def _login(request, filter_, pwd, remote_addr):
"""
Performs login.
Called by the ``login_by...`` functions which initialise the filter.
"""
filter_.append(User.is_enabled == True)
filter_.append(User.is_blocked == False)
sess = DbSession()
try:
u = sess.query(User).filter(and_(*filter_)).one()
except NoResultFound:
raise AuthError('User not found')
# We have found the requested user, now broadcast this info so that
# preparations can take place before we actually log him in.
request.registry.notify(BeforeUserLoggedIn(request, u))
# Now log user in
if not pym.security.pwd_context.verify(pwd, u.pwd):
raise AuthError('Wrong credentials')
# And save some stats
u.login_time = datetime.datetime.now()
u.login_ip = remote_addr
u.logout_time = None
u.editor_id = SYSTEM_UID
request.registry.notify(
UserLoggedIn(request, u)
)
return u
def logout(request, uid):
"""
Performs logout.
"""
sess = DbSession()
u = sess.query(User).filter(User.id == uid).one()
u.login_ip = None
u.login_time = None
u.access_time = None
u.logout_time = datetime.datetime.now()
u.editor_id = SYSTEM_UID
request.registry.notify(UserLoggedOut(request, u))
return u
def load_by_principal(principal):
"""
Loads a user instance by principal.
"""
sess = DbSession()
try:
p = sess.query(User).options(
FromCache("auth_short_term",
cache_key='auth:user:{}'.format(principal))
).filter(
User.principal == principal
).one()
except NoResultFound:
raise AuthError("User not found by principal '{}'".format(principal))
return p
