def set_preference(self, key, val): """ Sets a user's preference """ self._load_prefs() if key in self.preferences_dict: self.preferences_dict[key].value = val pref = self.preferences_dict[key] else: pref = UserPreference(key=key, value=val, user=self) Session.add(pref) self.preferences_dict[key] = pref return pref
def __call__(self, environ, start_response): """Invoke the Controller""" # WSGIController.__call__ dispatches to the Controller method # the request is routed to. This routing information is # available in environ['pylons.routes_dict'] try: self._session = Session if '_debug_frontend' in request.params: #now we can force this no matter the environment. c.debug_frontend = request.params['_debug_frontend'] == 'True' else: c.debug_frontend = not h.is_production() #this is used by timer proxy and the templates c.show_debug = bool(session.get('show_debug')) request.environ['USER'] = session.get('username', '') request.environ['REAL_USER'] = session.get('real_username', '') # set the start of the rendering c.render_start = time.time() c.requested_url = request.environ.get('PATH_INFO') if request.environ.get('QUERY_STRING'): c.requested_url += '?' + request.environ['QUERY_STRING'] logger.info(c.requested_url) # Capture IP address in non-ssl mode, so we can use it in SSL mode see ticket #2275 ip = auth.get_user_ip() if not session.get('IP_ADDRESS') and ip: session['IP_ADDRESS'] = ip elif not session.get('IP_ADDRESS') and request.environ.get('HTTP_RLNCLIENTIPADDR'): session['IP_ADDRESS'] = request.environ.get('HTTP_RLNCLIENTIPADDR') elif not session.get('IP_ADDRESS') and request.environ.get('REMOTE_ADDR'): session['IP_ADDRESS'] = request.environ.get('REMOTE_ADDR') # Save the first referer we see to store in user record when/if we create one. if not session.get('referer'): session['referer'] = environ.get('HTTP_REFERER','').decode('utf-8','ignore') session.save() return WSGIController.__call__(self, environ, start_response) finally: if 'paste.testing_variables' not in request.environ: Session.remove()
def authenticate(username, password, redirect_after=True, from_http_auth=False): q = Session.query(users.User) q = q.filter(sa.or_(users.User.username==username, users.User.email==username)) u = q.first() if u and u.is_active and u.does_password_match(password): return login(u, redirect_after=redirect_after, from_http_auth=from_http_auth) else: raise exceptions.ClientException('Email and password do not match.', code=exceptions.MISMATCH, field='password') return None
def get_user(key='user'): """ Gets the user model object if user has logged on. Will be the pretend user if an admin is pretending to be someone. Returns/sets a cached copy (from the context c var) """ if getattr(c, key): return getattr(c, key) user_id = session.get(key) if user_id: setattr(c, key, Session.query(users.User).outerjoin(users.UserPreference).filter(users.User.id == user_id).first()) if session['user'] == session['real_user']: c.user = c.real_user = getattr(c, key) else: setattr(c, key, None) return getattr(c, key)