comparison MoinMoin/auth/__init__.py @ 948:28ea5b3802b1

whitespace-only cleanup
author Thomas Waldmann <tw AT waldmann-edv DOT de>
date Mon, 17 Jul 2006 03:43:33 +0200
parents ab9cd47eb066
children b180f047d918
comparison
equal deleted inserted replaced
947:41f6f7708466 948:28ea5b3802b1
78 path = request.getScriptname() 78 path = request.getScriptname()
79 if not path: 79 if not path:
80 path = '/' 80 path = '/'
81 c[cookie_name]['path'] = path 81 c[cookie_name]['path'] = path
82 # Set expires for older clients 82 # Set expires for older clients
83 c[cookie_name]['expires'] = request.httpDate(when=expires, rfc='850') 83 c[cookie_name]['expires'] = request.httpDate(when=expires, rfc='850')
84 return c.output() 84 return c.output()
85 85
86 def setCookie(request, u, cookie_name, cookie_string): 86 def setCookie(request, u, cookie_name, cookie_string):
87 """ Set cookie for the user obj u 87 """ Set cookie for the user obj u
88 88
94 = 0 forever, ignoring user 'remember_me' setting 94 = 0 forever, ignoring user 'remember_me' setting
95 > 0 n hours, or forever if user checked 'remember_me' 95 > 0 n hours, or forever if user checked 'remember_me'
96 < 0 -n hours, ignoring user 'remember_me' setting 96 < 0 -n hours, ignoring user 'remember_me' setting
97 """ 97 """
98 # Calculate cookie maxage and expires 98 # Calculate cookie maxage and expires
99 lifetime = int(request.cfg.cookie_lifetime) * 3600 99 lifetime = int(request.cfg.cookie_lifetime) * 3600
100 forever = 10 * 365 * 24 * 3600 # 10 years 100 forever = 10 * 365 * 24 * 3600 # 10 years
101 now = time.time() 101 now = time.time()
102 if not lifetime: 102 if not lifetime:
103 maxage = forever 103 maxage = forever
104 elif lifetime > 0: 104 elif lifetime > 0:
107 else: 107 else:
108 maxage = lifetime 108 maxage = lifetime
109 elif lifetime < 0: 109 elif lifetime < 0:
110 maxage = (-lifetime) 110 maxage = (-lifetime)
111 expires = now + maxage 111 expires = now + maxage
112 112
113 cookie = makeCookie(request, cookie_name, cookie_string, maxage, expires) 113 cookie = makeCookie(request, cookie_name, cookie_string, maxage, expires)
114 # Set cookie 114 # Set cookie
115 request.setHttpHeader(cookie) 115 request.setHttpHeader(cookie)
116 # IMPORTANT: Prevent caching of current page and cookie 116 # IMPORTANT: Prevent caching of current page and cookie
117 request.disableHttpCaching() 117 request.disableHttpCaching()
139 """ 139 """
140 cookie_string = '' 140 cookie_string = ''
141 maxage = 0 141 maxage = 0
142 # Set expires to one year ago for older clients 142 # Set expires to one year ago for older clients
143 expires = time.time() - (3600 * 24 * 365) # 1 year ago 143 expires = time.time() - (3600 * 24 * 365) # 1 year ago
144 cookie = makeCookie(request, cookie_name, cookie_string, maxage, expires) 144 cookie = makeCookie(request, cookie_name, cookie_string, maxage, expires)
145 # Set cookie 145 # Set cookie
146 request.setHttpHeader(cookie) 146 request.setHttpHeader(cookie)
147 # IMPORTANT: Prevent caching of current page and cookie 147 # IMPORTANT: Prevent caching of current page and cookie
148 request.disableHttpCaching() 148 request.disableHttpCaching()
149 149
157 157
158 cfg = request.cfg 158 cfg = request.cfg
159 verbose = False 159 verbose = False
160 if hasattr(cfg, 'moin_login_verbose'): 160 if hasattr(cfg, 'moin_login_verbose'):
161 verbose = cfg.moin_login_verbose 161 verbose = cfg.moin_login_verbose
162 162
163 #request.log("auth.moin_login: name=%s login=%r logout=%r user_obj=%r" % (username, login, logout, user_obj)) 163 #request.log("auth.moin_login: name=%s login=%r logout=%r user_obj=%r" % (username, login, logout, user_obj))
164 164
165 if login: 165 if login:
166 if verbose: request.log("moin_login performing login action") 166 if verbose: request.log("moin_login performing login action")
167 u = user.User(request, name=username, password=password, auth_method='moin_login') 167 u = user.User(request, name=username, password=password, auth_method='moin_login')
178 178
179 We don't handle initial logins (except to set the appropriate cookie), just 179 We don't handle initial logins (except to set the appropriate cookie), just
180 ongoing sessions, and logout. Use another method for initial login. 180 ongoing sessions, and logout. Use another method for initial login.
181 """ 181 """
182 import base64 182 import base64
183 183
184 username = kw.get('name') 184 username = kw.get('name')
185 login = kw.get('login') 185 login = kw.get('login')
186 logout = kw.get('logout') 186 logout = kw.get('logout')
187 user_obj = kw.get('user_obj') 187 user_obj = kw.get('user_obj')
188 188
190 verbose = False 190 verbose = False
191 if hasattr(cfg, 'moin_session_verbose'): 191 if hasattr(cfg, 'moin_session_verbose'):
192 verbose = cfg.moin_session_verbose 192 verbose = cfg.moin_session_verbose
193 193
194 cookie_name = MOIN_SESSION 194 cookie_name = MOIN_SESSION
195 195
196 if verbose: request.log("auth.moin_session: name=%s login=%r logout=%r user_obj=%r" % (username, login, logout, user_obj)) 196 if verbose: request.log("auth.moin_session: name=%s login=%r logout=%r user_obj=%r" % (username, login, logout, user_obj))
197 197
198 if login: 198 if login:
199 if verbose: request.log("moin_session performing login action") 199 if verbose: request.log("moin_session performing login action")
200 200
221 221
222 if not (cookie is not None and cookie.has_key(cookie_name)): 222 if not (cookie is not None and cookie.has_key(cookie_name)):
223 # No valid cookie 223 # No valid cookie
224 if verbose: request.log("either no cookie or no %s key" % cookie_name) 224 if verbose: request.log("either no cookie or no %s key" % cookie_name)
225 return user_obj, True 225 return user_obj, True
226 226
227 try: 227 try:
228 cookie_hash, cookie_body = cookie[cookie_name].value.split(':', 1) 228 cookie_hash, cookie_body = cookie[cookie_name].value.split(':', 1)
229 except ValueError: 229 except ValueError:
230 # Invalid cookie 230 # Invalid cookie
231 if verbose: request.log("invalid cookie format: (%s)" % cookie[cookie_name].value) 231 if verbose: request.log("invalid cookie format: (%s)" % cookie[cookie_name].value)
232 return user_obj, True 232 return user_obj, True
233 233
234 if cookie_hash != make_security_hash(request, cookie_body): 234 if cookie_hash != make_security_hash(request, cookie_body):
235 # Invalid cookie 235 # Invalid cookie
236 # XXX Cookie clear here??? 236 # XXX Cookie clear here???
237 if verbose: request.log("cookie recovered had invalid hash") 237 if verbose: request.log("cookie recovered had invalid hash")
238 return user_obj, True 238 return user_obj, True
239 239
240 # We can trust the cookie 240 # We can trust the cookie
241 if verbose: request.log("Cookie OK, authenticated.") 241 if verbose: request.log("Cookie OK, authenticated.")
242 params = { 'username': '', 'id': '' } 242 params = {'username': '', 'id': '', }
243 cookie_pairs = cookie_body.split(":") 243 cookie_pairs = cookie_body.split(":")
244 for key, value in [pair.split("=", 1) for pair in cookie_pairs]: 244 for key, value in [pair.split("=", 1) for pair in cookie_pairs]:
245 params[key] = base64.decodestring(value) # assuming all values are base64 encoded 245 params[key] = base64.decodestring(value) # assuming all values are base64 encoded
246 # XXX Should check expiry from cookie 246 # XXX Should check expiry from cookie
247 # XXX Should name be in auth_attribs? 247 # XXX Should name be in auth_attribs?
249 id=params['id'], 249 id=params['id'],
250 auth_username=params['username'], 250 auth_username=params['username'],
251 auth_method='moin_session', 251 auth_method='moin_session',
252 auth_attribs=(), 252 auth_attribs=(),
253 ) 253 )
254 254
255 if logout: 255 if logout:
256 if verbose: request.log("Logout requested, setting u invalid and 'deleting' cookie") 256 if verbose: request.log("Logout requested, setting u invalid and 'deleting' cookie")
257 u.valid = 0 # just make user invalid, but remember him 257 u.valid = 0 # just make user invalid, but remember him
258 deleteCookie(request, cookie_name) 258 deleteCookie(request, cookie_name)
259 return u, True # we return a invalidated user object, so that 259 return u, True # we return a invalidated user object, so that