def __call__(self):
if self.request.params.get('form.submitted', None) is not None:
resp = self.login()
if resp:
# if this returned with something, we deal with it
return resp
# Log in user seamlessly with kerberos if enabled
try_kerberos = self.request.GET.get('try_kerberos', None)
if try_kerberos:
try_kerberos = asbool(try_kerberos)
else:
try_kerberos = asbool(get_config_setting('kerberos', 'False'))
if try_kerberos:
from karl.security.kerberos_auth import get_kerberos_userid
userid = get_kerberos_userid(self.request)
if userid:
return remember_login(self.context, self.request, userid, None)
# Break infinite loop if kerberos authorization fails
if (self.request.authorization
and self.request.authorization[0] == 'Negotiate'):
try_kerberos = False
page_title = 'Login to %s' % get_setting(self.context, 'title')
api = TemplateAPI(self.context, self.request, page_title)
sso_providers = []
sso = self.settings.get('sso')
if sso:
# importing here rather than in global scope allows to only require
# velruse be installed for systems using it.
from velruse import login_url
for name in sso.split():
provider = self.settings.get('sso.%s.provider' % name)
title = self.settings.get('sso.%s.title' % name)
sso_providers.append({
'title': title,
'name': name,
'url': login_url(self.request, provider)
})
api.status_message = self.request.params.get('reason', None)
response = render_to_response(
'templates/login.pt',
dict(api=api,
nothing='',
try_kerberos=try_kerberos,
sso_providers=sso_providers,
came_from=self.request.params.get('came_from', ''),
app_url=self.request.application_url),
request=self.request)
forget_headers = forget(self.request)
response.headers.extend(forget_headers)
return response
def __call__(self):
if self.request.params.get('form.submitted', None) is not None:
resp = self.login()
if resp:
# if this returned with something, we deal with it
return resp
# Log in user seamlessly with kerberos if enabled
try_kerberos = self.request.GET.get('try_kerberos', None)
if try_kerberos:
try_kerberos = asbool(try_kerberos)
else:
try_kerberos = asbool(get_config_setting('kerberos', 'False'))
if try_kerberos:
from karl.security.kerberos_auth import get_kerberos_userid
userid = get_kerberos_userid(self.request)
if userid:
return remember_login(self.context, self.request, userid, None)
# Break infinite loop if kerberos authorization fails
if (self.request.authorization and
self.request.authorization[0] == 'Negotiate'):
try_kerberos = False
page_title = 'Login to %s' % get_setting(self.context, 'title')
api = TemplateAPI(self.context, self.request, page_title)
sso_providers = []
sso = self.settings.get('sso')
if sso:
# importing here rather than in global scope allows to only require
# velruse be installed for systems using it.
from velruse import login_url
for name in sso.split():
provider = self.settings.get('sso.%s.provider' % name)
title = self.settings.get('sso.%s.title' % name)
sso_providers.append({'title': title, 'name': name,
'url': login_url(self.request, provider)})
api.status_message = self.request.params.get('reason', None)
response = render_to_response(
'templates/login.pt',
dict(
api=api,
nothing='',
try_kerberos=try_kerberos,
sso_providers=sso_providers,
came_from=self.request.params.get('came_from', ''),
app_url=self.request.application_url),
request=self.request)
forget_headers = forget(self.request)
response.headers.extend(forget_headers)
return response
def login_view(context, request):
settings = request.registry.settings
came_from = request.session.get('came_from', request.url)
came_from = _fixup_came_from(request, came_from)
request.session['came_from'] = came_from
if request.params.get('form.submitted', None) is not None:
# identify
login = request.POST.get('login')
password = request.POST.get('password')
if login is None or password is None:
return HTTPFound(location='%s/login.html'
% request.application_url)
max_age = request.POST.get('max_age')
if max_age is not None:
max_age = int(max_age)
# authenticate
userid = None
reason = 'Bad username or password'
users = find_users(context)
for authenticate in (password_authenticator, impersonate_authenticator):
userid = authenticate(users, login, password)
if userid:
break
# if not successful, try again
if not userid:
redirect = request.resource_url(
request.root, 'login.html', query={'reason': reason})
return HTTPFound(location=redirect)
# else, remember
return remember_login(context, request, userid, max_age)
# Log in user seamlessly with kerberos if enabled
try_kerberos = request.GET.get('try_kerberos', None)
if try_kerberos:
try_kerberos = asbool(try_kerberos)
else:
try_kerberos = asbool(get_setting(context, 'kerberos', 'False'))
if try_kerberos:
from karl.security.kerberos_auth import get_kerberos_userid
userid = get_kerberos_userid(request)
if userid:
return remember_login(context, request, userid, None)
# Break infinite loop if kerberos authorization fails
if request.authorization and request.authorization[0] == 'Negotiate':
try_kerberos = False
page_title = 'Login to %s' % settings.get('system_name', 'KARL') # Per #366377, don't say what screen
api = TemplateAPI(context, request, page_title)
sso_providers = []
sso = settings.get('sso')
if sso:
# importing here rather than in global scope allows to only require
# velruse be installed for systems using it.
from velruse import login_url
for name in sso.split():
provider = settings.get('sso.%s.provider' % name)
title = settings.get('sso.%s.title' % name)
sso_providers.append({'title': title, 'name': name,
'url': login_url(request, provider)})
api.status_message = request.params.get('reason', None)
response = render_to_response(
'templates/login.pt',
dict(
api=api,
nothing='',
try_kerberos=try_kerberos,
sso_providers=sso_providers,
app_url=request.application_url),
request=request)
forget_headers = forget(request)
response.headers.extend(forget_headers)
return response
def login_view(context, request):
settings = request.registry.settings
request.layout_manager.use_layout('anonymous')
came_from = _fixup_came_from(request, request.POST.get('came_from'))
if request.params.get('form.submitted', None) is not None:
challenge_qs = {'came_from': came_from}
# identify
login = request.POST.get('login')
password = request.POST.get('password')
if login is None or password is None:
return HTTPFound(location='%s/login.html' %
request.application_url)
max_age = request.POST.get('max_age')
if max_age is not None:
max_age = int(max_age)
# authenticate
userid = None
reason = 'Bad username or password'
users = find_users(context)
for authenticate in (password_authenticator,
impersonate_authenticator):
userid = authenticate(users, login, password)
if userid:
break
# if not successful, try again
if not userid:
challenge_qs['reason'] = reason
return HTTPFound(
location='%s/login.html?%s' %
(request.application_url, urlencode(challenge_qs, doseq=True)))
# else, remember
return remember_login(context, request, userid, max_age, came_from)
# Log in user seamlessly with kerberos if enabled
try_kerberos = request.GET.get('try_kerberos', None)
if try_kerberos:
try_kerberos = asbool(try_kerberos)
else:
try_kerberos = asbool(get_setting(context, 'kerberos', 'False'))
if try_kerberos:
from karl.security.kerberos_auth import get_kerberos_userid
userid = get_kerberos_userid(request)
if userid:
return remember_login(context, request, userid, None, came_from)
# Break infinite loop if kerberos authorization fails
if request.authorization and request.authorization[0] == 'Negotiate':
try_kerberos = False
page_title = 'Login to %s' % settings.get(
'system_name', 'KARL') # Per #366377, don't say what screen
layout = request.layout_manager.layout
layout.page_title = page_title
api = TemplateAPI(context, request, page_title)
came_from = _fixup_came_from(request,
request.params.get('came_from', request.url))
request.session['came_from'] = came_from
sso_providers = []
sso = settings.get('sso')
if sso:
# importing here rather than in global scope allows to only require
# velruse be installed for systems using it.
from velruse import login_url
for name in sso.split():
provider = settings.get('sso.%s.provider' % name)
title = settings.get('sso.%s.title' % name)
sso_providers.append({
'title': title,
'name': name,
'url': login_url(request, provider)
})
api.status_message = request.params.get('reason', None)
response = render_to_response('templates/login.pt',
dict(api=api,
came_from=came_from,
nothing='',
try_kerberos=try_kerberos,
sso_providers=sso_providers,
app_url=request.application_url),
request=request)
forget_headers = forget(request)
response.headers.extend(forget_headers)
return response
def login_view(context, request):
request.layout_manager.use_layout('anonymous')
came_from = _fixup_came_from(request, request.POST.get('came_from'))
if request.params.get('form.submitted', None) is not None:
challenge_qs = {'came_from': came_from}
# identify
login = request.POST.get('login')
password = request.POST.get('password')
if login is None or password is None:
return HTTPFound(location='%s/login.html'
% request.application_url)
max_age = request.POST.get('max_age')
if max_age is not None:
max_age = int(max_age)
# authenticate
userid = None
reason = 'Bad username or password'
users = find_users(context)
for authenticate in (password_authenticator, impersonate_authenticator):
userid = authenticate(users, login, password)
if userid:
break
# if not successful, try again
if not userid:
challenge_qs['reason'] = reason
return HTTPFound(location='%s/login.html?%s'
% (request.application_url,
urlencode(challenge_qs, doseq=True)))
# else, remember
return remember_login(context, request, userid, max_age, came_from)
# Log in user seamlessly with kerberos if enabled
try_kerberos = request.GET.get('try_kerberos', None)
if try_kerberos:
try_kerberos = asbool(try_kerberos)
else:
try_kerberos = asbool(get_setting(context, 'kerberos', 'False'))
if try_kerberos:
from karl.security.kerberos_auth import get_kerberos_userid
userid = get_kerberos_userid(request)
if userid:
return remember_login(context, request, userid, None, came_from)
# Break infinite loop if kerberos authorization fails
if request.authorization and request.authorization[0] == 'Negotiate':
try_kerberos = False
page_title = 'Login to %s' % request.registry.settings.get('system_name', 'KARL') # Per #366377, don't say what screen
layout = request.layout_manager.layout
layout.page_title = page_title
api = TemplateAPI(context, request, page_title)
came_from = _fixup_came_from(request,
request.params.get('came_from', request.url))
api.status_message = request.params.get('reason', None)
response = render_to_response(
'templates/login.pt',
dict(
api=api,
came_from=came_from,
nothing='',
try_kerberos=try_kerberos,
app_url=request.application_url),
request=request)
forget_headers = forget(request)
response.headers.extend(forget_headers)
return response