comparison MoinMoin/auth.py @ 0:77665d8e2254

tag of nonpublic@localhost--archive/moin--enterprise--1.5--base-0 (automatically generated log message) imported from: moin--main--1.5--base-0
author Thomas Waldmann <tw-public@gmx.de>
date Thu, 22 Sep 2005 15:09:50 +0000
parents
children 3ef174b732c6
comparison
equal deleted inserted replaced
-1:000000000000 0:77665d8e2254
1 # -*- coding: iso-8859-1 -*-
2 """
3 MoinMoin - modular authentication code
4
5 @copyright: (c) Bastian Blank, Florian Festi, Thomas Waldmann
6 @license: GNU GPL, see COPYING for details.
7 """
8
9 import Cookie
10 from MoinMoin.user import User
11
12 def moin_cookie(request):
13 """ authenticate via the MOIN_ID cookie """
14 try:
15 cookie = Cookie.SimpleCookie(request.saved_cookie)
16 except Cookie.CookieError:
17 # ignore invalid cookies, else user can't relogin
18 cookie = None
19 if cookie and cookie.has_key('MOIN_ID'):
20 user = User(request, id=cookie['MOIN_ID'].value)
21 if user.valid:
22 return user
23
24 return None
25
26
27 """
28 idea: maybe we should call back to the request object like:
29 username, password, authenticated, authtype = request.getUserPassAuth()
30 WhoEver geheim false basic (twisted, doityourself pw check)
31 WhoEver None true basic/... (apache)
32
33 thus, the server specific code would stay in request object implemenation.
34 """
35
36 def http(request):
37 """ authenticate via http basic/digest/ntlm auth """
38 from MoinMoin.request import RequestTwisted
39 user = None
40 # check if we are running Twisted
41 if isinstance(request, RequestTwisted):
42 username = request.twistd.getUser()
43 password = request.twistd.getPassword()
44 user = User(request, auth_username=username, password=password)
45
46 else:
47 env = request.env
48 auth_type = env.get('AUTH_TYPE','')
49 if auth_type in ['Basic', 'Digest', 'NTLM', 'Negotiate',]:
50 username = env.get('REMOTE_USER','')
51 if auth_type in ('NTLM', 'Negotiate',):
52 # converting to standard case so the user can even enter wrong case
53 # (added since windows does not distinguish between e.g.
54 # "Mike" and "mike")
55 username = username.split('\\')[-1] # split off domain e.g.
56 # from DOMAIN\user
57 # this "normalizes" the login name from {meier, Meier, MEIER} to Meier
58 # put a comment sign in front of next line if you don't want that:
59 username = username.title()
60 user = User(request, auth_username=username)
61
62 # XXX create (user? maybe should not happen here, but one layer higher to be
63 # common for all auth methods
64
65 if user and user.valid:
66 return user
67 else:
68 return None
69
70 def interwiki(request):
71 if request.form.has_key("user"):
72 username = request.form["user"][0]
73 else:
74 return None
75 passwd = None
76 if request.form.has_key("passwd"):
77 passwd = request.form["passwd"][0]
78
79 wikitag, wikiurl, wikitail, err = wikiutil.resolve_wiki(username)
80
81 if err or wikitag not in request.cfg.trusted_wikis:
82 return None
83
84 if passwd:
85 import xmlrpclib
86 homewiki = xmlrpclib.Server(wikiurl + "?action=xmlrpc2")
87 account_data = homewiki.getUser(wikitail, passwd)
88 if isinstance(account_data, str):
89 # show error message
90 return None
91
92 user = User(request, name=username)
93 for key, value in account_data.iteritems():
94 if key not in ["may", "id", "valid", "trusted"
95 "auth_username",
96 "name", "aliasname",
97 "enc_passwd"]:
98 setattr(user, key, value)
99 user.save()
100 request.user = user
101 request.setCookie()
102 return user
103 else:
104 pass
105 # XXX redirect to homewiki
106