upstream/kallithea Files · pylons_app/lib/auth.py

removed login from admin, from now we're have to be globally logged in.

marcink - - Load All Authors

File last commit:

r96:f24b9a29 default


                r175:d69e19fc

default

Download file

             auth.py
        
                    83 lines
            
             | 3.0 KiB
            
                | text/x-python
            
             |
                PythonLexer
            
             / pylons_app / lib / auth.py
          
                    History
                
                 |
                  Annotation
                 | Raw
                 |Copy content
                 |Copy permalink

      import logging

      from datetime import datetime

      import crypt

      from pylons import session, url

      from pylons.controllers.util import abort, redirect

      from decorator import decorator

      from sqlalchemy.exc import OperationalError

      log = logging.getLogger(__name__)

      from pylons_app.model import meta

      from pylons_app.model.db import Users, UserLogs

      from sqlalchemy.orm.exc import NoResultFound, MultipleResultsFound

      def get_crypt_password(password):

          return crypt.crypt(password, '6a')

      def admin_auth(username, password):

          sa = meta.Session

          password_crypt = get_crypt_password(password)

          try:

              user = sa.query(Users).filter(Users.username == username).one()

          except (NoResultFound, MultipleResultsFound, OperationalError) as e:

              log.error(e)

              user = None

          if user:

              if user.active:

                  if user.username == username and user.password == password_crypt and user.admin:

                      log.info('user %s authenticated correctly', username)

                      return True

              else:

                  log.error('user %s is disabled', username)

          return False

      def authfunc(environ, username, password):

          sa = meta.Session

          password_crypt = get_crypt_password(password)

          try:

              user = sa.query(Users).filter(Users.username == username).one()

          except (NoResultFound, MultipleResultsFound, OperationalError) as e:

              log.error(e)

              user = None

          if user:

              if user.active:

                  if user.username == username and user.password == password_crypt:

                      log.info('user %s authenticated correctly', username)

                      if environ:

                          http_accept = environ.get('HTTP_ACCEPT')

                          if http_accept.startswith('application/mercurial') or \

                              environ['PATH_INFO'].find('raw-file') != -1:

                              repo = environ['PATH_INFO']

                              for qry in environ['QUERY_STRING'].split('&'):

                                  if qry.startswith('cmd'):

                                      try:

                                          user_log = UserLogs()

                                          user_log.user_id = user.user_id

                                          user_log.action = qry

                                          user_log.repository = repo

                                          user_log.action_date = datetime.now()

                                          sa.add(user_log)

                                          sa.commit()

                                          log.info('Adding user %s, action %s', username, qry)

                                      except Exception as e:

                                          sa.rollback()

                                          log.error(e)

                      return True

              else:

                  log.error('user %s is disabled', username)

          return False

      @decorator

      def authenticate(fn, *args, **kwargs):

          if not session.get('admin_user', False):

              redirect(url('admin_home'), 301)

          return fn(*args, **kwargs)

	Site-wide shortcuts
/	Use quick search box
g h	Goto home page
g g	Goto my private gists page
g G	Goto my public gists page
g 0-9	Goto bookmarked items from 0-9
n r	New repository page
n g	New gist page

	Repositories
g s	Goto summary page
g c	Goto changelog page
g f	Goto files page
g F	Goto files page with file search activated
g p	Goto pull requests page
g o	Goto repository settings
g O	Goto repository access permissions settings
t s	Toggle sidebar on some pages

				import logging
				from datetime import datetime
				import crypt
				from pylons import session, url
				from pylons.controllers.util import abort, redirect
				from decorator import decorator
				from sqlalchemy.exc import OperationalError
				log = logging.getLogger(__name__)
				from pylons_app.model import meta
				from pylons_app.model.db import Users, UserLogs
				from sqlalchemy.orm.exc import NoResultFound, MultipleResultsFound

				def get_crypt_password(password):
				return crypt.crypt(password, '6a')

				def admin_auth(username, password):
				sa = meta.Session
				password_crypt = get_crypt_password(password)

				try:
				user = sa.query(Users).filter(Users.username == username).one()
				except (NoResultFound, MultipleResultsFound, OperationalError) as e:
				log.error(e)
				user = None

				if user:
				if user.active:
				if user.username == username and user.password == password_crypt and user.admin:
				log.info('user %s authenticated correctly', username)
				return True
				else:
				log.error('user %s is disabled', username)

				return False

				def authfunc(environ, username, password):
				sa = meta.Session
				password_crypt = get_crypt_password(password)
				try:
				user = sa.query(Users).filter(Users.username == username).one()
				except (NoResultFound, MultipleResultsFound, OperationalError) as e:
				log.error(e)
				user = None

				if user:
				if user.active:
				if user.username == username and user.password == password_crypt:
				log.info('user %s authenticated correctly', username)
				if environ:
				http_accept = environ.get('HTTP_ACCEPT')

				if http_accept.startswith('application/mercurial') or \
				environ['PATH_INFO'].find('raw-file') != -1:
				repo = environ['PATH_INFO']
				for qry in environ['QUERY_STRING'].split('&'):
				if qry.startswith('cmd'):

				try:
				user_log = UserLogs()
				user_log.user_id = user.user_id
				user_log.action = qry
				user_log.repository = repo
				user_log.action_date = datetime.now()
				sa.add(user_log)
				sa.commit()
				log.info('Adding user %s, action %s', username, qry)
				except Exception as e:
				sa.rollback()
				log.error(e)

				return True
				else:
				log.error('user %s is disabled', username)

				return False


				@decorator
				def authenticate(fn, args, *kwargs):
				if not session.get('admin_user', False):
				redirect(url('admin_home'), 301)
				return fn(args, *kwargs)