view MoinMoin/auth/ @ 2374:629dea07759f

do not parse single-quoted page names as quoted fixes bugs with ['text_html'] being a link
author Johannes Berg <johannes AT sipsolutions DOT net>
date Thu, 12 Jul 2007 14:40:06 +0200
parents 95e57cb59bb0
children 2a3a6cb34e45
line wrap: on
line source
# -*- coding: iso-8859-1 -*-
    MoinMoin - verifier for OpenID login

    @copyright: 2007 MoinMoin:JohannesBerg
    @license: GNU GPL, see COPYING for details.
from MoinMoin import user
from MoinMoin.auth import BaseAuth, CancelLogin, ContinueLogin, MultistageRedirectLogin
from MoinMoin import wikiutil
from MoinMoin.widget import html
from urllib import urlopen, quote_plus

class BotBouncer(BaseAuth):
    name = 'botbouncer'

    def __init__(self, apikey):
        self.apikey = apikey

    def login(self, request, user_obj, **kw):
        if kw.get('multistage'):
            uid = request.session.get('botbouncer.uid', None)
            if not uid:
                return CancelLogin()
            openid = request.session['']
            del request.session['']
            del request.session['botbouncer.uid']
            user_obj = user.User(request, uid, auth_method='openid',

        if not user_obj or not user_obj.valid:
            return ContinueLogin(user_obj)

        if user_obj.auth_method != 'openid':
            return ContinueLogin(user_obj)

        openid_id = user_obj.auth_username

        _ = request.getText

            url = "" % (
                           quote_plus(openid_id), self.apikey)
            data = urlopen(url).read().strip()
        except IOError:
            return CancelLogin(_('Could not contact'))

        data = data.split(':')
        if len(data) != 2 or data[0] != 'verified':
            return CancelLogin(' verification failed, probably invalid API key.')

        if data[1].lower() == 'true':
            # they proved they are human already
            return ContinueLogin(user_obj)

        # tell them to verify at bot bouncer first
        request.session[''] = openid_id
        request.session['botbouncer.uid'] =

        goto = "" % (
        return MultistageRedirectLogin(goto)