.environ.get('QUERY_STRING')
234 p+='?'+request.environ.get('QUERY_STRING')
235 log.debug('redirecting to login page with %',p)
235 log.debug('redirecting to login page with %s',p)
236 return redirect(url('login_home',came_from=p))
236 return redirect(url('login_home',came_from=p))
237
237
238 class PermsDecorator(object):
238 class PermsDecorator(object):
@@ -1,7 +1,11 b''
1 from pylons_app.model.meta import Base
1 from pylons_app.model.meta import Base
2 from sqlalchemy import *
2 from sqlalchemy.orm import relation, backref
3 from sqlalchemy.orm import relation, backref
3 from sqlalchemy import *
4 from sqlalchemy.orm.session import Session
4 from vcs.utils.lazy import LazyProperty
5 from vcs.utils.lazy import LazyProperty
6 import logging
7
8 log = logging.getLogger(__name__)
5
9
6 class HgAppSettings(Base):
10 class HgAppSettings(Base):
7 __tablename__ = 'hg_app_settings'
11 __tablename__ = 'hg_app_settings'
@@ -43,6 +47,20 b' class User(Base):'
43 def __repr__(self):
47 def __repr__(self):
44 return "<User('id:%s:%s')>" % (self.user_id, self.username)
48 return "<User('id:%s:%s')>" % (self.user_id, self.username)
45
49
50 def update_lastlogin(self):
51 """Update user lastlogin"""
52 import datetime
53
54 try:
55 session = Session.object_session(self)
56 self.last_login = datetime.datetime.now()
57 session.add(self)
58 session.commit()
59 log.debug('updated user %s lastlogin',self)
60 except Exception:
61 session.rollback()
62
63
46 class UserLog(Base):
64 class UserLog(Base):
47 __tablename__ = 'user_logs'
65 __tablename__ = 'user_logs'
48 __table_args__ = {'useexisting':True}
66 __table_args__ = {'useexisting':True}
@@ -26,11 +26,11 b' from pylons import session'
26 from pylons.i18n.translation import _
26 from pylons.i18n.translation import _
27 from pylons_app.lib.auth import check_password, get_crypt_password
27 from pylons_app.lib.auth import check_password, get_crypt_password
28 from pylons_app.model import meta
28 from pylons_app.model import meta
29 from pylons_app.model.user_model import UserModel
29 from pylons_app.model.db import User, Repository
30 from pylons_app.model.db import User, Repository
30 from sqlalchemy.exc import OperationalError
31 from sqlalchemy.exc import OperationalError
31 from sqlalchemy.orm.exc import NoResultFound, MultipleResultsFound
32 from sqlalchemy.orm.exc import NoResultFound, MultipleResultsFound
32 from webhelpers.pylonslib.secure_form import authentication_token
33 from webhelpers.pylonslib.secure_form import authentication_token
33 import datetime
34 import formencode
34 import formencode
35 import logging
35 import logging
36 import os
36 import os
@@ -93,11 +93,10 b' class ValidAuth(formencode.validators.Fa'
93 e_dict_disable = {'username':messages['disabled_account']}
93 e_dict_disable = {'username':messages['disabled_account']}
94
94
95 def validate_python(self, value, state):
95 def validate_python(self, value, state):
96 sa = meta.Session
97 password = value['password']
96 password = value['password']
98 username = value['username']
97 username = value['username']
99 try:
98 try:
100 user = sa.query(User).filter(User.username == username).one()
99 user = UserModel().get_user_by_name(username)
101 except (NoResultFound, MultipleResultsFound, OperationalError) as e:
100 except (NoResultFound, MultipleResultsFound, OperationalError) as e:
102 log.error(e)
101 log.error(e)
103 user = None
102 user = None
@@ -106,27 +105,8 b' class ValidAuth(formencode.validators.Fa'
106 error_dict=self.e_dict)
105 error_dict=self.e_dict)
107 if user:
106 if user:
108 if user.active:
107 if user.active:
109 if user.username == username and check_password(password, user.password):
108 if user.username == username and check_password(password,
110 from pylons_app.lib.auth import AuthUser
109 user.password):
111 auth_user = AuthUser()
112 auth_user.username = username
113 auth_user.is_authenticated = True
114 auth_user.is_admin = user.admin
115 auth_user.user_id = user.user_id
116 auth_user.name = user.name
117 auth_user.lastname = user.lastname
118 session['hg_app_user'] = auth_user
119 session.save()
120 log.info('user %s is now authenticated', username)
121
122 try:
123 user.last_login = datetime.datetime.now()
124 sa.add(user)
125 sa.commit()
126 except (OperationalError) as e:
127 log.error(e)
128 sa.rollback()
129
130 return value
110 return value
131 else:
111 else:
132 log.warning('user %s not authenticated', username)
112 log.warning('user %s not authenticated', username)
@@ -140,21 +120,19 b' class ValidAuth(formencode.validators.Fa'
140 value, state,
120 value, state,
141 error_dict=self.e_dict_disable)
121 error_dict=self.e_dict_disable)
142
122
143 meta.Session.remove()
144
145
146 class ValidRepoUser(formencode.validators.FancyValidator):
123 class ValidRepoUser(formencode.validators.FancyValidator):
147
124
148 def to_python(self, value, state):
125 def to_python(self, value, state):
149 sa = meta.Session
150 try:
126 try:
151 self.user_db = sa.query(User)\
127 self.user_db = meta.Session.query(User)\
152 .filter(User.active == True)\
128 .filter(User.active == True)\
153 .filter(User.username == value).one()
129 .filter(User.username == value).one()
154 except Exception:
130 except Exception:
155 raise formencode.Invalid(_('This username is not valid'),
131 raise formencode.Invalid(_('This username is not valid'),
156 value, state)
132 value, state)
133 finally:
157 meta.Session.remove()
134 meta.Session.remove()
135
158 return self.user_db.user_id
136 return self.user_db.user_id
159
137
160 def ValidRepoName(edit, old_data):
138 def ValidRepoName(edit, old_data):
@@ -43,6 +43,9 b' class UserModel(object):'
43 def get_user(self, id):
43 def get_user(self, id):
44 return self.sa.query(User).get(id)
44 return self.sa.query(User).get(id)
45
45
46 def get_user_by_name(self,name):
47 return self.sa.query(User).filter(User.username == name).scalar()
48
46 def create(self, form_data):
49 def create(self, form_data):
47 try:
50 try:
48 new_user = User()
51 new_user = User()
General Comments 0
You need to be logged in to leave comments. Login now