def updateCredentials(self, request, creds, temp=False):
if ISimpleCredentials.providedBy(creds):
global cache
cache.defaultcreds = (creds, temp)
def authenticateCredentials(self, credentials):
# simple login
if ISimpleCredentials.providedBy(credentials):
if credentials.principalinfo is not None and \
IPrincipalInfo.providedBy(credentials.principalinfo) and \
credentials.principalinfo.internalId in self:
return credentials.principalinfo
if not credentials.login:
return None
id = self.__id_by_login.get(credentials.login)
if id is None:
id = self.__id_by_login.get(credentials.login.lower())
if id is None:
return None
internal = self[id]
password = getattr(
internal, 'password', getattr(internal, '_password', ''))
ptool = getUtility(IPasswordTool)
if not ptool.checkPassword(password, credentials.password):
return None
pinfo = PrincipalInfo(self.prefix + id, internal)
credentials.principalinfo = pinfo
return pinfo
# openid login
if IOpenIdCredentials.providedBy(credentials):
if credentials.failed:
return None
if credentials.principalInfo is not None \
and credentials.principalInfo.internalId in self:
return credentials.principalInfo
request = credentials.request
consumer = Consumer(ISession(request)[SESSION_KEY], self.store)
returnto = credentials.parameters.get(
'openid.return_to', getReturnToURL(request))
response = consumer.complete(
credentials.parameters, returnto.split('?')[0])
if isinstance(response, SuccessResponse):
identifier = normalizeIdentifier(response.identity_url)
principalId = self.getPrincipalByOpenIdIdentifier(identifier)
if principalId is None:
# Principal does not exist
data = ISession(request)[SESSION_KEY]
data['reqregister'] = True
data['identifier'] = identifier
credentials.failed = True
return None
principalInfo = self.principalInfo(self.prefix + principalId)
credentials.principalInfo = principalInfo
return principalInfo
else:
raise PrincipalInitializationFailed(response.message)
