changeset 2931:a6bb853c740b

fix logon with openid 2.0, fixes #345
author RogerHaase <haaserd@gmail.com>
date Tue, 21 Apr 2015 15:22:02 -0700
parents 7c4eba7d31ff
children 4ab27780d078
files MoinMoin/app.py MoinMoin/auth/openidrp.py MoinMoin/templates/openid_register.html make.py
diffstat 4 files changed, 26 insertions(+), 3 deletions(-) [+]
line wrap: on
line diff
--- a/MoinMoin/app.py	Tue Apr 21 15:09:02 2015 -0700
+++ b/MoinMoin/app.py	Tue Apr 21 15:22:02 2015 -0700
@@ -20,6 +20,12 @@
 from flask import current_app as app
 from flask import g as flaskg
 
+# workaround Flask 0.10. incompatibility with openid - see #345, #515
+try:
+    from flask_oldsessions import OldSecureCookieSessionInterface
+except ImportError:
+    OldSecureCookieSessionInterface = None
+
 from flask.ext.cache import Cache
 from flask.ext.themes import setup_themes
 
@@ -68,6 +74,10 @@
     clock = Clock()
     clock.start('create_app total')
     app = Flask('MoinMoin')
+
+    if OldSecureCookieSessionInterface:
+        app.session_interface = OldSecureCookieSessionInterface()
+
     clock.start('create_app load config')
     if flask_config_file:
         app.config.from_pyfile(flask_config_file)
--- a/MoinMoin/auth/openidrp.py	Tue Apr 21 15:09:02 2015 -0700
+++ b/MoinMoin/auth/openidrp.py	Tue Apr 21 15:22:02 2015 -0700
@@ -13,7 +13,7 @@
 from openid.yadis.discover import DiscoveryFailure
 from openid.fetchers import HTTPFetchingError
 
-from flask import session, request, url_for
+from flask import session, request, url_for, flash
 from flask import current_app as app
 from MoinMoin.auth import BaseAuth, get_multistage_continuation_url
 from MoinMoin.auth import ContinueLogin, CancelLogin, MultistageFormLogin, MultistageRedirectLogin
@@ -83,13 +83,14 @@
                 # we get the user with this openid associated to him
                 identity = oid_info.identity_url
                 users = user.search_users(openid=identity)
-                user_obj = users and user.User(users[0][ITEMID], trusted=self.trusted)
+                user_obj = users and user.User(uid=users[0].item.itemid, trusted=self.trusted, auth_method=self.name)
 
                 # if the user actually exists
                 if user_obj:
                     # we get the authenticated user object
                     # success!
                     user_obj.auth_method = self.name
+                    flash(_('You have logged in with OpenID.'), "info")
                     return ContinueLogin(user_obj)
 
                 # there is no user with this openid
--- a/MoinMoin/templates/openid_register.html	Tue Apr 21 15:09:02 2015 -0700
+++ b/MoinMoin/templates/openid_register.html	Tue Apr 21 15:22:02 2015 -0700
@@ -17,6 +17,7 @@
                 {{ forms.render(form['email']) }}
                 {{ forms.render_textcha(gen, form) }}
             </dl>
+            <input type="hidden" name="openid_submit" value="1" >
             {{ forms.render_submit(form) }}
         {{ gen.form.close() }}
     </div>
--- a/make.py	Tue Apr 21 15:09:02 2015 -0700
+++ b/make.py	Tue Apr 21 15:22:02 2015 -0700
@@ -191,6 +191,12 @@
     return subprocess.check_output(command, shell=True)
 
 
+def get_sitepackages_location():
+    """Return the location of the virtualenv site-packages directory."""
+    command = ACTIVATE + 'python -c "from distutils.sysconfig import get_python_lib; print get_python_lib()"'
+    return subprocess.check_output(command, shell=True).strip()
+
+
 class Commands(object):
     """Each cmd_ method processes a choice on the menu."""
     def __init__(self):
@@ -222,7 +228,12 @@
 
     def cmd_extras(self, *args):
         """install optional packages: OpenID, Pillow, pymongo, sqlalchemy, ldap; and upload.py"""
+        sp_dir = get_sitepackages_location()
         upload = '{0} MoinMoin/script/win/wget.py https://codereview.appspot.com/static/upload.py upload.py'.format(sys.executable)
+        # TODO oldsessions is short term fix for obsolete OpenID 2.0, see #515
+        # http://pythonhosted.org//Flask-OldSessions/ docs are broken see https://github.com/mitsuhiko/flask-oldsessions/issues/1
+        # we do wget of flask_oldsessions.py to site-packages as another workaround
+        oldsessions = '{0} MoinMoin/script/win/wget.py https://raw.githubusercontent.com/mitsuhiko/flask-oldsessions/master/flask_oldsessions.py {1}/flask_oldsessions.py'.format(sys.executable, sp_dir)
         packages = ['python-openid', 'pillow', 'pymongo', 'sqlalchemy', ]
         if WINDOWS_OS:
             installer = 'easy_install --upgrade '
@@ -233,7 +244,7 @@
         else:
             installer = 'pip install --upgrade '
             packages.append('python-ldap')
-        command = ACTIVATE + installer + (SEP + installer).join(packages) + SEP + upload
+        command = ACTIVATE + installer + (SEP + installer).join(packages) + SEP + upload + SEP + oldsessions
         print 'Installing {0}, upload.py... output messages written to {1}.'.format(', '.join(packages), EXTRAS)
         with open(EXTRAS, 'w') as messages:
             subprocess.call(command, shell=True, stderr=messages, stdout=messages)