def login_vgroup(self, boknr=''): #lookup vgroup of boknr vgroup_list = getVisitingGroupByBoknr(holly_couch, boknr) if len(vgroup_list) == 0: flash(u"Det finns ingen grupp i systemet än med det bokningsnummer du angav.",'warning') raise redirect('/') else: raise redirect('edit_request', visiting_group_id=vgroup_list[0]['id']) return dict()
def get_user(self, identity, userid): ##return self.sa_auth.dbsession.query(self.sa_auth.user_class).filter_by( ## user_name=userid ##).first() user = model.holly_couch.get('user.'+userid) if user: identity['user_level'] = user['level'] identity['user_active'] = user['active'] else: vgroup_list = getVisitingGroupByBoknr(model.holly_couch, userid) if len(vgroup_list) > 0: user = vgroup_list[0].doc return user
def authenticate(self, environ, identity): authlog = logging.getLogger('auth2') login = identity['login'] supplied_login_name = identity['login'] ## ##user = self.sa_auth.dbsession.query(self.sa_auth.user_class).filter_by( ## user_name=login ##).first() ## user = model.holly_couch.get('user.'+login) if not user: vgroup_list = getVisitingGroupByBoknr(model.holly_couch, login) if len(vgroup_list) > 0: user = vgroup_list[0].doc else: login = None elif not validate_password(user, identity['password']): login = None if login is None: try: from urllib.parse import parse_qs, urlencode except ImportError: from urlparse import parse_qs from urllib import urlencode from tg.exceptions import HTTPFound params = parse_qs(environ['QUERY_STRING']) params.pop('password', None) # Remove password in case it was there if user is None: params['failure'] = 'user-not-found' authlog.info('login failed - user-not-found %s' % supplied_login_name[:100]) else: params['login'] = identity['login'] params['failure'] = 'invalid-password' authlog.info('login failed - wrong password for %s' % supplied_login_name) # When authentication fails send user to login page. # TODO: change /hollyrosa environ['repoze.who.application'] = HTTPFound( location='?'.join(('/hollyrosa/login', urlencode(params, True))) ) return login