def log_me(self):
data, errors = self.extractData()
if errors:
self.submissionError = errors
return FAILURE
credendials_managers = list(self.credentials_managers())
if credendials_managers is None:
self.flash(_(u"Missing credentials."))
return SuccessMarker('Login failed', False)
for credentials_manager in credendials_managers:
result = credentials_manager.log_in(self.request, **data)
if isinstance(result, SuccessMarker):
self.flash(result.name)
return result
elif result:
session = getSession()
session['username'] = data['username']
self.flash(_(u"Login successful."))
principal = self.make_principal(id=data['username'])
self.request.principal = principal
notify(UserLoggedInEvent(principal))
camefrom = data.get('camefrom', self.url(self.context))
return SuccessMarker(
'Login successful', True, url=camefrom,
code=302)
self.flash(_(u'Login failed.'))
return FAILURE
def logout(session=None):
if session is None:
session = getSession()
if 'user' in session:
session.clear()
return True
return False
def authenticate(self, username, password):
if username in self:
if password == self[username]:
session = getSession()
session['user'] = username
return True
return False
def update(self):
session = getSession()
if session:
if 'username' in session:
del session['username']
if 'masquarde' in session:
del session['masquarade']
def get_credentials(self, environ):
auser = None
if 'HTTP_AUTHORIZATION' in environ.keys():
auser = decodestring(environ.get('HTTP_AUTHORIZATION')[6:]).split(':')[0]
session = getSession()
user = environ.get('REMOTE_USER') or session.get('username') or auser
return user
def send(self, text, type=interfaces.BASE_MESSAGE_TYPE):
session = getSession()
if session is None:
return False
messages = session.get(self._key, [])
messages.append(Message(text, type))
session[self._key] = messages
return True
def setUpToken(self):
session = getSession()
if session is None:
raise CSRFTokenGenerationError("No session.")
self.csrftoken = session.get('__csrftoken__')
if self.csrftoken is None:
self.csrftoken = str(binascii.hexlify(urandom(32)))
session['__csrftoken__'] = self.csrftoken
def handle_masquarade(self):
data, errors = self.extractData()
if errors:
return
session = getSession()
session['masquarade'] = data['oid']
self.view.redirect(self.request.path)
def secure_application(environ, start_response, default=anonymous):
session = getSession()
if session is not None and 'user' in session:
environ['REMOTE_USER'] = username = session['user']
principal = Principal(username)
else:
principal = default
return app(environ, start_response, principal)
def application(environ, start_response):
session = getSession()
counter = session.setdefault('counter', 0)
counter = session['counter'] = counter + 1
body = str('Called %d times !' % counter)
headers = [('Content-Type', 'text/html; charset=utf8'),
('Content-Length', str(len(body)))]
start_response('200 OK', headers)
return [body]
def checkToken(self):
session = getSession()
if session is None:
raise CSRFTokenGenerationError("No session.")
cookietoken = session.get('__csrftoken__')
if cookietoken is None:
raise InvalidCSRFToken(_('Invalid CSRF token'))
if cookietoken != self.request.form.get('form.field.__csrftoken__', None):
raise InvalidCSRFToken(_('Invalid CSRF token'))
def principal_factory(self, username):
if username:
session = getSession()
masquarade = session.get('masquarade', None)
user = USERS.get(username)
permissions = frozenset(user['permissions'])
print "PERMISSION FOR", user, permissions
return AdminPrincipal(username, masquarade, permissions)
return unauthenticated_principal
def send(self, body, type=BASE_MESSAGE_TYPE):
session = getSession()
if session is None:
return False
messages = session.get(self._key, [])
messages.append(
dict(body=body, type=type, id=str(uuid.uuid4().hex))
)
session[self._key] = messages # Trigger
return True
def remove(self, item):
session = getSession()
if session is None:
raise ValueError("No session")
messages = session.get(self._key)
if messages is None:
raise KeyError("Session does contains messages.")
messages.remove(item)
session[self._key] = messages # Trigger
def test_session():
session_object = object()
browser.setSession(session_object)
assert browser.session.sessioninfo.__class__ == (
browser.session.SessionInfo)
assert browser.session.sessioninfo.session is session_object
assert browser.session.sessioninfo.session is browser.getSession()
browser.setSession()
assert browser.session.sessioninfo.session is None
assert browser.session.sessioninfo.session is None
def send(self, text, type=interfaces.BASE_MESSAGE_TYPE):
session = getSession()
if session is None:
return False
messages = session.get(self._key, [])
if isinstance(text, Message):
messages.append(
{"message": unicode(text), "type": type,
"uid": str(uuid.uuid4()),
"i18n": {"domain": text.domain, "default": text.default,
"mapping": text.mapping}}
)
else:
messages.append(
{"message": text, "type": type, "uid": str(uuid.uuid4())}
)
session[self._key] = messages
return True
def __len__(self):
session = getSession()
return len(session.get(self._key, []))
def session_dict(self, environ):
ses = getSession()
return ses
def update(self):
session = getSession()
if session is not None:
self.expiration = session.get('__session_expiration__')
def get_credentials(self, environ):
session = getSession()
user = environ.get('REMOTE_USER') or session.get('username')
return user
def update(self):
session = getSession()
if session:
if 'username' in session.keys():
del session['username']
def update(self):
session = getSession()
if session is not None:
session.clear()
def __iter__(self):
session = getSession()
if session is None or self._key not in session:
return iter([])
return iter(session[self._key])
def session_dict(self, environ):
ses = getSession()
return ses
def remove(self, item):
session = getSession()
if session is None or self._key not in session:
raise ValueError("No session")
session[self._key].remove(item)
def get_credentials(self, environ):
session = getSession()
user = environ.get('REMOTE_USER') or session.get('username')
return user
