def login(context, request): """ Login Route Login route to authenticate a user against Plone. """ # extract the data __ac_name = request.get("__ac_name", None) __ac_password = request.get("__ac_password", None) logger.info("*** LOGIN %s ***" % __ac_name) if __ac_name is None: api.fail(400, "__ac_name is missing") if __ac_password is None: api.fail(400, "__ac_password is missing") acl_users = api.get_tool("acl_users") # XXX hard coded acl_users.credentials_cookie_auth.login() # XXX amin user won't be logged in if I use this approach # acl_users.login() # response = request.response # acl_users.updateCredentials(request, response, __ac_name, __ac_password) if api.is_anonymous(): api.fail(401, "Invalid Credentials") # return the JSON in the same format like the user route return get(context, request, username=__ac_name)
def logout(context, request): """ Logout Route """ logger.info("*** LOGOUT ***") acl_users = api.get_tool("acl_users") acl_users.logout(request) return {"url": api.url_for("bika.lims.jsonapi.v2.users"), "success": True}
def auth(context, request): """ Basic Authentication """ if ploneapi.user.is_anonymous(): request.response.setStatus(401) request.response.setHeader('WWW-Authenticate', 'basic realm="JSONAPI AUTH"', 1) logger.info("*** BASIC AUTHENTICATE ***") return {}
def logout(context, request): """ Logout Route """ logger.info("*** LOGOUT ***") acl_users = api.get_tool("acl_users") acl_users.logout(request) return { "url": api.url_for("bika.lims.jsonapi.v2.users"), "success": True }