def process_user_data(self, data):
id = data[self.user_data_id_field]
email = data.get(self.user_data_email_field)
user = (
User.get_instance(**{self.user_identifier: id})
or (
email
and User.get_instance(email = email)
)
)
if user is None:
user = User()
if not user.get(self.user_identifier):
user.set(self.user_identifier, id)
if not user.email:
user.email = email
first_login = True
else:
first_login = False
self.user_authenticated(
user = user,
data = data,
first_login = first_login
)
user.insert()
return user
def login(self, identifier, password):
"""Attempts to establish a new user session, using the given user
credentials.
@param identifier: An identifier matching a single user in the
database. Matches are made against the field indicated by the
L{identifier_field>} attribute.
@type identifier: str
@param password: The unencrypted password for the user.
@type: str
@return: The authenticated user.
@rtype: L{User<woost.models.user.User>}
@raise L{AuthenticationFailedError}: Raised if the provided user
credentials are invalid.
"""
identifier = identifier.strip()
if identifier and password:
params = {self.identifier_field.name: identifier}
user = User.get_instance(**params)
if user and user.enabled and user.test_password(password):
self.set_user_session(user)
return user
raise AuthenticationFailedError(identifier)
def process_header_based_authentication(self):
user_header = cherrypy.request.headers.get("X-Woost-User")
password_header = cherrypy.request.headers.get("X-Woost-Password")
if user_header and password_header:
params = {self.identifier_field.name: user_header}
user = User.get_instance(**params)
if user is None or not user.password == password_header:
raise AuthenticationFailedError(user_header)
else:
set_current_user(user)
def submit(self):
if self.email or self.hash:
# Checking hash code
if generate_confirmation_hash(self.email) == self.hash:
instance = User.get_instance(email=self.email)
if instance:
# Confirming and enabling user instance
instance.set("confirmed_email", True)
instance.set("enabled", True)
self.confirmed = True
datastore.commit()
# Autologin after confirmation
if self.autologin:
self.context["cms"].authentication.set_user_session(
instance)
def get_user_from_session(self):
session_user_id = session.get(self.SESSION_KEY)
if session_user_id:
return User.get_instance(session_user_id)
def anonymous_user(self):
return User.get_instance(qname = "woost.anonymous_user")
def user(self):
if self.identifier:
return User.get_instance(
**{self.identifier_member.name: self.identifier})