def _check_user(self, username, pw_hash): username = str(username) pw_hash = str(pw_hash) # This function is really just a post-validation item. default_store = api.get_default_store() current_branch = api.get_current_branch(default_store) user = LoginUser.authenticate(default_store, username, pw_hash, current_branch) # Dont know why, but some users have this empty. Prevent user from # login in, since it will break later if not user.profile: msg = (_("User '%s' has no profile set, " "but this should not happen.") % user.username + '\n\n' + _("Please contact your system administrator or Stoq team.")) warning(msg) raise LoginError(_("User does not have a profile")) user.login() # ICurrentUser might already be provided which is the case when # creating a new database, thus we need to replace it. provide_utility(ICurrentUser, user, replace=True) return user
def _check_user(self, username, pw_hash): username = unicode(username) pw_hash = unicode(pw_hash) # This function is really just a post-validation item. default_store = api.get_default_store() current_branch = api.get_current_branch(default_store) user = LoginUser.authenticate(default_store, username, pw_hash, current_branch) # Dont know why, but some users have this empty. Prevent user from # login in, since it will break later if not user.profile: msg = (_("User '%s' has no profile set, " "but this should not happen.") % user.username + '\n\n' + _("Please contact your system administrator or Stoq team.")) warning(msg) raise LoginError(_("User does not have a profile")) user.login() # ICurrentUser might already be provided which is the case when # creating a new database, thus we need to replace it. provide_utility(ICurrentUser, user, replace=True) return user
def on_confirm(self): password = LoginUser.hash(self.model.password) current_branch = api.get_current_branch(self.store) try: self.retval = LoginUser.authenticate(self.store, self.model.username, password, current_branch) except LoginError as e: self.retval = None warning(str(e))
def on_confirm(self): password = LoginUser.hash(self.model.password) current_branch = api.get_current_branch(self.store) try: self.retval = LoginUser.authenticate(self.store, self.model.username, password, current_branch) except LoginError as e: self.retval = None warning(str(e))
def post(self): username = self.get_arg('user') pw_hash = self.get_arg('pw_hash') with api.new_store() as store: try: # FIXME: Respect the branch the user is in. user = LoginUser.authenticate(store, username, pw_hash, current_branch=None) provide_utility(ICurrentUser, user, replace=True) except LoginError as e: abort(403, str(e)) return user.id
def requestAvatarId(self, credentials): with api.new_store() as store: try: login_ok = LoginUser.authenticate( store, unicode(credentials.username), unicode(credentials.password), None) except LoginError as err: return defer.fail(cred_error.UnauthorizedLogin(str(err))) assert login_ok return defer.succeed(credentials.username)
def post(self, store): username = self.get_arg('user') pw_hash = self.get_arg('pw_hash') permission = self.get_arg('permission') try: # FIXME: Respect the branch the user is in. user = LoginUser.authenticate(store, username, pw_hash, current_branch=None) except LoginError as e: return make_response(str(e), 403) if user.profile.check_app_permission(permission): return True return make_response(_('User does not have permission'), 403)
def do_GET(self): auth = self.headers.getheader('Authorization') if not auth or not auth.startswith('Basic '): self.do_AUTHHEAD() self.wfile.write('Missing authentication') return encoded_auth = auth.replace('Basic ', '') username, password = base64.b64decode(encoded_auth).split(':') with api.new_store() as store: try: login_ok = LoginUser.authenticate(store, unicode(username), unicode(password), None) except LoginError: login_ok = False if not login_ok: self.send_error(403, "User not found") return return SimpleHTTPServer.SimpleHTTPRequestHandler.do_GET(self)
def do_GET(self): auth = self.headers.getheader('Authorization') if not auth or not auth.startswith('Basic '): self.do_AUTHHEAD() self.wfile.write('Missing authentication') return encoded_auth = auth.replace('Basic ', '') username, password = base64.b64decode(encoded_auth).split(':') with api.new_store() as store: try: login_ok = LoginUser.authenticate( store, str(username), str(password), None) except LoginError: login_ok = False if not login_ok: self.send_error(403, "User not found") return return http.server.SimpleHTTPRequestHandler.do_GET(self)