def process_login(self, username, password, **kwargs):
rootURL, local = cherrypy.request.app.config['filelocker']['root_url'], False
if kwargs.has_key("local") and kwargs['local'] == str(True):
local = True
username = strip_tags(username)
if password is None or password == "":
raise cherrypy.HTTPRedirect("%s/login?msg=3&local=%s" % (rootURL, str(local)))
else:
directory = AccountService.ExternalDirectory(local)
if directory.authenticate(username, password):
cherrypy.session['request-origin'] = str(os.urandom(32).encode('hex'))[0:32]
currentUser = AccountService.get_user(username, True) #if they are authenticated and local, this MUST return a user object
if currentUser is not None:
if not currentUser.authorized:
raise cherrypy.HTTPError(403, "You do not have permission to access this system")
session.add(AuditLog(cherrypy.session.get("user").id, "Login", "User %s logged in successfully from IP %s" % (currentUser.id, Filelocker.get_client_address())))
session.commit()
raise cherrypy.HTTPRedirect(rootURL)
else: #This should only happen in the case of a user existing in the external directory, but having never logged in before
try:
newUser = directory.lookup_user(username)
AccountService.install_user(newUser)
currentUser = AccountService.get_user(username, True)
if currentUser is not None and currentUser.authorized != False:
raise cherrypy.HTTPRedirect(rootURL)
else:
raise cherrypy.HTTPError(403, "You do not have permission to access this system")
except Exception, e:
return "Unable to install user: %s" % str(e)
else:
def process_login(self, username, password, **kwargs):
rootURL, local = cherrypy.request.app.config['filelocker'][
'root_url'], False
if kwargs.has_key("local") and kwargs['local'] == str(True):
local = True
username = strip_tags(username)
if password is None or password == "":
raise cherrypy.HTTPRedirect("%s/login?msg=3&local=%s" %
(rootURL, str(local)))
else:
directory = AccountService.ExternalDirectory(local)
if directory.authenticate(username, password):
cherrypy.session['request-origin'] = str(
os.urandom(32).encode('hex'))[0:32]
currentUser = AccountService.get_user(
username, True
) #if they are authenticated and local, this MUST return a user object
if currentUser is not None:
if not currentUser.authorized:
raise cherrypy.HTTPError(
403,
"You do not have permission to access this system")
session.add(
AuditLog(
cherrypy.session.get("user").id, "Login",
"User %s logged in successfully from IP %s" %
(currentUser.id, Filelocker.get_client_address())))
session.commit()
raise cherrypy.HTTPRedirect(rootURL)
else: #This should only happen in the case of a user existing in the external directory, but having never logged in before
try:
newUser = directory.lookup_user(username)
AccountService.install_user(newUser)
currentUser = AccountService.get_user(username, True)
if currentUser is not None and currentUser.authorized != False:
raise cherrypy.HTTPRedirect(rootURL)
else:
raise cherrypy.HTTPError(
403,
"You do not have permission to access this system"
)
except Exception, e:
return "Unable to install user: %s" % str(e)
else:
if cherrypy.request.params.has_key("ticket"):
valid_ticket, userId = casConnector.validate_ticket(
rootURL, cherrypy.request.params['ticket'])
if valid_ticket:
currentUser = AccountService.get_user(userId, True)
cherrypy.session['request-origin'] = str(
os.urandom(32).encode('hex'))[0:32]
if currentUser is None:
currentUser = User(id=userId,
display_name="Guest user",
first_name="Unknown",
last_name="Unknown")
cherrypy.log.error(
"[%s] [requires_login] [User authenticated, but not found in directory - installing with defaults]"
% str(userId))
AccountService.install_user(currentUser)
currentUser = AccountService.get_user(
currentUser.id, True) #To populate attributes
if not currentUser.authorized:
raise cherrypy.HTTPError(
403,
"Your user account does not have access to this system."
)
session.add(
AuditLog(
currentUser.id, "Login",
"User %s logged in successfully from IP %s" %
(currentUser.id, get_client_address())))
session.commit()
if currentUser.date_tos_accept is None:
casUrl = session.query(ConfigParameter).filter(ConfigParameter.name == "cas_url").one().value
casConnector = CAS(casUrl)
if cherrypy.request.params.has_key("ticket"):
valid_ticket, userId = casConnector.validate_ticket(rootURL, cherrypy.request.params["ticket"])
if valid_ticket:
currentUser = AccountService.get_user(userId, True)
cherrypy.session["request-origin"] = str(os.urandom(32).encode("hex"))[0:32]
if currentUser is None:
currentUser = User(
id=userId, display_name="Guest user", first_name="Unknown", last_name="Unknown"
)
cherrypy.log.error(
"[%s] [requires_login] [User authenticated, but not found in directory - installing with defaults]"
% str(userId)
)
AccountService.install_user(currentUser)
currentUser = AccountService.get_user(currentUser.id, True) # To populate attributes
if not currentUser.authorized:
raise cherrypy.HTTPError(403, "Your user account does not have access to this system.")
session.add(
AuditLog(
currentUser.id,
"Login",
"User %s logged in successfully from IP %s" % (currentUser.id, get_client_address()),
)
)
session.commit()
if currentUser.date_tos_accept is None:
if format == None:
raise cherrypy.HTTPRedirect(rootURL + "/sign_tos")
