def _store_user_in_session(self, username, remember=False): user = User.get_by_username(username, case_insensitive=True) auth_user = AuthUser(user.user_id) auth_user.set_authenticated() cs = auth_user.get_cookie_store() session['authuser'] = cs user.update_lastlogin() Session().commit() # If they want to be remembered, update the cookie if remember: _year = (datetime.datetime.now() + datetime.timedelta(seconds=60 * 60 * 24 * 365)) session._set_cookie_expires(_year) session.save() log.info('user %s is now authenticated and stored in ' 'session, session attrs %s' % (username, cs)) # dumps session attrs back to cookie session._update_cookie_out() # we set new cookie headers = None if session.request['set_cookie']: # send set-cookie headers back to response to update cookie headers = [('Set-Cookie', session.request['cookie_out'])] return headers
def __call__(self, environ, start_response): """Invoke the Controller""" # WSGIController.__call__ dispatches to the Controller method # the request is routed to. This routing information is # available in environ['pylons.routes_dict'] try: self.ip_addr = _get_ip_addr(environ) # make sure that we update permissions each time we call controller api_key = request.GET.get('api_key') if api_key: # when using API_KEY we are sure user exists. auth_user = AuthUser(api_key=api_key, ip_addr=self.ip_addr) authenticated = False else: cookie_store = CookieStoreWrapper(session.get('authuser')) try: auth_user = AuthUser(user_id=cookie_store.get( 'user_id', None), ip_addr=self.ip_addr) except UserCreationError, e: from kallithea.lib import helpers as h h.flash(e, 'error') # container auth or other auth functions that create users on # the fly can throw this exception signaling that there's issue # with user creation, explanation should be provided in # Exception itself auth_user = AuthUser(ip_addr=self.ip_addr) authenticated = cookie_store.get('is_authenticated') if not auth_user.is_authenticated and auth_user.user_id is not None: # user is not authenticated and not empty auth_user.set_authenticated(authenticated) request.user = auth_user #set globals for auth user self.authuser = c.authuser = auth_user log.info('IP: %s User: %s accessed %s' % (self.ip_addr, auth_user, safe_unicode(_get_access_path(environ)))) return WSGIController.__call__(self, environ, start_response)
def __call__(self, environ, start_response): """Invoke the Controller""" # WSGIController.__call__ dispatches to the Controller method # the request is routed to. This routing information is # available in environ['pylons.routes_dict'] try: self.ip_addr = _get_ip_addr(environ) # make sure that we update permissions each time we call controller api_key = request.GET.get('api_key') if api_key: # when using API_KEY we are sure user exists. auth_user = AuthUser(api_key=api_key, ip_addr=self.ip_addr) authenticated = False else: cookie_store = CookieStoreWrapper(session.get('authuser')) try: auth_user = AuthUser(user_id=cookie_store.get('user_id', None), ip_addr=self.ip_addr) except UserCreationError, e: from kallithea.lib import helpers as h h.flash(e, 'error') # container auth or other auth functions that create users on # the fly can throw this exception signaling that there's issue # with user creation, explanation should be provided in # Exception itself auth_user = AuthUser(ip_addr=self.ip_addr) authenticated = cookie_store.get('is_authenticated') if not auth_user.is_authenticated and auth_user.user_id is not None: # user is not authenticated and not empty auth_user.set_authenticated(authenticated) request.user = auth_user #set globals for auth user self.authuser = c.authuser = auth_user log.info('IP: %s User: %s accessed %s' % ( self.ip_addr, auth_user, safe_unicode(_get_access_path(environ))) ) return WSGIController.__call__(self, environ, start_response)