def oidclogin(request): middleware = 'kobo.django.auth.middleware.LimitedRemoteUserMiddleware' if django_version_ge('1.10.0'): middleware_setting = settings.MIDDLEWARE else: middleware_setting = settings.MIDDLEWARE_CLASSES if middleware not in middleware_setting: raise ImproperlyConfigured( "oidclogin view requires '%s' middleware installed" % middleware) return RedirectView.as_view(url=reverse("home/index"), permanent=False)(request)
def login_password(request, username, password): """login_password(username, password): session_id""" backend = ModelBackend() if django_version_ge('1.11.0'): user = backend.authenticate(None, username, password) else: user = backend.authenticate(username, password) if user is None: raise PermissionDenied("Invalid username or password.") user.backend = "%s.%s" % (backend.__module__, backend.__class__.__name__) django.contrib.auth.login(request, user) return request.session.session_key
class MenuMiddleware(MiddlewareMixin if django_version_ge('1.10.0') else object ): """ @summary: Middleware for menu object. """ def process_request(self, request): """ @summary: Adds menu to request object @param request: http request object @type request: django.http.HttpRequest """ request.__class__.menu = LazyMenu()
class LimitedRemoteUserMiddleware( RemoteUserMiddleware, MiddlewareMixin if django_version_ge('1.10.0') else object): ''' Same behaviour as RemoteUserMiddleware except that it doesn't logout user if is already logged in. Useful when you have just one authentication powered login page. ''' def process_request(self, request): if not hasattr(request, 'user') or not call_if_callable( request.user.is_authenticated): super(LimitedRemoteUserMiddleware, self).process_request(request)
class WorkerMiddleware( MiddlewareMixin if django_version_ge('1.10.0') else object): """Sets a request.worker. - Worker instance if username exists in database - None otherwise """ def process_request(self, request): assert hasattr( request, "user" ), "Worker middleware requires authentication middleware to be installed. Also make sure the database is set and writable." request.__class__.worker = LazyWorker() return None
def test_login_worker_key_valid_worker_invalid_user(self): Worker.objects.create(worker_key='key', name='name') req = Mock(spec=['session'], session=Mock()) krb_mock = Mock(spec=['authenticate'], authenticate=Mock(return_value=None)) with patch('kobo.hub.xmlrpc.auth.Krb5RemoteUserBackend', return_value=krb_mock): with self.assertRaises(PermissionDenied): auth.login_worker_key(req, 'key') if django_version_ge('1.11.0'): krb_mock.authenticate.assert_called_once_with(None, 'worker/name') else: krb_mock.authenticate.assert_called_once_with('worker/name')
def krb5login(request, redirect_field_name=REDIRECT_FIELD_NAME): #middleware = 'django.contrib.auth.middleware.RemoteUserMiddleware' middleware = 'kobo.django.auth.middleware.LimitedRemoteUserMiddleware' if django_version_ge('1.10.0'): middleware_setting = settings.MIDDLEWARE else: middleware_setting = settings.MIDDLEWARE_CLASSES if middleware not in middleware_setting: raise ImproperlyConfigured( "krb5login view requires '%s' middleware installed" % middleware) redirect_to = request.POST.get(redirect_field_name, "") if not redirect_to: redirect_to = request.GET.get(redirect_field_name, "") if not redirect_to: redirect_to = reverse("home/index") return RedirectView.as_view(url=redirect_to, permanent=True)(request)
def login_worker_key(request, worker_key): """login_worker_key(worker_key): session_key""" try: worker = Worker.objects.get(worker_key=worker_key) except ObjectDoesNotExist: raise PermissionDenied() username = "******" % worker.name backend = Krb5RemoteUserBackend() if django_version_ge('1.11.0'): user = backend.authenticate(None, username) else: user = backend.authenticate(username) if user is None: raise PermissionDenied() user.backend = "%s.%s" % (backend.__module__, backend.__class__.__name__) user = django.contrib.auth.login(request, user) return request.session.session_key
def test_login_worker_key_valid_worker_and_user(self): def login(request, user): request.session.session_key = '1234567890' return user Worker.objects.create(worker_key='key', name='name') req = Mock(spec=['session'], session=Mock()) user = Mock() krb_mock = Mock(spec=['authenticate'], authenticate=Mock(return_value=user)) with patch('kobo.hub.xmlrpc.auth.Krb5RemoteUserBackend', return_value=krb_mock): with patch.object(auth.django.contrib.auth, 'login', side_effect=login) as login_mock: session_key = auth.login_worker_key(req, 'key') login_mock.assert_called_once_with(req, user) if django_version_ge('1.11.0'): krb_mock.authenticate.assert_called_once_with(None, 'worker/name') else: krb_mock.authenticate.assert_called_once_with('worker/name') self.assertEqual(session_key, '1234567890')
def login_krbv(request, krb_request, proxy_user=None): """login_krbv(krb_request, proxy_user=None): session_key""" import krbV context = krbV.default_context() server_principal = krbV.Principal(name=settings.KRB_AUTH_PRINCIPAL, context=context) server_keytab = krbV.Keytab(name=settings.KRB_AUTH_KEYTAB, context=context) auth_context = krbV.AuthContext(context=context) auth_context.flags = krbV.KRB5_AUTH_CONTEXT_DO_SEQUENCE | krbV.KRB5_AUTH_CONTEXT_DO_TIME auth_context.addrs = (socket.gethostbyname(request.META["HTTP_HOST"]), 0, request.META["REMOTE_ADDR"], 0) # decode and read the authentication request decode_func = base64.decodebytes if hasattr( base64, "decodebytes") else base64.decodestring decoded_request = decode_func(krb_request) auth_context, opts, server_principal, cache_credentials = context.rd_req( decoded_request, server=server_principal, keytab=server_keytab, auth_context=auth_context, options=krbV.AP_OPTS_MUTUAL_REQUIRED) cprinc = cache_credentials[2] # remove @REALM username = cprinc.name.split("@")[0] backend = Krb5RemoteUserBackend() if django_version_ge('1.11.0'): user = backend.authenticate(None, username) else: user = backend.authenticate(username) if user is None: raise PermissionDenied() user.backend = "%s.%s" % (backend.__module__, backend.__class__.__name__) django.contrib.auth.login(request, user) return request.session.session_key
import os import six import locale from kobo.django.django_version import django_version_ge try: import json except ImportError: import simplejson as json import django.contrib.auth.views from django.conf import settings from django.contrib.auth import REDIRECT_FIELD_NAME, get_user_model from django.core.exceptions import ImproperlyConfigured from kobo.django.django_version import django_version_ge if django_version_ge('1.10.0'): from django.urls import reverse else: from django.core.urlresolvers import reverse from django.http import HttpResponse, StreamingHttpResponse, HttpResponseForbidden from django.shortcuts import render, get_object_or_404 from django.template import RequestContext from django.views.generic import RedirectView from kobo.hub.models import Arch, Channel, Task from kobo.hub.forms import TaskSearchForm from kobo.django.views.generic import ExtraDetailView, SearchView from kobo.django.compat import gettext_lazy as _ # max log size returned in HTML-embedded view HTML_LOG_MAX_SIZE = getattr(settings, "HTML_LOG_MAX_SIZE", (1024**2) * 2)
def value_to_string(self, obj): if django_version_ge('2.0'): value = self.value_from_object(obj) else: value = self._get_val_from_obj(obj) return self.get_db_prep_value(value)
from django.contrib.auth.admin import * import django.contrib.admin as admin from kobo.django.django_version import django_version_ge from kobo.django.auth.models import * # users are not displayed on admin page since migrations were introduced if django_version_ge("1.9.0"): admin.site.register(User, UserAdmin)