Mercurial > moin > 1.9
changeset 268:130bd0403e21
auth methods now return tuple (user_obj, continue_flag)
imported from: moin--main--1.5--patch-271
author | Thomas Waldmann <tw@waldmann-edv.de> |
---|---|
date | Fri, 02 Dec 2005 10:44:39 +0000 |
parents | 0dbc8b79a810 |
children | 75db8e9f4f46 |
files | MoinMoin/auth.py MoinMoin/request.py contrib/auth_externalcookie/wikiconfig.py docs/CHANGES |
diffstat | 4 files changed, 31 insertions(+), 14 deletions(-) [+] |
line wrap: on
line diff
--- a/MoinMoin/auth.py Fri Dec 02 10:38:53 2005 +0000 +++ b/MoinMoin/auth.py Fri Dec 02 10:44:39 2005 +0000 @@ -3,9 +3,20 @@ MoinMoin - modular authentication code Here are some methods moin can use in cfg.auth authentication method list. - The methods from that list get called in that sequence until one returns - a user object (not None). - + The methods from that list get called (from request.py) in that sequence. + The called auth method the must return a tuple (user_obj, continue_flag). + user_obj is either a User object or None if it could not make one. + continue_flag is a boolean indication whether the auth loop shall continue + trying other auth methods (or not). + + There are the possible cases for the returned tuple: + user, False == we managed to authentify a user and we don't need to continue + user, True == makes no sense (unused) + None, False == we could not authenticate the user and this is final, we + don't want to try other auth methods to authenticate him + None, True == we could not authentifacte the user, but we want to continue + trying with other auth methods + The methods give a kw arg "auth_attribs" to User.__init__ that tells which user attribute names are DETERMINED and set by this auth method and must not get changed by the user using the UserPreferences form. @@ -30,8 +41,8 @@ u = user.User(request, id=cookie['MOIN_ID'].value, auth_method='moin_cookie', auth_attribs=()) if u.valid: - return u - return None + return u, False + return None, True """ @@ -78,9 +89,9 @@ if u: u.create_or_update() if u and u.valid: - return u + return u, False else: - return None + return None, True def sslclientcert(request): """ authenticate via SSL client certificate """ @@ -131,12 +142,13 @@ if u: u.create_or_update(changed) if u and u.valid: - return u + return u, False else: - return None + return None, True def interwiki(request): # TODO use auth_method and auth_attribs for User object + # TODO use tuples as return value if request.form.has_key("user"): username = request.form["user"][0] else:
--- a/MoinMoin/request.py Fri Dec 02 10:38:53 2005 +0000 +++ b/MoinMoin/request.py Fri Dec 02 10:44:39 2005 +0000 @@ -422,9 +422,12 @@ def get_user(self): for auth in self.cfg.auth: - the_user = auth(self) - if the_user: return the_user - return user.User(self, auth_method="request:427") + user_obj, continue_flag = auth(self) + if not continue_flag: + break + if user_obj is None: + user_obj = user.User(self, auth_method="request:427") + return user_obj def reset(self): """ Reset request state.
--- a/contrib/auth_externalcookie/wikiconfig.py Fri Dec 02 10:38:53 2005 +0000 +++ b/contrib/auth_externalcookie/wikiconfig.py Fri Dec 02 10:44:39 2005 +0000 @@ -52,8 +52,8 @@ if u: u.create_or_update(changed) if u and u.valid: # did we succeed making up a valid user? - return u # yes, return user object and stop processing auth method list - return None # no, return None and continue with next method in auth list + return u, False # yes, return user object and stop processing auth method list + return None, True # no, return None and continue with next method in auth list from MoinMoin.auth import moin_cookie, http # first try the external_cookie, then http basic auth, then the usual moin_cookie
--- a/docs/CHANGES Fri Dec 02 10:38:53 2005 +0000 +++ b/docs/CHANGES Fri Dec 02 10:44:39 2005 +0000 @@ -36,6 +36,8 @@ two logos: moinmoin.png without an alpha channel (IE compatible) and moinmoin_alpha.png which has an alpha channel and looks better on browsers with full .png support. + * Changed auth method to return a tuple (user_obj, continue_flag), see + comments in auth.py. Version 1.5.0beta4: Fixes: