def authenticateCredentials(self, credentials):
""" See IAuthenticationPlugin.
o We expect the credentials to be those returned by
ILoginPasswordExtractionPlugin.
"""
login = credentials.get('login')
password = credentials.get('password')
if login is None or password is None:
return None
# We can't depend on security when authenticating the user,
# or we'll get stuck in loops
mbtool = getToolByName(self, TOOLNAME)
member = mbtool.getUserAuthProvider(login)
if member is None:
return None
# Check workflow state is active
wftool = getToolByName(self, 'portal_workflow')
review_state = wftool.getInfoFor(member, 'review_state')
wfmapper = ICategoryMapper(mbtool)
cat_set = generateCategorySetIdForType(member.portal_type)
if not wfmapper.isInCategory(cat_set, ACTIVE_STATUS_CATEGORY,
review_state):
return None
# Delegate to member object
member = IMembraneUserAuth(member)
return member.authenticateCredentials(credentials)
def authenticate_credentials(context, login, password):
user = _get_user(context, login)
if user is None or user.locked:
return None
# We could check user.password directly, but lets defer to the membrane
# auth framework so the password checking code is all in one place.
auth = IMembraneUserAuth(user, None)
info = auth.authenticateCredentials({'login': login, 'password': password})
if info is None:
return None
else:
return user
def authenticate_credentials(context, login, password):
user = _get_user(context, login)
if user is None or user.locked:
return None
# We could check user.password directly, but lets defer to the membrane
# auth framework so the password checking code is all in one place.
auth = IMembraneUserAuth(user, None)
info = auth.authenticateCredentials(
{'login': login, 'password': password})
if info is None:
return None
else:
return user
