def remember(self, environ, identity):
log.debug("cookieAuth remember")
if self.include_ip:
remote_addr = environ.get('REMOTE_ADDR', '0.0.0.0')
else:
remote_addr = '0.0.0.0'
cookies = get_cookies(environ)
old_cookie = cookies.get(self.cookie_name)
existing = cookies.get(self.cookie_name)
old_cookie_value = getattr(existing, 'value', None)
max_age = identity.get('max_age', None)
timestamp, userid, tokens, userdata = None, '', '', ''
if old_cookie_value:
try:
timestamp,userid,tokens,userdata = auth_tkt.parse_ticket(
self.secret, old_cookie_value, remote_addr)
except auth_tkt.BadTicket:
pass
who_userid = identity['midgard.user.guid'] + "|" + identity.get('login')
who_tokens = identity.get('tokens', '')
who_userdata = identity.get('userdata', '')
encoding_data = self.userid_type_encoders.get(type(who_userid))
if encoding_data:
encoding, encoder = encoding_data
who_userid = encoder(who_userid)
who_userdata = 'userid_type:%s' % encoding
if not isinstance(tokens, basestring):
tokens = ','.join(tokens)
if not isinstance(who_tokens, basestring):
who_tokens = ','.join(who_tokens)
old_data = (userid, tokens, userdata)
new_data = (who_userid, who_tokens, who_userdata)
if old_data != new_data or (self.reissue_time and
( (timestamp + self.reissue_time) < time.time() )):
ticket = auth_tkt.AuthTicket(
self.secret,
who_userid,
remote_addr,
tokens=who_tokens,
user_data=who_userdata,
cookie_name=self.cookie_name,
secure=self.secure)
new_cookie_value = ticket.cookie_value()
cur_domain = environ.get('HTTP_HOST', environ.get('SERVER_NAME'))
wild_domain = '.' + cur_domain
if old_cookie_value != new_cookie_value:
if "auth_remember_allow" in environ and environ["auth_remember_allow"] == False:
return None
# return a set of Set-Cookie headers
return self._get_cookies(environ, new_cookie_value, max_age)
def authenticate(self, connection):
"""
Authenticate a connection. Return a username or None
if not authenticated.
"""
remote_addr = '0.0.0.0'
cookie = connection.receive()
if cookie is None:
return None
try:
timestamp, userid, tokens, user_data = auth_tkt.parse_ticket(
self.secret, str(cookie), remote_addr)
except auth_tkt.BadTicket:
return None
if self.timeout and ((timestamp + self.timeout) < time.time()):
return None
userid_typename = 'userid_type:'
user_data_info = user_data.split('|')
for datum in filter(None, user_data_info):
if datum.startswith(userid_typename):
userid_type = datum[len(userid_typename):]
decoder = self.userid_type_decoders.get(userid_type)
if decoder:
userid = decoder(userid)
return userid
def identify(self, environ):
if environ.has_key('rwpc.logout'):
return
uri = environ.get('REQUEST_URI', construct_url(environ))
query = parse_dict_querystring(environ)
cookies = get_cookies(environ)
cookie = cookies.get('auth_tkt')
if cookie is None or not cookie.value:
return None
remote_addr = '0.0.0.0'
identity = {}
try:
timestamp, userid, tokens, user_data = auth_tkt.parse_ticket(
self.ticket_secret, cookie.value, remote_addr)
except auth_tkt.BadTicket as e:
return None
#userObj = model.Session.query(model.User).filter_by(id=userid).first()
#if userObj is None:
# return None
#identity['login'] = userObj.name
identity['login'] = userid
return identity
def remember(self, environ, identity):
'''
Remember the user.
'''
if self.include_ip:
remote_addr = environ['REMOTE_ADDR']
else:
remote_addr = '0.0.0.0'
cookies = get_cookies(environ)
#old_cookie = cookies.get(self.cookie_name)
existing = cookies.get(self.cookie_name)
old_cookie_value = getattr(existing, 'value', None)
max_age = identity.get('max_age', None)
timestamp, userid, tokens, userdata = None, '', '', ''
if old_cookie_value:
try:
timestamp, userid, tokens, userdata = auth_tkt.parse_ticket(
self.secret, old_cookie_value, remote_addr)
except auth_tkt.BadTicket:
pass
who_userid = identity['repoze.who.userid']
who_tokens = identity.get('tokens', '')
who_userdata = identity.get('userdata', '')
encoding_data = self.userid_type_encoders.get(type(who_userid))
if encoding_data:
encoding, encoder = encoding_data
who_userid = encoder(who_userid)
who_userdata = 'userid_type:%s' % encoding
if not isinstance(tokens, basestring):
tokens = ','.join(tokens)
if not isinstance(who_tokens, basestring):
who_tokens = ','.join(who_tokens)
old_data = (userid, tokens, userdata)
new_data = (who_userid, who_tokens, who_userdata)
if old_data != new_data or (self.reissue_time and (
(timestamp + self.reissue_time) < time.time())):
ticket = auth_tkt.AuthTicket(self.secret,
who_userid,
remote_addr,
tokens=who_tokens,
user_data=who_userdata,
cookie_name=self.cookie_name,
secure=self.secure)
new_cookie_value = ticket.cookie_value()
#cur_domain = environ.get('HTTP_HOST', environ.get('SERVER_NAME'))
#wild_domain = '.' + cur_domain
if old_cookie_value != new_cookie_value:
# return a set of Set-Cookie headers
return self._get_cookies(environ, new_cookie_value, max_age)
def identify(self, environ):
'''
Identify the user
'''
remotes = environ['REMOTE_ADDR'].split(', ')
environ['REMOTE_ADDR'] = remotes[0]
environ['auth'] = False
cookies = get_cookies(environ)
cookie = cookies.get(self.cookie_name)
if cookie is None or not cookie.value:
return None
if self.include_ip:
remote_addr = environ['REMOTE_ADDR']
else:
remote_addr = '0.0.0.0'
try:
timestamp, userid, tokens, user_data = auth_tkt.parse_ticket(
self.secret, cookie.value, remote_addr)
except auth_tkt.BadTicket as e:
print e
print "Bad cookie signature. I think the IP change."
#import os
#print os.environ['REMOTEHOST']
return None
if self.userid_checker and not self.userid_checker(userid):
return None
if self.timeout and ( (timestamp + self.timeout) < time.time() ):
return None
userid_typename = 'userid_type:'
user_data_info = user_data.split('|')
for datum in filter(None, user_data_info):
if datum.startswith(userid_typename):
userid_type = datum[len(userid_typename):]
decoder = self.userid_type_decoders.get(userid_type)
if decoder:
userid = decoder(userid)
environ['REMOTE_USER_TOKENS'] = tokens
environ['REMOTE_USER_DATA'] = user_data
environ['AUTH_TYPE'] = 'cookie'
identity = {}
identity['timestamp'] = timestamp
identity['repoze.who.userid'] = userid
identity['tokens'] = tokens
identity['userdata'] = user_data
environ['auth'] = True
return identity
def identify(self, environ):
'''
Identify the user
'''
remotes = environ['REMOTE_ADDR'].split(', ')
environ['REMOTE_ADDR'] = remotes[0]
environ['auth'] = False
cookies = get_cookies(environ)
cookie = cookies.get(self.cookie_name)
if cookie is None or not cookie.value:
return None
if self.include_ip:
remote_addr = environ['REMOTE_ADDR']
else:
remote_addr = '0.0.0.0'
try:
timestamp, userid, tokens, user_data = auth_tkt.parse_ticket(
self.secret, cookie.value, remote_addr)
except auth_tkt.BadTicket as e:
print e
print "Bad cookie signature. I think the IP change."
#import os
#print os.environ['REMOTEHOST']
return None
if self.userid_checker and not self.userid_checker(userid):
return None
if self.timeout and ((timestamp + self.timeout) < time.time()):
return None
userid_typename = 'userid_type:'
user_data_info = user_data.split('|')
for datum in filter(None, user_data_info):
if datum.startswith(userid_typename):
userid_type = datum[len(userid_typename):]
decoder = self.userid_type_decoders.get(userid_type)
if decoder:
userid = decoder(userid)
environ['REMOTE_USER_TOKENS'] = tokens
environ['REMOTE_USER_DATA'] = user_data
environ['AUTH_TYPE'] = 'cookie'
identity = {}
identity['timestamp'] = timestamp
identity['repoze.who.userid'] = userid
identity['tokens'] = tokens
identity['userdata'] = user_data
environ['auth'] = True
return identity
def remember(self, environ, identity):
if self.include_ip:
remote_addr = environ['REMOTE_ADDR']
else:
remote_addr = '0.0.0.0'
cookies = get_cookies(environ)
old_cookie = cookies.get(self.cookie_name)
existing = cookies.get(self.cookie_name)
old_cookie_value = getattr(existing, 'value', None)
max_age = identity.get('max_age', None)
timestamp, userid, tokens, userdata = None, '', (), ''
if old_cookie_value:
try:
timestamp,userid,tokens,userdata = auth_tkt.parse_ticket(
self.secret, old_cookie_value, remote_addr)
except auth_tkt.BadTicket:
pass
tokens = tuple(tokens)
who_userid = identity['repoze.who.userid']
who_tokens = tuple(identity.get('tokens', ()))
who_userdata = identity.get('userdata', '')
encoding_data = self.userid_type_encoders.get(type(who_userid))
if encoding_data:
encoding, encoder = encoding_data
who_userid = encoder(who_userid)
who_userdata = 'userid_type:%s' % encoding
old_data = (userid, tokens, userdata)
new_data = (who_userid, who_tokens, who_userdata)
if old_data != new_data or (self.reissue_time and
( (timestamp + self.reissue_time) < time.time() )):
ticket = auth_tkt.AuthTicket(
self.secret,
who_userid,
remote_addr,
tokens=who_tokens,
user_data=who_userdata,
cookie_name=self.cookie_name,
secure=self.secure)
new_cookie_value = ticket.cookie_value()
cur_domain = environ.get('HTTP_HOST', environ.get('SERVER_NAME'))
wild_domain = cur_domain[cur_domain.find('.'):]
#wild_domain = '.' + cur_domain
if old_cookie_value != new_cookie_value:
# return a set of Set-Cookie headers
return self._get_cookies(environ, new_cookie_value, max_age)
def __init__(self, app=None, request=None, settings={}):
"""initialize the Handler with the calling application and the request
it has to handle."""
self.app = app
self.request = request
self.settings = settings
self.userid = None
self.user = None
if self.request.cookies.has_key("u"):
at = self.request.cookies['u']
try:
self.timestamp, self.userid, self.roles, self.token_attribs = auth_tkt.parse_ticket(self.settings.shared_secret, at, "127.0.0.1")
self.settings.log.debug("found user %s in cookie" %self.userid)
except auth_tkt.BadTicket, e:
self.settings.log.error("BAD token detected: %s " %e)
pass
def identify(self, environ):
log.debug("cookieAuth identify")
cookies = get_cookies(environ)
cookie = cookies.get(self.cookie_name)
if cookie is None or not cookie.value:
return None
if self.include_ip:
remote_addr = environ['REMOTE_ADDR']
else:
remote_addr = '0.0.0.0'
try:
timestamp, userid, tokens, user_data = auth_tkt.parse_ticket(
self.secret, cookie.value, remote_addr)
except auth_tkt.BadTicket:
return None
if self.timeout and ( (timestamp + self.timeout) < time.time() ):
return None
userid_typename = 'userid_type:'
user_data_info = user_data.split('|')
for datum in filter(None, user_data_info):
if datum.startswith(userid_typename):
userid_type = datum[len(userid_typename):]
decoder = self.userid_type_decoders.get(userid_type)
if decoder:
userid = decoder(userid)
environ['REMOTE_USER_TOKENS'] = tokens
environ['REMOTE_USER_DATA'] = user_data
environ['AUTH_TYPE'] = 'cookie'
user_guid, login = userid.split("|")
identity = {}
identity['timestamp'] = timestamp
identity['midgard.user.guid'] = user_guid
identity['login'] = login
identity['tokens'] = tokens
identity['userdata'] = user_data
return identity
def identify(self, environ):
cookies = get_cookies(environ)
cookie = cookies.get(self.cookie_name)
if cookie is None or not cookie.value:
return None
if self.include_ip:
remote_addr = environ['REMOTE_ADDR']
else:
remote_addr = '0.0.0.0'
try:
timestamp, userid, tokens, user_data = auth_tkt.parse_ticket(
self.secret, cookie.value, remote_addr)
except auth_tkt.BadTicket:
return None
if self.timeout and ( (timestamp + self.timeout) < time.time() ):
return None
userid_typename = 'userid_type:'
user_data_info = user_data.split('|')
for datum in filter(None, user_data_info):
if datum.startswith(userid_typename):
userid_type = datum[len(userid_typename):]
decoder = self.userid_type_decoders.get(userid_type)
if decoder:
userid = decoder(userid)
environ['REMOTE_USER_TOKENS'] = tokens
environ['REMOTE_USER_DATA'] = user_data
environ['AUTH_TYPE'] = 'cookie'
identity = {}
identity['timestamp'] = timestamp
identity['repoze.who.plugins.auth_tkt.userid'] = userid
identity['tokens'] = tokens
identity['userdata'] = user_data
return identity