def test_authenticate_fail(self): self.moxx.StubOutWithMock(ModelBackend, 'get_user') ModelBackend.get_user(self.user.pk).AndReturn(None) self.moxx.ReplayAll() user = utils.authenticate_without_password(self.user) self.moxx.VerifyAll() self.assertEqual(user, None)
class ElectionAuthBackend(object): """ Authenticate against django.contrib.auth.backends.ModelBackend AND ipauth.backend.RangeBackend Users must pass both sets of authentication to use the system """ supports_anonymous_user = False ipauth_backend = None model_backend = None def __init__(self): self.ipauth_backend = RangeBackend() self.model_backend = ModelBackend() def authenticate(self, username=None, password=None, ip=None): """ Authenticate against multiple backends AND'd together TODO: Election admin """ model_user = self.model_backend.authenticate(username=username, password=password) ip_user = self.ipauth_backend.authenticate(ip=ip) #print 'model_user', repr(model_user) #print 'model_user groups', repr(model_user.groups.all()) #print 'ip_user', repr(ip_user) admin_group = Group.objects.filter(name='ADMIN').all() if admin_group.count() > 0: admin_group = admin_group[0] else: admin_group = None if not model_user: return None if model_user.is_superuser or model_user.is_staff: # Super admin return model_user if model_user.groups.count() > 0 and admin_group in model_user.groups.all(): # Election admin return model_user #if ip_user is None: #print 'Your IP=%s is not in the IPAuth' % (ip, ) #return None return model_user def get_group_permissions(self, user_obj): """ Returns a set of permission strings that this user has through his/her groups. """ return self.model_backend.get_group_permissions(user_obj) def get_all_permissions(self, user_obj): return self.model_backend.get_all_permissions(user_obj) def has_perm(self, user_obj, perm): return self.model_backend.has_perm(user_obj, perm) def has_module_perms(self, user_obj, app_label): return self.model_backend.has_module_perms(user_obj, app_label) def get_user(self, user_id): return self.model_backend.get_user(user_id)
def get_session(self, sid, authenticated=False): self.env.log.debug('Retrieving session for ID %r', sid) #db = self.env.get_db_cnx() #cursor = db.cursor() ss = DjangoSessionStore(session_key=sid) if not ss.exists(sid): ss.load() ss.save() sid = ss.session_key self.env.log.warning('create new django session') self.sid = sid self.authenticated = authenticated try: ds = DjangoSession.objects.get(pk=sid) if not ds: return session_data = ds.get_decoded() if session_data.has_key('_auth_user_id'): mb = DjangoModelBackend() self.django_user_data = mb.get_user(session_data['_auth_user_id']) self.authenticated = self.django_user_data.is_authenticated() self.last_visit = int(mktime(self.django_user_data.last_login.timetuple())) self.env.log.debug('authenticated as %s',self.django_user_data.username) else: self.django_user_data = DjangoAnonymousUser() self.last_visit = int(mktime(gmtime())) self.env.log.debug('anonymous request') except DjangoSession.objects.model.DoesNotExist: self.env.log.error('session does not exist') self._new = False
def get_user(self, user_id): auth_method = ModelBackend() user = auth_method.get_user(user_id) #TODO: Add merkabah security hooks Check ban status, ipbans, etc return user