def setup_auth(app, authmetadata, form_plugin=None, form_identifies=True, cookie_secret='secret', cookie_name='authtkt', login_url='/login', login_handler='/login_handler', post_login_url=None, logout_handler='/logout_handler', post_logout_url=None, login_counter_name=None, cookie_timeout=None, cookie_reissue_time=None, **who_args): """ Sets :mod:`repoze.who` up with the provided authenticators and options to create FriendlyFormPlugin/FastFormPlugin. It returns a middleware that provides identification, authentication and authorization in a way that is compatible with repoze.who and repoze.what. """ if 'charset' in who_args: #pragma: no cover log.warn('charset argument in authentication setup is ignored') who_args.pop('charset') # If no identifiers are provided in repoze setup arguments # then create a default one using AuthTktCookiePlugin. if 'identifiers' not in who_args: from repoze.who.plugins.auth_tkt import AuthTktCookiePlugin cookie = AuthTktCookiePlugin(cookie_secret, cookie_name, timeout=cookie_timeout, reissue_time=cookie_reissue_time) who_args['identifiers'] = [('cookie', cookie)] who_args['authenticators'].insert(0, ('cookie', cookie)) # If no form plugin is provided then create a default # one using the provided options. if form_plugin is None: from tg.configuration.auth.fastform import FastFormPlugin form = FastFormPlugin(login_url, login_handler, post_login_url, logout_handler, post_logout_url, rememberer_name='cookie', login_counter_name=login_counter_name) else: form = form_plugin if form_identifies: who_args['identifiers'].insert(0, ('main_identifier', form)) # Setting the repoze.who challengers: if 'challengers' not in who_args: who_args['challengers'] = [] who_args['challengers'].append(('form', form)) # Including logging log_file = who_args.pop('log_file', None) if log_file is not None: if log_file.lower() == 'stdout': log_stream = sys.stdout elif log_file.lower() == 'stderr': log_stream = sys.stderr else: log_stream = open(log_file, 'wb') who_args['log_stream'] = log_stream log_level = who_args.get('log_level', None) if log_level is None: log_level = logging.INFO else: log_level = _LEVELS[log_level.lower()] who_args['log_level'] = log_level # Setting up the metadata provider for the user informations if 'mdproviders' not in who_args: who_args['mdproviders'] = [] if authmetadata: authmd = _AuthMetadataProvider(authmetadata) who_args['mdproviders'].append(('authmd', authmd)) # Set up default classifier if 'classifier' not in who_args: who_args['classifier'] = default_request_classifier # Set up default challenger decider if 'challenge_decider' not in who_args: who_args['challenge_decider'] = turbogears_challenge_decider skip_authn = who_args.pop('skip_authentication', False) if asbool(skip_authn): return _AuthenticationForgerMiddleware(app, **who_args) else: return PluggableAuthenticationMiddleware(app, **who_args)
def setup(self): self.fform = FastFormPlugin('/login', '/login_handler', '/post_login', '/logout_handler', '/post_logout', 'cookie')
class TestFastFormPlugin(object): def setup(self): self.fform = FastFormPlugin('/login', '/login_handler', '/post_login', '/logout_handler', '/post_logout', 'cookie') def test_login(self): env = build_env('/login_handler', 'login=user&password=pwd&came_from=/goback') cred = self.fform.identify(env) assert isinstance(env['repoze.who.application'], HTTPFound) assert cred['login'] == 'user' assert cred['password'] == 'pwd' assert env['repoze.who.application'].location == '/post_login?came_from=%2Fgoback' def test_login_nocred(self): env = build_env('/login_handler', 'login=user&came_from=/goback') cred = self.fform.identify(env) assert cred is None def test_login_counter(self): env = build_env('/login_handler', 'login=user&password=pwd&__logins=1') cred = self.fform.identify(env) assert isinstance(env['repoze.who.application'], HTTPFound) assert cred['login'] == 'user' assert cred['password'] == 'pwd' assert env['repoze.who.application'].location == '/post_login?__logins=1' def test_login_counter_keep(self): env = build_env('/login', '__logins=1') self.fform.identify(env) assert 'logins' not in env['QUERY_STRING'] assert env['repoze.who.logins'] == 1 def test_logout_handler(self): env = build_env('/logout_handler', 'came_from=%2Fgoback') self.fform.identify(env) assert isinstance(env['repoze.who.application'], HTTPUnauthorized) assert env['came_from'] == '/goback' def test_logout_handler_no_came_from(self): env = build_env('/logout_handler') self.fform.identify(env) assert isinstance(env['repoze.who.application'], HTTPUnauthorized) assert env['came_from'] == '/' def test_logout_handler_challenge(self): env = build_env('/logout_handler', 'came_from=%2Fgoback') self.fform.identify(env) ans = self.fform.challenge(env, '401 Unauthorized', [('app', '1')], [('forget', '1')]) assert isinstance(ans, HTTPFound) assert ans.location == '/post_logout?came_from=%2Fgoback' def test_challenge_redirect_to_form(self): env = build_env('/private', SCRIPT_NAME='/SOMEWHERE') ans = self.fform.challenge(env, '401 Unauthorized', [('app', '1')], [('forget', '1')]) assert isinstance(ans, HTTPFound) assert ans.location == '/SOMEWHERE/login?came_from=%2FSOMEWHERE%2Fprivate' def test_remember_forget(self): env = build_env('/private', SCRIPT_NAME='/SOMEWHERE') assert self.fform.remember(env, {}) == 'REMEMBER' assert self.fform.forget(env, {}) == 'FORGET' def test_repr(self): assert repr(self.fform).startswith('<FastFormPlugin:/login_handler')
class TestFastFormPlugin(object): def setup(self): self.fform = FastFormPlugin('/login', '/login_handler', '/post_login', '/logout_handler', '/post_logout', 'cookie') def test_login(self): env = build_env('/login_handler', 'login=user&password=pwd&came_from=/goback') cred = self.fform.identify(env) assert isinstance(env['repoze.who.application'], HTTPFound) assert cred['login'] == 'user' assert cred['password'] == 'pwd' assert env[ 'repoze.who.application'].location == '/post_login?came_from=%2Fgoback' def test_login_nocred(self): env = build_env('/login_handler', 'login=user&came_from=/goback') cred = self.fform.identify(env) assert cred is None def test_login_counter(self): env = build_env('/login_handler', 'login=user&password=pwd&__logins=1') cred = self.fform.identify(env) assert isinstance(env['repoze.who.application'], HTTPFound) assert cred['login'] == 'user' assert cred['password'] == 'pwd' assert env[ 'repoze.who.application'].location == '/post_login?__logins=1' def test_login_counter_keep(self): env = build_env('/login', '__logins=1') self.fform.identify(env) assert 'logins' not in env['QUERY_STRING'] assert env['repoze.who.logins'] == 1 def test_logout_handler(self): env = build_env('/logout_handler', 'came_from=%2Fgoback') self.fform.identify(env) assert isinstance(env['repoze.who.application'], HTTPUnauthorized) assert env['came_from'] == '/goback' def test_logout_handler_no_came_from(self): env = build_env('/logout_handler') self.fform.identify(env) assert isinstance(env['repoze.who.application'], HTTPUnauthorized) assert env['came_from'] == '/' def test_logout_handler_challenge(self): env = build_env('/logout_handler', 'came_from=%2Fgoback') self.fform.identify(env) ans = self.fform.challenge(env, '401 Unauthorized', [('app', '1')], [('forget', '1')]) assert isinstance(ans, HTTPFound) assert ans.location == '/post_logout?came_from=%2Fgoback' def test_challenge_redirect_to_form(self): env = build_env('/private', SCRIPT_NAME='/SOMEWHERE') ans = self.fform.challenge(env, '401 Unauthorized', [('app', '1')], [('forget', '1')]) assert isinstance(ans, HTTPFound) assert ans.location == '/SOMEWHERE/login?came_from=%2FSOMEWHERE%2Fprivate' def test_challenge_redirect_to_form_with_args(self): env = build_env('/private', qs='A=1&B=2', SCRIPT_NAME='/SOMEWHERE') ans = self.fform.challenge(env, '401 Unauthorized', [('app', '1')], [('forget', '1')]) assert isinstance(ans, HTTPFound) # Cope with different dictionary ordering on Py2 and Py3 assert ans.location in ( '/SOMEWHERE/login?came_from=%2FSOMEWHERE%2Fprivate%3FA%3D1%26B%3D2', '/SOMEWHERE/login?came_from=%2FSOMEWHERE%2Fprivate%3FB%3D2%26A%3D1' ), ans.location def test_remember_forget(self): env = build_env('/private', SCRIPT_NAME='/SOMEWHERE') assert self.fform.remember(env, {}) == 'REMEMBER' assert self.fform.forget(env, {}) == 'FORGET' def test_repr(self): assert repr(self.fform).startswith('<FastFormPlugin:/login_handler')