Mercurial > hg > bitsyauth

annotate bitsyauth/__init__.py @ 56:d09682c9cd98 default tip

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
skimpyGimpy aint python3
author Jeff Hammel <k0scist@gmail.com>
date Tue, 03 Nov 2020 13:31:30 -0800
parents 8367a345ae41
children
Ignore whitespace changes - Everywhere: Within whitespace: At end of lines:
rev   line source
52
aabc968611bc STUB: bitsyauth/__init__.py
Jeff Hammel <k0scist@gmail.com>
parents: 45
diff changeset
1 """
aabc968611bc STUB: bitsyauth/__init__.py
Jeff Hammel <k0scist@gmail.com>
parents: 45
diff changeset
2 bitsyauth: wrapper module for paste auth
aabc968611bc STUB: bitsyauth/__init__.py
Jeff Hammel <k0scist@gmail.com>
parents: 45
diff changeset
3 """
aabc968611bc STUB: bitsyauth/__init__.py
Jeff Hammel <k0scist@gmail.com>
parents: 45
diff changeset
4
0
284621b3effd initial commit of bitsyauth, initially from bitsyblog
k0s <k0scist@gmail.com>
parents:
diff changeset
5 import markup
284621b3effd initial commit of bitsyauth, initially from bitsyblog
k0s <k0scist@gmail.com>
parents:
diff changeset
6 import random
284621b3effd initial commit of bitsyauth, initially from bitsyblog
k0s <k0scist@gmail.com>
parents:
diff changeset
7 import re
284621b3effd initial commit of bitsyauth, initially from bitsyblog
k0s <k0scist@gmail.com>
parents:
diff changeset
8 import sys
284621b3effd initial commit of bitsyauth, initially from bitsyblog
k0s <k0scist@gmail.com>
parents:
diff changeset
9
284621b3effd initial commit of bitsyauth, initially from bitsyblog
k0s <k0scist@gmail.com>
parents:
diff changeset
10 from markup.form import Form
284621b3effd initial commit of bitsyauth, initially from bitsyblog
k0s <k0scist@gmail.com>
parents:
diff changeset
11 from paste.auth import basic, cookie, digest, form, multi, auth_tkt
284621b3effd initial commit of bitsyauth, initially from bitsyblog
k0s <k0scist@gmail.com>
parents:
diff changeset
12 from webob import Request, Response, exc
284621b3effd initial commit of bitsyauth, initially from bitsyblog
k0s <k0scist@gmail.com>
parents:
diff changeset
13
284621b3effd initial commit of bitsyauth, initially from bitsyblog
k0s <k0scist@gmail.com>
parents:
diff changeset
14 try:
54
b39ab92955ef allow StringIO not just cStringIO
Jeff Hammel <k0scist@gmail.com>
parents: 53
diff changeset
15 from cStringIO import StringIO
b39ab92955ef allow StringIO not just cStringIO
Jeff Hammel <k0scist@gmail.com>
parents: 53
diff changeset
16 except ImportError:
55
Jeff Hammel <k0scist@gmail.com>
parents: 54
diff changeset
17 try:
Jeff Hammel <k0scist@gmail.com>
parents: 54
diff changeset
18 from StringIO import StringIO
Jeff Hammel <k0scist@gmail.com>
parents: 54
diff changeset
19 except ModuleNotFoundError:
Jeff Hammel <k0scist@gmail.com>
parents: 54
diff changeset
20 # python3
Jeff Hammel <k0scist@gmail.com>
parents: 54
diff changeset
21 from io import StringIO
54
b39ab92955ef allow StringIO not just cStringIO
Jeff Hammel <k0scist@gmail.com>
parents: 53
diff changeset
22
b39ab92955ef allow StringIO not just cStringIO
Jeff Hammel <k0scist@gmail.com>
parents: 53
diff changeset
23 try:
0
284621b3effd initial commit of bitsyauth, initially from bitsyblog
k0s <k0scist@gmail.com>
parents:
diff changeset
24 from skimpyGimpy import skimpyAPI
284621b3effd initial commit of bitsyauth, initially from bitsyblog
k0s <k0scist@gmail.com>
parents:
diff changeset
25 CAPTCHA = True
56
d09682c9cd98 skimpyGimpy aint python3
Jeff Hammel <k0scist@gmail.com>
parents: 55
diff changeset
26 except:
0
284621b3effd initial commit of bitsyauth, initially from bitsyblog
k0s <k0scist@gmail.com>
parents:
diff changeset
27 CAPTCHA = False
284621b3effd initial commit of bitsyauth, initially from bitsyblog
k0s <k0scist@gmail.com>
parents:
diff changeset
28
284621b3effd initial commit of bitsyauth, initially from bitsyblog
k0s <k0scist@gmail.com>
parents:
diff changeset
29 dictionary_file = '/usr/share/dict/american-english'
284621b3effd initial commit of bitsyauth, initially from bitsyblog
k0s <k0scist@gmail.com>
parents:
diff changeset
30
54
b39ab92955ef allow StringIO not just cStringIO
Jeff Hammel <k0scist@gmail.com>
parents: 53
diff changeset
31
0
284621b3effd initial commit of bitsyauth, initially from bitsyblog
k0s <k0scist@gmail.com>
parents:
diff changeset
32 def random_word():
284621b3effd initial commit of bitsyauth, initially from bitsyblog
k0s <k0scist@gmail.com>
parents:
diff changeset
33 """generate a random word for CAPTCHA auth"""
284621b3effd initial commit of bitsyauth, initially from bitsyblog
k0s <k0scist@gmail.com>
parents:
diff changeset
34 min_length = 5 # minimum word length
284621b3effd initial commit of bitsyauth, initially from bitsyblog
k0s <k0scist@gmail.com>
parents:
diff changeset
35 if not globals().has_key('dictionary'):
284621b3effd initial commit of bitsyauth, initially from bitsyblog
k0s <k0scist@gmail.com>
parents:
diff changeset
36 # read the dictionary -- this may be platform dependent
284621b3effd initial commit of bitsyauth, initially from bitsyblog
k0s <k0scist@gmail.com>
parents:
diff changeset
37 # XXX could use a backup dictionary
284621b3effd initial commit of bitsyauth, initially from bitsyblog
k0s <k0scist@gmail.com>
parents:
diff changeset
38 _dictionary = file(dictionary_file).readlines()
284621b3effd initial commit of bitsyauth, initially from bitsyblog
k0s <k0scist@gmail.com>
parents:
diff changeset
39 _dictionary = [ i.strip() for i in _dictionary ]
284621b3effd initial commit of bitsyauth, initially from bitsyblog
k0s <k0scist@gmail.com>
parents:
diff changeset
40 _dictionary = [ i.lower() for i in _dictionary
284621b3effd initial commit of bitsyauth, initially from bitsyblog
k0s <k0scist@gmail.com>
parents:
diff changeset
41 if i.isalpha() and i > min_length ]
284621b3effd initial commit of bitsyauth, initially from bitsyblog
k0s <k0scist@gmail.com>
parents:
diff changeset
42 globals()['dictionary'] = _dictionary
284621b3effd initial commit of bitsyauth, initially from bitsyblog
k0s <k0scist@gmail.com>
parents:
diff changeset
43 return random.Random().choice(dictionary)
284621b3effd initial commit of bitsyauth, initially from bitsyblog
k0s <k0scist@gmail.com>
parents:
diff changeset
44
52
aabc968611bc STUB: bitsyauth/__init__.py
Jeff Hammel <k0scist@gmail.com>
parents: 45
diff changeset
45
0
284621b3effd initial commit of bitsyauth, initially from bitsyblog
k0s <k0scist@gmail.com>
parents:
diff changeset
46 class BitsyAuthInnerWare(object):
284621b3effd initial commit of bitsyauth, initially from bitsyblog
k0s <k0scist@gmail.com>
parents:
diff changeset
47 """inner auth; does login checking"""
284621b3effd initial commit of bitsyauth, initially from bitsyblog
k0s <k0scist@gmail.com>
parents:
diff changeset
48
284621b3effd initial commit of bitsyauth, initially from bitsyblog
k0s <k0scist@gmail.com>
parents:
diff changeset
49 def __init__(self, app, passwords, newuser=None, site=None, realm=None):
44
158b469a10e9 whitespace
Jeff Hammel <jhammel@mozilla.com>
parents: 43
diff changeset
50 """
158b469a10e9 whitespace
Jeff Hammel <jhammel@mozilla.com>
parents: 43
diff changeset
51 a simple auth implementation: inner middleware
158b469a10e9 whitespace
Jeff Hammel <jhammel@mozilla.com>
parents: 43
diff changeset
52
0
284621b3effd initial commit of bitsyauth, initially from bitsyblog
k0s <k0scist@gmail.com>
parents:
diff changeset
53 * app: the WSGI app to be wrapped
284621b3effd initial commit of bitsyauth, initially from bitsyblog
k0s <k0scist@gmail.com>
parents:
diff changeset
54 * passwords: callable that return a dictionary of {'user': 'password'}
284621b3effd initial commit of bitsyauth, initially from bitsyblog
k0s <k0scist@gmail.com>
parents:
diff changeset
55 * newuser: callable to make a new user, taking name + pw
284621b3effd initial commit of bitsyauth, initially from bitsyblog
k0s <k0scist@gmail.com>
parents:
diff changeset
56 * site: name of the site
284621b3effd initial commit of bitsyauth, initially from bitsyblog
k0s <k0scist@gmail.com>
parents:
diff changeset
57 * realm: realm for HTTP digest authentication
284621b3effd initial commit of bitsyauth, initially from bitsyblog
k0s <k0scist@gmail.com>
parents:
diff changeset
58 """
284621b3effd initial commit of bitsyauth, initially from bitsyblog
k0s <k0scist@gmail.com>
parents:
diff changeset
59
284621b3effd initial commit of bitsyauth, initially from bitsyblog
k0s <k0scist@gmail.com>
parents:
diff changeset
60 self.app = app
284621b3effd initial commit of bitsyauth, initially from bitsyblog
k0s <k0scist@gmail.com>
parents:
diff changeset
61 self.passwords = passwords
284621b3effd initial commit of bitsyauth, initially from bitsyblog
k0s <k0scist@gmail.com>
parents:
diff changeset
62 self.site = site or ''
284621b3effd initial commit of bitsyauth, initially from bitsyblog
k0s <k0scist@gmail.com>
parents:
diff changeset
63 self.realm = realm or self.site
284621b3effd initial commit of bitsyauth, initially from bitsyblog
k0s <k0scist@gmail.com>
parents:
diff changeset
64 self.captcha = True
284621b3effd initial commit of bitsyauth, initially from bitsyblog
k0s <k0scist@gmail.com>
parents:
diff changeset
65 self.urls = { 'login': '/login', 'join': '/join', }
45
54a53bbe5be9 bitsyauth/__init__.py example/persona.html
Jeff Hammel <jhammel@mozilla.com>
parents: 44
diff changeset
66
54a53bbe5be9 bitsyauth/__init__.py example/persona.html
Jeff Hammel <jhammel@mozilla.com>
parents: 44
diff changeset
67 # CAPTCHAs
54a53bbe5be9 bitsyauth/__init__.py example/persona.html
Jeff Hammel <jhammel@mozilla.com>
parents: 44
diff changeset
68 # using skimpygimpy (for now)
0
284621b3effd initial commit of bitsyauth, initially from bitsyblog
k0s <k0scist@gmail.com>
parents:
diff changeset
69 self.keys = {} # keys, words for CAPTCHA request
284621b3effd initial commit of bitsyauth, initially from bitsyblog
k0s <k0scist@gmail.com>
parents:
diff changeset
70 self.content_type = { 'image_captcha': 'image/png',
284621b3effd initial commit of bitsyauth, initially from bitsyblog
k0s <k0scist@gmail.com>
parents:
diff changeset
71 'wav_captcha': 'audio/wav' }
284621b3effd initial commit of bitsyauth, initially from bitsyblog
k0s <k0scist@gmail.com>
parents:
diff changeset
72
45
54a53bbe5be9 bitsyauth/__init__.py example/persona.html
Jeff Hammel <jhammel@mozilla.com>
parents: 44
diff changeset
73 # new user creation
0
284621b3effd initial commit of bitsyauth, initially from bitsyblog
k0s <k0scist@gmail.com>
parents:
diff changeset
74 if newuser:
284621b3effd initial commit of bitsyauth, initially from bitsyblog
k0s <k0scist@gmail.com>
parents:
diff changeset
75 self.newuser = newuser
284621b3effd initial commit of bitsyauth, initially from bitsyblog
k0s <k0scist@gmail.com>
parents:
diff changeset
76 else:
284621b3effd initial commit of bitsyauth, initially from bitsyblog
k0s <k0scist@gmail.com>
parents:
diff changeset
77 self.urls.pop('join') # don't do joining
284621b3effd initial commit of bitsyauth, initially from bitsyblog
k0s <k0scist@gmail.com>
parents:
diff changeset
78
284621b3effd initial commit of bitsyauth, initially from bitsyblog
k0s <k0scist@gmail.com>
parents:
diff changeset
79 # WSGI app securely wrapped
284621b3effd initial commit of bitsyauth, initially from bitsyblog
k0s <k0scist@gmail.com>
parents:
diff changeset
80 self.wrapped_app = self.security_wrapper()
284621b3effd initial commit of bitsyauth, initially from bitsyblog
k0s <k0scist@gmail.com>
parents:
diff changeset
81
284621b3effd initial commit of bitsyauth, initially from bitsyblog
k0s <k0scist@gmail.com>
parents:
diff changeset
82 if not CAPTCHA:
284621b3effd initial commit of bitsyauth, initially from bitsyblog
k0s <k0scist@gmail.com>
parents:
diff changeset
83 self.captcha = False
21
74b8a8793414 whitespace cleanup
Jeff Hammel <jhammel@mozilla.com>
parents: 20
diff changeset
84
0
284621b3effd initial commit of bitsyauth, initially from bitsyblog
k0s <k0scist@gmail.com>
parents:
diff changeset
85 ### WSGI/HTTP layer
284621b3effd initial commit of bitsyauth, initially from bitsyblog
k0s <k0scist@gmail.com>
parents:
diff changeset
86
284621b3effd initial commit of bitsyauth, initially from bitsyblog
k0s <k0scist@gmail.com>
parents:
diff changeset
87 def __call__(self, environ, start_response):
284621b3effd initial commit of bitsyauth, initially from bitsyblog
k0s <k0scist@gmail.com>
parents:
diff changeset
88
8
c958eb9300da add bitsy factory for filter
egj@socialplanning.org
parents: 6
diff changeset
89 orig_environ = dict(environ)
c958eb9300da add bitsy factory for filter
egj@socialplanning.org
parents: 6
diff changeset
90
0
284621b3effd initial commit of bitsyauth, initially from bitsyblog
k0s <k0scist@gmail.com>
parents:
diff changeset
91 self.request = Request(environ)
284621b3effd initial commit of bitsyauth, initially from bitsyblog
k0s <k0scist@gmail.com>
parents:
diff changeset
92 self.request.path_info = self.request.path_info.rstrip('/')
20
9f4369b769d0 this *may* be more portable?
Jeff Hammel <jhammel@mozilla.com>
parents: 19
diff changeset
93
8
c958eb9300da add bitsy factory for filter
egj@socialplanning.org
parents: 6
diff changeset
94 self.redirect_to = '/' + self.request.script_name.lstrip('/')
0
284621b3effd initial commit of bitsyauth, initially from bitsyblog
k0s <k0scist@gmail.com>
parents:
diff changeset
95
284621b3effd initial commit of bitsyauth, initially from bitsyblog
k0s <k0scist@gmail.com>
parents:
diff changeset
96 # URLs intrinsic to BitsyAuth
284621b3effd initial commit of bitsyauth, initially from bitsyblog
k0s <k0scist@gmail.com>
parents:
diff changeset
97 if self.request.path_info == '/logout':
284621b3effd initial commit of bitsyauth, initially from bitsyblog
k0s <k0scist@gmail.com>
parents:
diff changeset
98 response = self.redirect()
284621b3effd initial commit of bitsyauth, initially from bitsyblog
k0s <k0scist@gmail.com>
parents:
diff changeset
99 return response(self.request.environ, start_response)
284621b3effd initial commit of bitsyauth, initially from bitsyblog
k0s <k0scist@gmail.com>
parents:
diff changeset
100
284621b3effd initial commit of bitsyauth, initially from bitsyblog
k0s <k0scist@gmail.com>
parents:
diff changeset
101 if self.request.path_info in self.url_lookup():
284621b3effd initial commit of bitsyauth, initially from bitsyblog
k0s <k0scist@gmail.com>
parents:
diff changeset
102 response = self.make_response()
53
d9e712cfd098 STUB: bitsyauth/__init__.py
Jeff Hammel <k0scist@gmail.com>
parents: 52
diff changeset
103 try:
d9e712cfd098 STUB: bitsyauth/__init__.py
Jeff Hammel <k0scist@gmail.com>
parents: 52
diff changeset
104 res = response(self.request.environ, start_response)
d9e712cfd098 STUB: bitsyauth/__init__.py
Jeff Hammel <k0scist@gmail.com>
parents: 52
diff changeset
105 return res
d9e712cfd098 STUB: bitsyauth/__init__.py
Jeff Hammel <k0scist@gmail.com>
parents: 52
diff changeset
106 except Exception as e:
d9e712cfd098 STUB: bitsyauth/__init__.py
Jeff Hammel <k0scist@gmail.com>
parents: 52
diff changeset
107 print (e)
d9e712cfd098 STUB: bitsyauth/__init__.py
Jeff Hammel <k0scist@gmail.com>
parents: 52
diff changeset
108 raise
0
284621b3effd initial commit of bitsyauth, initially from bitsyblog
k0s <k0scist@gmail.com>
parents:
diff changeset
109
284621b3effd initial commit of bitsyauth, initially from bitsyblog
k0s <k0scist@gmail.com>
parents:
diff changeset
110 # digest auth
20
9f4369b769d0 this *may* be more portable?
Jeff Hammel <jhammel@mozilla.com>
parents: 19
diff changeset
111 if 'Authorization' in self.request.headers.keys():
0
284621b3effd initial commit of bitsyauth, initially from bitsyblog
k0s <k0scist@gmail.com>
parents:
diff changeset
112 return self.wrapped_app(self.request.environ, start_response)
284621b3effd initial commit of bitsyauth, initially from bitsyblog
k0s <k0scist@gmail.com>
parents:
diff changeset
113
8
c958eb9300da add bitsy factory for filter
egj@socialplanning.org
parents: 6
diff changeset
114 response = Request(orig_environ).get_response(self.app)
c958eb9300da add bitsy factory for filter
egj@socialplanning.org
parents: 6
diff changeset
115
0
284621b3effd initial commit of bitsyauth, initially from bitsyblog
k0s <k0scist@gmail.com>
parents:
diff changeset
116 # respond to 401s
284621b3effd initial commit of bitsyauth, initially from bitsyblog
k0s <k0scist@gmail.com>
parents:
diff changeset
117 if response.status_int == 401: # Unauthorized
284621b3effd initial commit of bitsyauth, initially from bitsyblog
k0s <k0scist@gmail.com>
parents:
diff changeset
118 if self.request.environ.get('REMOTE_USER'):
284621b3effd initial commit of bitsyauth, initially from bitsyblog
k0s <k0scist@gmail.com>
parents:
diff changeset
119 return exc.HTTPForbidden()
284621b3effd initial commit of bitsyauth, initially from bitsyblog
k0s <k0scist@gmail.com>
parents:
diff changeset
120 else:
284621b3effd initial commit of bitsyauth, initially from bitsyblog
k0s <k0scist@gmail.com>
parents:
diff changeset
121 response = self.request.get_response(self.wrapped_app)
284621b3effd initial commit of bitsyauth, initially from bitsyblog
k0s <k0scist@gmail.com>
parents:
diff changeset
122
284621b3effd initial commit of bitsyauth, initially from bitsyblog
k0s <k0scist@gmail.com>
parents:
diff changeset
123 user = self.request.environ.get('REMOTE_USER')
284621b3effd initial commit of bitsyauth, initially from bitsyblog
k0s <k0scist@gmail.com>
parents:
diff changeset
124 if user:
284621b3effd initial commit of bitsyauth, initially from bitsyblog
k0s <k0scist@gmail.com>
parents:
diff changeset
125 self.request.environ['paste.auth_tkt.set_user'](user)
284621b3effd initial commit of bitsyauth, initially from bitsyblog
k0s <k0scist@gmail.com>
parents:
diff changeset
126
284621b3effd initial commit of bitsyauth, initially from bitsyblog
k0s <k0scist@gmail.com>
parents:
diff changeset
127 return response(self.request.environ, start_response)
284621b3effd initial commit of bitsyauth, initially from bitsyblog
k0s <k0scist@gmail.com>
parents:
diff changeset
128
284621b3effd initial commit of bitsyauth, initially from bitsyblog
k0s <k0scist@gmail.com>
parents:
diff changeset
129 ### authentication function
284621b3effd initial commit of bitsyauth, initially from bitsyblog
k0s <k0scist@gmail.com>
parents:
diff changeset
130
284621b3effd initial commit of bitsyauth, initially from bitsyblog
k0s <k0scist@gmail.com>
parents:
diff changeset
131 def digest_authfunc(self, environ, realm, user):
284621b3effd initial commit of bitsyauth, initially from bitsyblog
k0s <k0scist@gmail.com>
parents:
diff changeset
132 return self.passwords()[user] # passwords stored in m5 digest
284621b3effd initial commit of bitsyauth, initially from bitsyblog
k0s <k0scist@gmail.com>
parents:
diff changeset
133
284621b3effd initial commit of bitsyauth, initially from bitsyblog
k0s <k0scist@gmail.com>
parents:
diff changeset
134 def authfunc(self, environ, user, password):
284621b3effd initial commit of bitsyauth, initially from bitsyblog
k0s <k0scist@gmail.com>
parents:
diff changeset
135 return self.hash(user, password) == self.passwords()[user]
284621b3effd initial commit of bitsyauth, initially from bitsyblog
k0s <k0scist@gmail.com>
parents:
diff changeset
136
284621b3effd initial commit of bitsyauth, initially from bitsyblog
k0s <k0scist@gmail.com>
parents:
diff changeset
137 def hash(self, user, password):
284621b3effd initial commit of bitsyauth, initially from bitsyblog
k0s <k0scist@gmail.com>
parents:
diff changeset
138 # use md5 digest for now
284621b3effd initial commit of bitsyauth, initially from bitsyblog
k0s <k0scist@gmail.com>
parents:
diff changeset
139 return digest.digest_password(self.realm, user, password)
284621b3effd initial commit of bitsyauth, initially from bitsyblog
k0s <k0scist@gmail.com>
parents:
diff changeset
140
284621b3effd initial commit of bitsyauth, initially from bitsyblog
k0s <k0scist@gmail.com>
parents:
diff changeset
141 def security_wrapper(self):
284621b3effd initial commit of bitsyauth, initially from bitsyblog
k0s <k0scist@gmail.com>
parents:
diff changeset
142 """return the app securely wrapped"""
284621b3effd initial commit of bitsyauth, initially from bitsyblog
k0s <k0scist@gmail.com>
parents:
diff changeset
143
284621b3effd initial commit of bitsyauth, initially from bitsyblog
k0s <k0scist@gmail.com>
parents:
diff changeset
144 multi_auth = multi.MultiHandler(self.app)
284621b3effd initial commit of bitsyauth, initially from bitsyblog
k0s <k0scist@gmail.com>
parents:
diff changeset
145
284621b3effd initial commit of bitsyauth, initially from bitsyblog
k0s <k0scist@gmail.com>
parents:
diff changeset
146 # digest authentication
284621b3effd initial commit of bitsyauth, initially from bitsyblog
k0s <k0scist@gmail.com>
parents:
diff changeset
147 multi_auth.add_method('digest', digest.middleware,
284621b3effd initial commit of bitsyauth, initially from bitsyblog
k0s <k0scist@gmail.com>
parents:
diff changeset
148 self.realm, self.digest_authfunc)
284621b3effd initial commit of bitsyauth, initially from bitsyblog
k0s <k0scist@gmail.com>
parents:
diff changeset
149 multi_auth.set_query_argument('digest', key='auth')
284621b3effd initial commit of bitsyauth, initially from bitsyblog
k0s <k0scist@gmail.com>
parents:
diff changeset
150
284621b3effd initial commit of bitsyauth, initially from bitsyblog
k0s <k0scist@gmail.com>
parents:
diff changeset
151 # form authentication
6
40fa556252a7 fix playing nice with paste auth
k0s <k0scist@gmail.com>
parents: 5
diff changeset
152 template = self.login(wrap=True, action='%s')
0
284621b3effd initial commit of bitsyauth, initially from bitsyblog
k0s <k0scist@gmail.com>
parents:
diff changeset
153 multi_auth.add_method('form', form.middleware, self.authfunc,
284621b3effd initial commit of bitsyauth, initially from bitsyblog
k0s <k0scist@gmail.com>
parents:
diff changeset
154 template=template)
284621b3effd initial commit of bitsyauth, initially from bitsyblog
k0s <k0scist@gmail.com>
parents:
diff changeset
155 multi_auth.set_default('form')
284621b3effd initial commit of bitsyauth, initially from bitsyblog
k0s <k0scist@gmail.com>
parents:
diff changeset
156
284621b3effd initial commit of bitsyauth, initially from bitsyblog
k0s <k0scist@gmail.com>
parents:
diff changeset
157 return multi_auth
284621b3effd initial commit of bitsyauth, initially from bitsyblog
k0s <k0scist@gmail.com>
parents:
diff changeset
158
284621b3effd initial commit of bitsyauth, initially from bitsyblog
k0s <k0scist@gmail.com>
parents:
diff changeset
159 # might have to wrap cookie.middleware(BitsyAuth(multi(app))) ::shrug::
284621b3effd initial commit of bitsyauth, initially from bitsyblog
k0s <k0scist@gmail.com>
parents:
diff changeset
160 return cookie.middleware(multi_auth)
284621b3effd initial commit of bitsyauth, initially from bitsyblog
k0s <k0scist@gmail.com>
parents:
diff changeset
161
284621b3effd initial commit of bitsyauth, initially from bitsyblog
k0s <k0scist@gmail.com>
parents:
diff changeset
162 ### methods dealing with intrinsic URLs
284621b3effd initial commit of bitsyauth, initially from bitsyblog
k0s <k0scist@gmail.com>
parents:
diff changeset
163
284621b3effd initial commit of bitsyauth, initially from bitsyblog
k0s <k0scist@gmail.com>
parents:
diff changeset
164 def url_lookup(self):
284621b3effd initial commit of bitsyauth, initially from bitsyblog
k0s <k0scist@gmail.com>
parents:
diff changeset
165 retval = dict([ (value, key) for key, value
284621b3effd initial commit of bitsyauth, initially from bitsyblog
k0s <k0scist@gmail.com>
parents:
diff changeset
166 in self.urls.items() ])
284621b3effd initial commit of bitsyauth, initially from bitsyblog
k0s <k0scist@gmail.com>
parents:
diff changeset
167 if self.captcha:
284621b3effd initial commit of bitsyauth, initially from bitsyblog
k0s <k0scist@gmail.com>
parents:
diff changeset
168 retval.update(dict([(('/join/%s.png' % key), 'image_captcha')
284621b3effd initial commit of bitsyauth, initially from bitsyblog
k0s <k0scist@gmail.com>
parents:
diff changeset
169 for key in self.keys]))
284621b3effd initial commit of bitsyauth, initially from bitsyblog
k0s <k0scist@gmail.com>
parents:
diff changeset
170 return retval
21
74b8a8793414 whitespace cleanup
Jeff Hammel <jhammel@mozilla.com>
parents: 20
diff changeset
171
0
284621b3effd initial commit of bitsyauth, initially from bitsyblog
k0s <k0scist@gmail.com>
parents:
diff changeset
172 def get_response(self, text, content_type='text/html'):
284621b3effd initial commit of bitsyauth, initially from bitsyblog
k0s <k0scist@gmail.com>
parents:
diff changeset
173 res = Response(content_type=content_type, body=text)
284621b3effd initial commit of bitsyauth, initially from bitsyblog
k0s <k0scist@gmail.com>
parents:
diff changeset
174 res.content_length = len(res.body)
284621b3effd initial commit of bitsyauth, initially from bitsyblog
k0s <k0scist@gmail.com>
parents:
diff changeset
175 return res
284621b3effd initial commit of bitsyauth, initially from bitsyblog
k0s <k0scist@gmail.com>
parents:
diff changeset
176
284621b3effd initial commit of bitsyauth, initially from bitsyblog
k0s <k0scist@gmail.com>
parents:
diff changeset
177 def make_response(self):
284621b3effd initial commit of bitsyauth, initially from bitsyblog
k0s <k0scist@gmail.com>
parents:
diff changeset
178 url_lookup = self.url_lookup()
284621b3effd initial commit of bitsyauth, initially from bitsyblog
k0s <k0scist@gmail.com>
parents:
diff changeset
179 path = self.request.path_info
284621b3effd initial commit of bitsyauth, initially from bitsyblog
k0s <k0scist@gmail.com>
parents:
diff changeset
180 assert path in url_lookup
284621b3effd initial commit of bitsyauth, initially from bitsyblog
k0s <k0scist@gmail.com>
parents:
diff changeset
181
284621b3effd initial commit of bitsyauth, initially from bitsyblog
k0s <k0scist@gmail.com>
parents:
diff changeset
182 # login and join shouldn't be accessible when logged in
284621b3effd initial commit of bitsyauth, initially from bitsyblog
k0s <k0scist@gmail.com>
parents:
diff changeset
183 if self.request.environ.get('REMOTE_USER'):
284621b3effd initial commit of bitsyauth, initially from bitsyblog
k0s <k0scist@gmail.com>
parents:
diff changeset
184 return self.redirect("You are already logged in")
284621b3effd initial commit of bitsyauth, initially from bitsyblog
k0s <k0scist@gmail.com>
parents:
diff changeset
185
284621b3effd initial commit of bitsyauth, initially from bitsyblog
k0s <k0scist@gmail.com>
parents:
diff changeset
186 handler = url_lookup[path]
284621b3effd initial commit of bitsyauth, initially from bitsyblog
k0s <k0scist@gmail.com>
parents:
diff changeset
187 function = getattr(self, handler)
284621b3effd initial commit of bitsyauth, initially from bitsyblog
k0s <k0scist@gmail.com>
parents:
diff changeset
188
284621b3effd initial commit of bitsyauth, initially from bitsyblog
k0s <k0scist@gmail.com>
parents:
diff changeset
189 if self.request.method == 'GET':
21
74b8a8793414 whitespace cleanup
Jeff Hammel <jhammel@mozilla.com>
parents: 20
diff changeset
190 # XXX could/should do this with decorators
0
284621b3effd initial commit of bitsyauth, initially from bitsyblog
k0s <k0scist@gmail.com>
parents:
diff changeset
191 return self.get_response(function(wrap=True),
284621b3effd initial commit of bitsyauth, initially from bitsyblog
k0s <k0scist@gmail.com>
parents:
diff changeset
192 content_type=self.content_type.get(handler,'text/html'))
284621b3effd initial commit of bitsyauth, initially from bitsyblog
k0s <k0scist@gmail.com>
parents:
diff changeset
193 if self.request.method == 'POST':
284621b3effd initial commit of bitsyauth, initially from bitsyblog
k0s <k0scist@gmail.com>
parents:
diff changeset
194 post_func = getattr(self, handler + "_post")
284621b3effd initial commit of bitsyauth, initially from bitsyblog
k0s <k0scist@gmail.com>
parents:
diff changeset
195 errors = post_func()
284621b3effd initial commit of bitsyauth, initially from bitsyblog
k0s <k0scist@gmail.com>
parents:
diff changeset
196 if errors:
284621b3effd initial commit of bitsyauth, initially from bitsyblog
k0s <k0scist@gmail.com>
parents:
diff changeset
197 return self.get_response(function(errors=errors, wrap=True))
284621b3effd initial commit of bitsyauth, initially from bitsyblog
k0s <k0scist@gmail.com>
parents:
diff changeset
198 else:
5
2693b81f5960 fix redirection behaviour (though ultimately the whole class should be refactored not to store request on it)
k0s <k0scist@gmail.com>
parents: 4
diff changeset
199 location = self.request.POST.get('referer')
2693b81f5960 fix redirection behaviour (though ultimately the whole class should be refactored not to store request on it)
k0s <k0scist@gmail.com>
parents: 4
diff changeset
200 return self.redirect("Welcome!", location=location)
0
284621b3effd initial commit of bitsyauth, initially from bitsyblog
k0s <k0scist@gmail.com>
parents:
diff changeset
201
5
2693b81f5960 fix redirection behaviour (though ultimately the whole class should be refactored not to store request on it)
k0s <k0scist@gmail.com>
parents: 4
diff changeset
202 def redirect(self, message='', location=None):
0
284621b3effd initial commit of bitsyauth, initially from bitsyblog
k0s <k0scist@gmail.com>
parents:
diff changeset
203 """redirect from instrinsic urls"""
5
2693b81f5960 fix redirection behaviour (though ultimately the whole class should be refactored not to store request on it)
k0s <k0scist@gmail.com>
parents: 4
diff changeset
204 return exc.HTTPSeeOther(message, location=location or self.redirect_to)
0
284621b3effd initial commit of bitsyauth, initially from bitsyblog
k0s <k0scist@gmail.com>
parents:
diff changeset
205
284621b3effd initial commit of bitsyauth, initially from bitsyblog
k0s <k0scist@gmail.com>
parents:
diff changeset
206 def image_captcha(self, wrap=True):
284621b3effd initial commit of bitsyauth, initially from bitsyblog
k0s <k0scist@gmail.com>
parents:
diff changeset
207 """return data for the image"""
284621b3effd initial commit of bitsyauth, initially from bitsyblog
k0s <k0scist@gmail.com>
parents:
diff changeset
208 key = self.request.path_info.split('/join/')[-1]
284621b3effd initial commit of bitsyauth, initially from bitsyblog
k0s <k0scist@gmail.com>
parents:
diff changeset
209 key = int(key.split('.png')[0])
284621b3effd initial commit of bitsyauth, initially from bitsyblog
k0s <k0scist@gmail.com>
parents:
diff changeset
210 return skimpyAPI.Png(self.keys[key], scale=3.0).data()
21
74b8a8793414 whitespace cleanup
Jeff Hammel <jhammel@mozilla.com>
parents: 20
diff changeset
211
0
284621b3effd initial commit of bitsyauth, initially from bitsyblog
k0s <k0scist@gmail.com>
parents:
diff changeset
212 ### forms and their display methods
284621b3effd initial commit of bitsyauth, initially from bitsyblog
k0s <k0scist@gmail.com>
parents:
diff changeset
213
284621b3effd initial commit of bitsyauth, initially from bitsyblog
k0s <k0scist@gmail.com>
parents:
diff changeset
214 ### login
284621b3effd initial commit of bitsyauth, initially from bitsyblog
k0s <k0scist@gmail.com>
parents:
diff changeset
215
284621b3effd initial commit of bitsyauth, initially from bitsyblog
k0s <k0scist@gmail.com>
parents:
diff changeset
216 def login_form(self, referer=None, action=None):
6
40fa556252a7 fix playing nice with paste auth
k0s <k0scist@gmail.com>
parents: 5
diff changeset
217 form = Form(action=action or '', submit='Login')
0
284621b3effd initial commit of bitsyauth, initially from bitsyblog
k0s <k0scist@gmail.com>
parents:
diff changeset
218 form.add_element('textfield', 'Name', input_name='username')
284621b3effd initial commit of bitsyauth, initially from bitsyblog
k0s <k0scist@gmail.com>
parents:
diff changeset
219 form.add_element('password', 'Password', input_name='password')
5
2693b81f5960 fix redirection behaviour (though ultimately the whole class should be refactored not to store request on it)
k0s <k0scist@gmail.com>
parents: 4
diff changeset
220 if referer:
0
284621b3effd initial commit of bitsyauth, initially from bitsyblog
k0s <k0scist@gmail.com>
parents:
diff changeset
221 form.add_element('hidden', 'referer', value=referer)
284621b3effd initial commit of bitsyauth, initially from bitsyblog
k0s <k0scist@gmail.com>
parents:
diff changeset
222 return form
284621b3effd initial commit of bitsyauth, initially from bitsyblog
k0s <k0scist@gmail.com>
parents:
diff changeset
223
284621b3effd initial commit of bitsyauth, initially from bitsyblog
k0s <k0scist@gmail.com>
parents:
diff changeset
224 def login(self, errors=None, wrap=False, action=None):
284621b3effd initial commit of bitsyauth, initially from bitsyblog
k0s <k0scist@gmail.com>
parents:
diff changeset
225 """login div"""
5
2693b81f5960 fix redirection behaviour (though ultimately the whole class should be refactored not to store request on it)
k0s <k0scist@gmail.com>
parents: 4
diff changeset
226 referer = None
2693b81f5960 fix redirection behaviour (though ultimately the whole class should be refactored not to store request on it)
k0s <k0scist@gmail.com>
parents: 4
diff changeset
227 if hasattr(self, 'request'):
2693b81f5960 fix redirection behaviour (though ultimately the whole class should be refactored not to store request on it)
k0s <k0scist@gmail.com>
parents: 4
diff changeset
228 referer = self.request.referer
2693b81f5960 fix redirection behaviour (though ultimately the whole class should be refactored not to store request on it)
k0s <k0scist@gmail.com>
parents: 4
diff changeset
229 form = self.login_form(action=action, referer=referer)
0
284621b3effd initial commit of bitsyauth, initially from bitsyblog
k0s <k0scist@gmail.com>
parents:
diff changeset
230 join = self.urls.get('join')
284621b3effd initial commit of bitsyauth, initially from bitsyblog
k0s <k0scist@gmail.com>
parents:
diff changeset
231 retval = form(errors)
21
74b8a8793414 whitespace cleanup
Jeff Hammel <jhammel@mozilla.com>
parents: 20
diff changeset
232 if join:
0
284621b3effd initial commit of bitsyauth, initially from bitsyblog
k0s <k0scist@gmail.com>
parents:
diff changeset
233 retval += '<br/>\n' + markup.a('join', href="%s" % join)
284621b3effd initial commit of bitsyauth, initially from bitsyblog
k0s <k0scist@gmail.com>
parents:
diff changeset
234 retval = markup.div(retval)
284621b3effd initial commit of bitsyauth, initially from bitsyblog
k0s <k0scist@gmail.com>
parents:
diff changeset
235 if wrap:
284621b3effd initial commit of bitsyauth, initially from bitsyblog
k0s <k0scist@gmail.com>
parents:
diff changeset
236 title = 'login'
284621b3effd initial commit of bitsyauth, initially from bitsyblog
k0s <k0scist@gmail.com>
parents:
diff changeset
237 if self.site:
284621b3effd initial commit of bitsyauth, initially from bitsyblog
k0s <k0scist@gmail.com>
parents:
diff changeset
238 pagetitle = '%s - %s' % (title, self.site)
284621b3effd initial commit of bitsyauth, initially from bitsyblog
k0s <k0scist@gmail.com>
parents:
diff changeset
239 retval = markup.wrap(markup.h1(title.title()) + retval,
284621b3effd initial commit of bitsyauth, initially from bitsyblog
k0s <k0scist@gmail.com>
parents:
diff changeset
240 pagetitle=pagetitle)
284621b3effd initial commit of bitsyauth, initially from bitsyblog
k0s <k0scist@gmail.com>
parents:
diff changeset
241
284621b3effd initial commit of bitsyauth, initially from bitsyblog
k0s <k0scist@gmail.com>
parents:
diff changeset
242 return retval
284621b3effd initial commit of bitsyauth, initially from bitsyblog
k0s <k0scist@gmail.com>
parents:
diff changeset
243
284621b3effd initial commit of bitsyauth, initially from bitsyblog
k0s <k0scist@gmail.com>
parents:
diff changeset
244 def login_post(self):
284621b3effd initial commit of bitsyauth, initially from bitsyblog
k0s <k0scist@gmail.com>
parents:
diff changeset
245 """handle a login POST request"""
284621b3effd initial commit of bitsyauth, initially from bitsyblog
k0s <k0scist@gmail.com>
parents:
diff changeset
246 user = self.request.POST.get('username')
284621b3effd initial commit of bitsyauth, initially from bitsyblog
k0s <k0scist@gmail.com>
parents:
diff changeset
247 password = self.request.POST.get('password')
284621b3effd initial commit of bitsyauth, initially from bitsyblog
k0s <k0scist@gmail.com>
parents:
diff changeset
248 passwords = self.passwords()
284621b3effd initial commit of bitsyauth, initially from bitsyblog
k0s <k0scist@gmail.com>
parents:
diff changeset
249 error = False
284621b3effd initial commit of bitsyauth, initially from bitsyblog
k0s <k0scist@gmail.com>
parents:
diff changeset
250 if user not in passwords:
284621b3effd initial commit of bitsyauth, initially from bitsyblog
k0s <k0scist@gmail.com>
parents:
diff changeset
251 error = True
284621b3effd initial commit of bitsyauth, initially from bitsyblog
k0s <k0scist@gmail.com>
parents:
diff changeset
252 else:
284621b3effd initial commit of bitsyauth, initially from bitsyblog
k0s <k0scist@gmail.com>
parents:
diff changeset
253 error = not self.authfunc(self.request.environ, user, password)
284621b3effd initial commit of bitsyauth, initially from bitsyblog
k0s <k0scist@gmail.com>
parents:
diff changeset
254 if error:
284621b3effd initial commit of bitsyauth, initially from bitsyblog
k0s <k0scist@gmail.com>
parents:
diff changeset
255 return { 'Name': 'Wrong username or password' }
284621b3effd initial commit of bitsyauth, initially from bitsyblog
k0s <k0scist@gmail.com>
parents:
diff changeset
256 self.request.environ['REMOTE_USER'] = user
284621b3effd initial commit of bitsyauth, initially from bitsyblog
k0s <k0scist@gmail.com>
parents:
diff changeset
257 self.request.environ['paste.auth_tkt.set_user'](user)
284621b3effd initial commit of bitsyauth, initially from bitsyblog
k0s <k0scist@gmail.com>
parents:
diff changeset
258
52
aabc968611bc STUB: bitsyauth/__init__.py
Jeff Hammel <k0scist@gmail.com>
parents: 45
diff changeset
259
0
284621b3effd initial commit of bitsyauth, initially from bitsyblog
k0s <k0scist@gmail.com>
parents:
diff changeset
260 ### join
284621b3effd initial commit of bitsyauth, initially from bitsyblog
k0s <k0scist@gmail.com>
parents:
diff changeset
261
284621b3effd initial commit of bitsyauth, initially from bitsyblog
k0s <k0scist@gmail.com>
parents:
diff changeset
262 def captcha_pre(self, word, key):
284621b3effd initial commit of bitsyauth, initially from bitsyblog
k0s <k0scist@gmail.com>
parents:
diff changeset
263 """CAPTCHA with pre-formatted text"""
284621b3effd initial commit of bitsyauth, initially from bitsyblog
k0s <k0scist@gmail.com>
parents:
diff changeset
264 return skimpyAPI.Pre(word, scale=1.2).data()
284621b3effd initial commit of bitsyauth, initially from bitsyblog
k0s <k0scist@gmail.com>
parents:
diff changeset
265
284621b3effd initial commit of bitsyauth, initially from bitsyblog
k0s <k0scist@gmail.com>
parents:
diff changeset
266 def captcha_png(self, word, key):
284621b3effd initial commit of bitsyauth, initially from bitsyblog
k0s <k0scist@gmail.com>
parents:
diff changeset
267 """CAPTCHA with a PNG image"""
284621b3effd initial commit of bitsyauth, initially from bitsyblog
k0s <k0scist@gmail.com>
parents:
diff changeset
268 return markup.image('/join/%s.png' % key)
284621b3effd initial commit of bitsyauth, initially from bitsyblog
k0s <k0scist@gmail.com>
parents:
diff changeset
269
284621b3effd initial commit of bitsyauth, initially from bitsyblog
k0s <k0scist@gmail.com>
parents:
diff changeset
270 def join_form(self):
284621b3effd initial commit of bitsyauth, initially from bitsyblog
k0s <k0scist@gmail.com>
parents:
diff changeset
271 captcha = ''
284621b3effd initial commit of bitsyauth, initially from bitsyblog
k0s <k0scist@gmail.com>
parents:
diff changeset
272 if self.captcha:
284621b3effd initial commit of bitsyauth, initially from bitsyblog
k0s <k0scist@gmail.com>
parents:
diff changeset
273 # data for CAPTCHA
284621b3effd initial commit of bitsyauth, initially from bitsyblog
k0s <k0scist@gmail.com>
parents:
diff changeset
274 key = random.Random().randint(0, sys.maxint)
284621b3effd initial commit of bitsyauth, initially from bitsyblog
k0s <k0scist@gmail.com>
parents:
diff changeset
275 word = random_word()
284621b3effd initial commit of bitsyauth, initially from bitsyblog
k0s <k0scist@gmail.com>
parents:
diff changeset
276
284621b3effd initial commit of bitsyauth, initially from bitsyblog
k0s <k0scist@gmail.com>
parents:
diff changeset
277 self.keys[key] = word
284621b3effd initial commit of bitsyauth, initially from bitsyblog
k0s <k0scist@gmail.com>
parents:
diff changeset
278
284621b3effd initial commit of bitsyauth, initially from bitsyblog
k0s <k0scist@gmail.com>
parents:
diff changeset
279 captcha = StringIO()
284621b3effd initial commit of bitsyauth, initially from bitsyblog
k0s <k0scist@gmail.com>
parents:
diff changeset
280
284621b3effd initial commit of bitsyauth, initially from bitsyblog
k0s <k0scist@gmail.com>
parents:
diff changeset
281 captcha_text = "Please type the word below so I know you're not a computer:"
284621b3effd initial commit of bitsyauth, initially from bitsyblog
k0s <k0scist@gmail.com>
parents:
diff changeset
282 captcha_help = "(please %s if the page is unreadable)" % markup.link('/join?captcha=image', 'go here')
284621b3effd initial commit of bitsyauth, initially from bitsyblog
k0s <k0scist@gmail.com>
parents:
diff changeset
283
19
aac4a4ea70a7 whitespace
Jeff Hammel <jhammel@mozilla.com>
parents: 18
diff changeset
284 print >> captcha, markup.p('%s<br/> %s' % (captcha_text,
0
284621b3effd initial commit of bitsyauth, initially from bitsyblog
k0s <k0scist@gmail.com>
parents:
diff changeset
285 markup.i(captcha_help)))
284621b3effd initial commit of bitsyauth, initially from bitsyblog
k0s <k0scist@gmail.com>
parents:
diff changeset
286
284621b3effd initial commit of bitsyauth, initially from bitsyblog
k0s <k0scist@gmail.com>
parents:
diff changeset
287 # determine type of CAPTCHA
284621b3effd initial commit of bitsyauth, initially from bitsyblog
k0s <k0scist@gmail.com>
parents:
diff changeset
288 captchas = ' '.join(self.request.GET.getall('captcha'))
284621b3effd initial commit of bitsyauth, initially from bitsyblog
k0s <k0scist@gmail.com>
parents:
diff changeset
289 if not captchas:
284621b3effd initial commit of bitsyauth, initially from bitsyblog
k0s <k0scist@gmail.com>
parents:
diff changeset
290 captchas = 'pre'
19
aac4a4ea70a7 whitespace
Jeff Hammel <jhammel@mozilla.com>
parents: 18
diff changeset
291
0
284621b3effd initial commit of bitsyauth, initially from bitsyblog
k0s <k0scist@gmail.com>
parents:
diff changeset
292 captcha_funcs=dict(pre=self.captcha_pre,
284621b3effd initial commit of bitsyauth, initially from bitsyblog
k0s <k0scist@gmail.com>
parents:
diff changeset
293 image=self.captcha_png,)
284621b3effd initial commit of bitsyauth, initially from bitsyblog
k0s <k0scist@gmail.com>
parents:
diff changeset
294 captchas = [ captcha_funcs[i](word, key) for i in captchas.split()
284621b3effd initial commit of bitsyauth, initially from bitsyblog
k0s <k0scist@gmail.com>
parents:
diff changeset
295 if i in captcha_funcs ]
284621b3effd initial commit of bitsyauth, initially from bitsyblog
k0s <k0scist@gmail.com>
parents:
diff changeset
296 captchas = '\n'.join([markup.p(i) for i in captchas])
284621b3effd initial commit of bitsyauth, initially from bitsyblog
k0s <k0scist@gmail.com>
parents:
diff changeset
297 print >> captcha, captchas
284621b3effd initial commit of bitsyauth, initially from bitsyblog
k0s <k0scist@gmail.com>
parents:
diff changeset
298 print >> captcha, markup.p(markup.input(None, **dict(name='captcha', type='text')))
19
aac4a4ea70a7 whitespace
Jeff Hammel <jhammel@mozilla.com>
parents: 18
diff changeset
299
0
284621b3effd initial commit of bitsyauth, initially from bitsyblog
k0s <k0scist@gmail.com>
parents:
diff changeset
300 captcha = captcha.getvalue()
284621b3effd initial commit of bitsyauth, initially from bitsyblog
k0s <k0scist@gmail.com>
parents:
diff changeset
301
284621b3effd initial commit of bitsyauth, initially from bitsyblog
k0s <k0scist@gmail.com>
parents:
diff changeset
302 form = Form(action=self.urls['join'], submit='Join', post_html=captcha)
284621b3effd initial commit of bitsyauth, initially from bitsyblog
k0s <k0scist@gmail.com>
parents:
diff changeset
303 form.add_element('textfield', 'Name')
284621b3effd initial commit of bitsyauth, initially from bitsyblog
k0s <k0scist@gmail.com>
parents:
diff changeset
304 form.add_password_confirmation()
284621b3effd initial commit of bitsyauth, initially from bitsyblog
k0s <k0scist@gmail.com>
parents:
diff changeset
305 form.add_element('hidden', 'key', value=str(key))
284621b3effd initial commit of bitsyauth, initially from bitsyblog
k0s <k0scist@gmail.com>
parents:
diff changeset
306 return form
284621b3effd initial commit of bitsyauth, initially from bitsyblog
k0s <k0scist@gmail.com>
parents:
diff changeset
307
284621b3effd initial commit of bitsyauth, initially from bitsyblog
k0s <k0scist@gmail.com>
parents:
diff changeset
308 def join(self, errors=None, wrap=False):
284621b3effd initial commit of bitsyauth, initially from bitsyblog
k0s <k0scist@gmail.com>
parents:
diff changeset
309 """join div or page if wrap"""
284621b3effd initial commit of bitsyauth, initially from bitsyblog
k0s <k0scist@gmail.com>
parents:
diff changeset
310 form = self.join_form()
284621b3effd initial commit of bitsyauth, initially from bitsyblog
k0s <k0scist@gmail.com>
parents:
diff changeset
311 retval = markup.div(form(errors))
284621b3effd initial commit of bitsyauth, initially from bitsyblog
k0s <k0scist@gmail.com>
parents:
diff changeset
312 if wrap:
284621b3effd initial commit of bitsyauth, initially from bitsyblog
k0s <k0scist@gmail.com>
parents:
diff changeset
313 pagetitle = title = 'join'
284621b3effd initial commit of bitsyauth, initially from bitsyblog
k0s <k0scist@gmail.com>
parents:
diff changeset
314 if self.site:
284621b3effd initial commit of bitsyauth, initially from bitsyblog
k0s <k0scist@gmail.com>
parents:
diff changeset
315 pagetitle = '%s - %s' % (title, self.site)
284621b3effd initial commit of bitsyauth, initially from bitsyblog
k0s <k0scist@gmail.com>
parents:
diff changeset
316 if self.captcha:
284621b3effd initial commit of bitsyauth, initially from bitsyblog
k0s <k0scist@gmail.com>
parents:
diff changeset
317 errors = errors or {}
284621b3effd initial commit of bitsyauth, initially from bitsyblog
k0s <k0scist@gmail.com>
parents:
diff changeset
318 captcha_err = errors.get('CAPTCHA', '')
284621b3effd initial commit of bitsyauth, initially from bitsyblog
k0s <k0scist@gmail.com>
parents:
diff changeset
319 if captcha_err:
284621b3effd initial commit of bitsyauth, initially from bitsyblog
k0s <k0scist@gmail.com>
parents:
diff changeset
320 captcha_err = markup.p(markup.em(captcha_err),
284621b3effd initial commit of bitsyauth, initially from bitsyblog
k0s <k0scist@gmail.com>
parents:
diff changeset
321 **{'class': 'error'})
284621b3effd initial commit of bitsyauth, initially from bitsyblog
k0s <k0scist@gmail.com>
parents:
diff changeset
322 retval = markup.wrap(markup.h1(title.title()) + captcha_err + retval,
284621b3effd initial commit of bitsyauth, initially from bitsyblog
k0s <k0scist@gmail.com>
parents:
diff changeset
323 pagetitle=pagetitle)
284621b3effd initial commit of bitsyauth, initially from bitsyblog
k0s <k0scist@gmail.com>
parents:
diff changeset
324 return retval
284621b3effd initial commit of bitsyauth, initially from bitsyblog
k0s <k0scist@gmail.com>
parents:
diff changeset
325
284621b3effd initial commit of bitsyauth, initially from bitsyblog
k0s <k0scist@gmail.com>
parents:
diff changeset
326 def join_post(self):
284621b3effd initial commit of bitsyauth, initially from bitsyblog
k0s <k0scist@gmail.com>
parents:
diff changeset
327 """handle a join POST request"""
284621b3effd initial commit of bitsyauth, initially from bitsyblog
k0s <k0scist@gmail.com>
parents:
diff changeset
328 form = self.join_form()
284621b3effd initial commit of bitsyauth, initially from bitsyblog
k0s <k0scist@gmail.com>
parents:
diff changeset
329 errors = form.validate(self.request.POST)
284621b3effd initial commit of bitsyauth, initially from bitsyblog
k0s <k0scist@gmail.com>
parents:
diff changeset
330
284621b3effd initial commit of bitsyauth, initially from bitsyblog
k0s <k0scist@gmail.com>
parents:
diff changeset
331 # validate captcha
284621b3effd initial commit of bitsyauth, initially from bitsyblog
k0s <k0scist@gmail.com>
parents:
diff changeset
332 if CAPTCHA:
284621b3effd initial commit of bitsyauth, initially from bitsyblog
k0s <k0scist@gmail.com>
parents:
diff changeset
333 key = self.request.POST.get('key')
284621b3effd initial commit of bitsyauth, initially from bitsyblog
k0s <k0scist@gmail.com>
parents:
diff changeset
334 try:
284621b3effd initial commit of bitsyauth, initially from bitsyblog
k0s <k0scist@gmail.com>
parents:
diff changeset
335 key = int(key)
284621b3effd initial commit of bitsyauth, initially from bitsyblog
k0s <k0scist@gmail.com>
parents:
diff changeset
336 except ValueError:
284621b3effd initial commit of bitsyauth, initially from bitsyblog
k0s <k0scist@gmail.com>
parents:
diff changeset
337 key = None
284621b3effd initial commit of bitsyauth, initially from bitsyblog
k0s <k0scist@gmail.com>
parents:
diff changeset
338 if not key:
284621b3effd initial commit of bitsyauth, initially from bitsyblog
k0s <k0scist@gmail.com>
parents:
diff changeset
339 errors['CAPTCHA'] = 'Please type the funky looking word'
284621b3effd initial commit of bitsyauth, initially from bitsyblog
k0s <k0scist@gmail.com>
parents:
diff changeset
340 word = self.keys.pop(key, None)
284621b3effd initial commit of bitsyauth, initially from bitsyblog
k0s <k0scist@gmail.com>
parents:
diff changeset
341 if not word:
284621b3effd initial commit of bitsyauth, initially from bitsyblog
k0s <k0scist@gmail.com>
parents:
diff changeset
342 errors['CAPTCHA'] = 'Please type the funky looking word'
284621b3effd initial commit of bitsyauth, initially from bitsyblog
k0s <k0scist@gmail.com>
parents:
diff changeset
343 if word != self.request.POST.get('captcha','').lower():
284621b3effd initial commit of bitsyauth, initially from bitsyblog
k0s <k0scist@gmail.com>
parents:
diff changeset
344 errors['CAPTCHA'] = 'Sorry, you typed the wrong word'
19
aac4a4ea70a7 whitespace
Jeff Hammel <jhammel@mozilla.com>
parents: 18
diff changeset
345
0
284621b3effd initial commit of bitsyauth, initially from bitsyblog
k0s <k0scist@gmail.com>
parents:
diff changeset
346 name = self.request.POST.get('Name', '')
284621b3effd initial commit of bitsyauth, initially from bitsyblog
k0s <k0scist@gmail.com>
parents:
diff changeset
347 if not name:
284621b3effd initial commit of bitsyauth, initially from bitsyblog
k0s <k0scist@gmail.com>
parents:
diff changeset
348 if not errors.has_key('Name'):
284621b3effd initial commit of bitsyauth, initially from bitsyblog
k0s <k0scist@gmail.com>
parents:
diff changeset
349 errors['Name'] = []
284621b3effd initial commit of bitsyauth, initially from bitsyblog
k0s <k0scist@gmail.com>
parents:
diff changeset
350 errors['Name'].append('Please enter a user name')
284621b3effd initial commit of bitsyauth, initially from bitsyblog
k0s <k0scist@gmail.com>
parents:
diff changeset
351 if name in self.passwords():
284621b3effd initial commit of bitsyauth, initially from bitsyblog
k0s <k0scist@gmail.com>
parents:
diff changeset
352 if not errors.has_key('Name'):
284621b3effd initial commit of bitsyauth, initially from bitsyblog
k0s <k0scist@gmail.com>
parents:
diff changeset
353 errors['Name'] = []
284621b3effd initial commit of bitsyauth, initially from bitsyblog
k0s <k0scist@gmail.com>
parents:
diff changeset
354 errors['Name'].append('The name %s is already taken' % name)
284621b3effd initial commit of bitsyauth, initially from bitsyblog
k0s <k0scist@gmail.com>
parents:
diff changeset
355
284621b3effd initial commit of bitsyauth, initially from bitsyblog
k0s <k0scist@gmail.com>
parents:
diff changeset
356 if not errors: # create a new user
284621b3effd initial commit of bitsyauth, initially from bitsyblog
k0s <k0scist@gmail.com>
parents:
diff changeset
357 self.newuser(name,
284621b3effd initial commit of bitsyauth, initially from bitsyblog
k0s <k0scist@gmail.com>
parents:
diff changeset
358 self.hash(name, self.request.POST['Password']))
284621b3effd initial commit of bitsyauth, initially from bitsyblog
k0s <k0scist@gmail.com>
parents:
diff changeset
359 self.request.environ['REMOTE_USER'] = name # login the new user
284621b3effd initial commit of bitsyauth, initially from bitsyblog
k0s <k0scist@gmail.com>
parents:
diff changeset
360 self.request.environ['paste.auth_tkt.set_user'](name)
18
814ed3208afa whitespace
Jeff Hammel <jhammel@mozilla.com>
parents: 17
diff changeset
361
0
284621b3effd initial commit of bitsyauth, initially from bitsyblog
k0s <k0scist@gmail.com>
parents:
diff changeset
362 return errors
284621b3effd initial commit of bitsyauth, initially from bitsyblog
k0s <k0scist@gmail.com>
parents:
diff changeset
363
284621b3effd initial commit of bitsyauth, initially from bitsyblog
k0s <k0scist@gmail.com>
parents:
diff changeset
364 class BitsyAuth(object):
284621b3effd initial commit of bitsyauth, initially from bitsyblog
k0s <k0scist@gmail.com>
parents:
diff changeset
365 """outer middleware for auth; does the cookie handling and wrapping"""
18
814ed3208afa whitespace
Jeff Hammel <jhammel@mozilla.com>
parents: 17
diff changeset
366
0
284621b3effd initial commit of bitsyauth, initially from bitsyblog
k0s <k0scist@gmail.com>
parents:
diff changeset
367 def __init__(self, app, global_conf, passwords, newuser, site='', secret='secret'):
284621b3effd initial commit of bitsyauth, initially from bitsyblog
k0s <k0scist@gmail.com>
parents:
diff changeset
368 self.app = app
284621b3effd initial commit of bitsyauth, initially from bitsyblog
k0s <k0scist@gmail.com>
parents:
diff changeset
369 self.path = '/logout'
284621b3effd initial commit of bitsyauth, initially from bitsyblog
k0s <k0scist@gmail.com>
parents:
diff changeset
370 self.cookie = '__ac'
284621b3effd initial commit of bitsyauth, initially from bitsyblog
k0s <k0scist@gmail.com>
parents:
diff changeset
371 auth = BitsyAuthInnerWare(app, passwords=passwords, newuser=newuser, site=site)
284621b3effd initial commit of bitsyauth, initially from bitsyblog
k0s <k0scist@gmail.com>
parents:
diff changeset
372 self.hash = auth.hash
284621b3effd initial commit of bitsyauth, initially from bitsyblog
k0s <k0scist@gmail.com>
parents:
diff changeset
373
284621b3effd initial commit of bitsyauth, initially from bitsyblog
k0s <k0scist@gmail.com>
parents:
diff changeset
374 # paste.auth.auth_tkt
9
73b2b5bccd52 * allow logout to pass through instead of failing
egj@socialplanning.org
parents: 8
diff changeset
375 self.cookie_handler = auth_tkt.make_auth_tkt_middleware(
73b2b5bccd52 * allow logout to pass through instead of failing
egj@socialplanning.org
parents: 8
diff changeset
376 auth, global_conf, secret,
73b2b5bccd52 * allow logout to pass through instead of failing
egj@socialplanning.org
parents: 8
diff changeset
377 cookie_name=self.cookie, logout_path='/logout')
0
284621b3effd initial commit of bitsyauth, initially from bitsyblog
k0s <k0scist@gmail.com>
parents:
diff changeset
378
284621b3effd initial commit of bitsyauth, initially from bitsyblog
k0s <k0scist@gmail.com>
parents:
diff changeset
379 def __call__(self, environ, start_response):
42
Jeff Hammel <jhammel@mozilla.com>
parents: 21
diff changeset
380
9
73b2b5bccd52 * allow logout to pass through instead of failing
egj@socialplanning.org
parents: 8
diff changeset
381 try:
73b2b5bccd52 * allow logout to pass through instead of failing
egj@socialplanning.org
parents: 8
diff changeset
382 return self.cookie_handler(environ, start_response)
15
431bd76aabb7 slightly less stupid exception handling
Jeff Hammel <jhammel@mozilla.com>
parents: 9
diff changeset
383 except auth_tkt.BadTicket:
431bd76aabb7 slightly less stupid exception handling
Jeff Hammel <jhammel@mozilla.com>
parents: 9
diff changeset
384 environ.pop('HTTP_COOKIE') # kill all cookies! bad! XXX
431bd76aabb7 slightly less stupid exception handling
Jeff Hammel <jhammel@mozilla.com>
parents: 9
diff changeset
385 return self.cookie_handler(environ, start_response)
9
73b2b5bccd52 * allow logout to pass through instead of failing
egj@socialplanning.org
parents: 8
diff changeset
386 return self.logout(environ, start_response)
0
284621b3effd initial commit of bitsyauth, initially from bitsyblog
k0s <k0scist@gmail.com>
parents:
diff changeset
387
9
73b2b5bccd52 * allow logout to pass through instead of failing
egj@socialplanning.org
parents: 8
diff changeset
388 def logout(self, environ, start_response):
0
284621b3effd initial commit of bitsyauth, initially from bitsyblog
k0s <k0scist@gmail.com>
parents:
diff changeset
389 req = Request(environ)
284621b3effd initial commit of bitsyauth, initially from bitsyblog
k0s <k0scist@gmail.com>
parents:
diff changeset
390 keys = [ 'REMOTE_USER' ]
284621b3effd initial commit of bitsyauth, initially from bitsyblog
k0s <k0scist@gmail.com>
parents:
diff changeset
391 # keys = [ 'REMOTE_USER', 'AUTH_TYPE', 'paste.auth.cookie', 'paste.cookies', 'HTTP_COOKIE' ] # XXX zealous kill
284621b3effd initial commit of bitsyauth, initially from bitsyblog
k0s <k0scist@gmail.com>
parents:
diff changeset
392 for key in keys:
284621b3effd initial commit of bitsyauth, initially from bitsyblog
k0s <k0scist@gmail.com>
parents:
diff changeset
393 req.environ.pop(key, None)
284621b3effd initial commit of bitsyauth, initially from bitsyblog
k0s <k0scist@gmail.com>
parents:
diff changeset
394
43
Jeff Hammel <jhammel@mozilla.com>
parents: 42
diff changeset
395 # return response
0
284621b3effd initial commit of bitsyauth, initially from bitsyblog
k0s <k0scist@gmail.com>
parents:
diff changeset
396 body = '<html><head><title>logout</title></head><body>logout</body></html>'
284621b3effd initial commit of bitsyauth, initially from bitsyblog
k0s <k0scist@gmail.com>
parents:
diff changeset
397 res = Response(content_type='text/html', body=body)
284621b3effd initial commit of bitsyauth, initially from bitsyblog
k0s <k0scist@gmail.com>
parents:
diff changeset
398 req.cookies.pop(self.cookie, None)
284621b3effd initial commit of bitsyauth, initially from bitsyblog
k0s <k0scist@gmail.com>
parents:
diff changeset
399 res.delete_cookie(self.cookie)
284621b3effd initial commit of bitsyauth, initially from bitsyblog
k0s <k0scist@gmail.com>
parents:
diff changeset
400 res.unset_cookie(self.cookie)
284621b3effd initial commit of bitsyauth, initially from bitsyblog
k0s <k0scist@gmail.com>
parents:
diff changeset
401 return res(environ, start_response)