def process_login(self, username, password, **kwargs): rootURL, local = cherrypy.request.app.config['filelocker']['root_url'], False if kwargs.has_key("local") and kwargs['local'] == str(True): local = True username = strip_tags(username) if password is None or password == "": raise cherrypy.HTTPRedirect("%s/login?msg=3&local=%s" % (rootURL, str(local))) else: directory = AccountService.ExternalDirectory(local) if directory.authenticate(username, password): cherrypy.session['request-origin'] = str(os.urandom(32).encode('hex'))[0:32] currentUser = AccountService.get_user(username, True) #if they are authenticated and local, this MUST return a user object if currentUser is not None: if not currentUser.authorized: raise cherrypy.HTTPError(403, "You do not have permission to access this system") session.add(AuditLog(cherrypy.session.get("user").id, "Login", "User %s logged in successfully from IP %s" % (currentUser.id, Filelocker.get_client_address()))) session.commit() raise cherrypy.HTTPRedirect(rootURL) else: #This should only happen in the case of a user existing in the external directory, but having never logged in before try: newUser = directory.lookup_user(username) AccountService.install_user(newUser) currentUser = AccountService.get_user(username, True) if currentUser is not None and currentUser.authorized != False: raise cherrypy.HTTPRedirect(rootURL) else: raise cherrypy.HTTPError(403, "You do not have permission to access this system") except Exception, e: return "Unable to install user: %s" % str(e) else:
def process_login(self, username, password, **kwargs): rootURL, local = cherrypy.request.app.config['filelocker'][ 'root_url'], False if kwargs.has_key("local") and kwargs['local'] == str(True): local = True username = strip_tags(username) if password is None or password == "": raise cherrypy.HTTPRedirect("%s/login?msg=3&local=%s" % (rootURL, str(local))) else: directory = AccountService.ExternalDirectory(local) if directory.authenticate(username, password): cherrypy.session['request-origin'] = str( os.urandom(32).encode('hex'))[0:32] currentUser = AccountService.get_user( username, True ) #if they are authenticated and local, this MUST return a user object if currentUser is not None: if not currentUser.authorized: raise cherrypy.HTTPError( 403, "You do not have permission to access this system") session.add( AuditLog( cherrypy.session.get("user").id, "Login", "User %s logged in successfully from IP %s" % (currentUser.id, Filelocker.get_client_address()))) session.commit() raise cherrypy.HTTPRedirect(rootURL) else: #This should only happen in the case of a user existing in the external directory, but having never logged in before try: newUser = directory.lookup_user(username) AccountService.install_user(newUser) currentUser = AccountService.get_user(username, True) if currentUser is not None and currentUser.authorized != False: raise cherrypy.HTTPRedirect(rootURL) else: raise cherrypy.HTTPError( 403, "You do not have permission to access this system" ) except Exception, e: return "Unable to install user: %s" % str(e) else:
if cherrypy.request.params.has_key("ticket"): valid_ticket, userId = casConnector.validate_ticket( rootURL, cherrypy.request.params['ticket']) if valid_ticket: currentUser = AccountService.get_user(userId, True) cherrypy.session['request-origin'] = str( os.urandom(32).encode('hex'))[0:32] if currentUser is None: currentUser = User(id=userId, display_name="Guest user", first_name="Unknown", last_name="Unknown") cherrypy.log.error( "[%s] [requires_login] [User authenticated, but not found in directory - installing with defaults]" % str(userId)) AccountService.install_user(currentUser) currentUser = AccountService.get_user( currentUser.id, True) #To populate attributes if not currentUser.authorized: raise cherrypy.HTTPError( 403, "Your user account does not have access to this system." ) session.add( AuditLog( currentUser.id, "Login", "User %s logged in successfully from IP %s" % (currentUser.id, get_client_address()))) session.commit() if currentUser.date_tos_accept is None:
casUrl = session.query(ConfigParameter).filter(ConfigParameter.name == "cas_url").one().value casConnector = CAS(casUrl) if cherrypy.request.params.has_key("ticket"): valid_ticket, userId = casConnector.validate_ticket(rootURL, cherrypy.request.params["ticket"]) if valid_ticket: currentUser = AccountService.get_user(userId, True) cherrypy.session["request-origin"] = str(os.urandom(32).encode("hex"))[0:32] if currentUser is None: currentUser = User( id=userId, display_name="Guest user", first_name="Unknown", last_name="Unknown" ) cherrypy.log.error( "[%s] [requires_login] [User authenticated, but not found in directory - installing with defaults]" % str(userId) ) AccountService.install_user(currentUser) currentUser = AccountService.get_user(currentUser.id, True) # To populate attributes if not currentUser.authorized: raise cherrypy.HTTPError(403, "Your user account does not have access to this system.") session.add( AuditLog( currentUser.id, "Login", "User %s logged in successfully from IP %s" % (currentUser.id, get_client_address()), ) ) session.commit() if currentUser.date_tos_accept is None: if format == None: raise cherrypy.HTTPRedirect(rootURL + "/sign_tos")