changeset 268:130bd0403e21

auth methods now return tuple (user_obj, continue_flag) imported from: moin--main--1.5--patch-271
author Thomas Waldmann <tw@waldmann-edv.de>
date Fri, 02 Dec 2005 10:44:39 +0000
parents 0dbc8b79a810
children 75db8e9f4f46
files MoinMoin/auth.py MoinMoin/request.py contrib/auth_externalcookie/wikiconfig.py docs/CHANGES
diffstat 4 files changed, 31 insertions(+), 14 deletions(-) [+]
line wrap: on
line diff
--- a/MoinMoin/auth.py	Fri Dec 02 10:38:53 2005 +0000
+++ b/MoinMoin/auth.py	Fri Dec 02 10:44:39 2005 +0000
@@ -3,9 +3,20 @@
     MoinMoin - modular authentication code
 
     Here are some methods moin can use in cfg.auth authentication method list.
-    The methods from that list get called in that sequence until one returns
-    a user object (not None).
-    
+    The methods from that list get called (from request.py) in that sequence.
+    The called auth method the must return a tuple (user_obj, continue_flag).
+    user_obj is either a User object or None if it could not make one.
+    continue_flag is a boolean indication whether the auth loop shall continue
+    trying other auth methods (or not).
+
+    There are the possible cases for the returned tuple:
+    user, False == we managed to authentify a user and we don't need to continue
+    user, True  == makes no sense (unused)
+    None, False == we could not authenticate the user and this is final, we
+                   don't want to try other auth methods to authenticate him
+    None, True  == we could not authentifacte the user, but we want to continue
+                   trying with other auth methods
+
     The methods give a kw arg "auth_attribs" to User.__init__ that tells
     which user attribute names are DETERMINED and set by this auth method and
     must not get changed by the user using the UserPreferences form.
@@ -30,8 +41,8 @@
         u = user.User(request, id=cookie['MOIN_ID'].value,
                       auth_method='moin_cookie', auth_attribs=())
         if u.valid:
-            return u
-    return None
+            return u, False
+    return None, True
 
 
 """
@@ -78,9 +89,9 @@
     if u:
         u.create_or_update()
     if u and u.valid:
-        return u
+        return u, False
     else:
-        return None
+        return None, True
 
 def sslclientcert(request):
     """ authenticate via SSL client certificate """
@@ -131,12 +142,13 @@
     if u:
         u.create_or_update(changed)
     if u and u.valid:
-        return u
+        return u, False
     else:
-        return None
+        return None, True
 
 def interwiki(request):
     # TODO use auth_method and auth_attribs for User object
+    # TODO use tuples as return value
     if request.form.has_key("user"):
         username = request.form["user"][0]
     else:
--- a/MoinMoin/request.py	Fri Dec 02 10:38:53 2005 +0000
+++ b/MoinMoin/request.py	Fri Dec 02 10:44:39 2005 +0000
@@ -422,9 +422,12 @@
                 
     def get_user(self):
         for auth in self.cfg.auth:
-            the_user = auth(self)
-            if the_user: return the_user
-        return user.User(self, auth_method="request:427")
+            user_obj, continue_flag = auth(self)
+            if not continue_flag:
+                break
+        if user_obj is None:
+            user_obj = user.User(self, auth_method="request:427")
+        return user_obj
 
     def reset(self):
         """ Reset request state.
--- a/contrib/auth_externalcookie/wikiconfig.py	Fri Dec 02 10:38:53 2005 +0000
+++ b/contrib/auth_externalcookie/wikiconfig.py	Fri Dec 02 10:44:39 2005 +0000
@@ -52,8 +52,8 @@
             if u:
                 u.create_or_update(changed)
             if u and u.valid: # did we succeed making up a valid user?
-                return u # yes, return user object and stop processing auth method list
-        return None # no, return None and continue with next method in auth list
+                return u, False # yes, return user object and stop processing auth method list
+        return None, True # no, return None and continue with next method in auth list
 
     from MoinMoin.auth import moin_cookie, http
     # first try the external_cookie, then http basic auth, then the usual moin_cookie
--- a/docs/CHANGES	Fri Dec 02 10:38:53 2005 +0000
+++ b/docs/CHANGES	Fri Dec 02 10:44:39 2005 +0000
@@ -36,6 +36,8 @@
       two logos: moinmoin.png without an alpha channel (IE compatible) and
       moinmoin_alpha.png which has an alpha channel and looks better on
       browsers with full .png support.
+    * Changed auth method to return a tuple (user_obj, continue_flag), see
+      comments in auth.py.
 
 Version 1.5.0beta4:
   Fixes: