view MoinMoin/auth/ @ 2025:d919b7b7b3e9

auth framework: login() methods return an object now This avoids overloading the returned tuple and simplifies code since they can now just instantiate ContinueLogin(), CancelLogin() etc.
author Johannes Berg <johannes AT sipsolutions DOT net>
date Tue, 24 Apr 2007 12:04:19 +0200
parents 1b14cc05a54a
children 340ae0e7529e
line wrap: on
line source

# -*- coding: iso-8859-1 -*-
    MoinMoin - authentication using a remote wiki

    @copyright: 2005 by Florian Festi,
                2007 by MoinMoin:ThomasWaldmann
    @license: GNU GPL, see COPYING for details.

verbose = False

import xmlrpclib
from MoinMoin import auth, wikiutil, user
from MoinMoin.auth import BaseAuth, ContinueLogin, CancelLogin

class InterwikiAuth(BaseAuth):
    name = 'interwiki'
    logout_possible = True
    login_inputs = ['username', 'password']

    def __init__(self, trusted_wikis):
        self.trusted_wikis = trusted_wikis

    def login(self, request, user_obj, **kw):
        username = kw.get('username')
        password = kw.get('password')

        if not username or not password:
            return ContinueLogin(user_obj)

        if verbose: request.log("interwiki auth: trying to auth %r" % username)
        username = username.replace(' ', ':', 1) # Hack because ':' is not allowed in name field
        wikitag, wikiurl, name, err = wikiutil.resolve_wiki(request, username)

        if verbose: request.log("interwiki auth: resolve wiki returned: %r %r %r %r" % (wikitag, wikiurl, name, err))
        if err or wikitag not in self.trusted_wikis:
            return ContinueLogin(user_obj)

        homewiki = xmlrpclib.Server(wikiurl + "?action=xmlrpc2")
        account_data = homewiki.getUser(name, password)
        if isinstance(account_data, str):
            if verbose: request.log("interwiki auth: %r wiki said: %s" % (wikitag, account_data))
            return ContinueLogin(None, account_data)

        # TODO: check remote auth_attribs
        u = user.User(request, name=name,, auth_attribs=('name', 'aliasname', 'password', 'email', ))
        for key, value in account_data.iteritems():
            if key not in request.cfg.user_transient_fields:
                setattr(u, key, value)
        u.valid = True
        if verbose: request.log("interwiki: successful auth for %r" % name)
        return ContinueLogin(u)