def authentication_required(self): """Check if the user session is authenticated""" if self.login_required: if SESSION_AUTHENTICATED in self.session: # Already authenticated (in session) return True elif self.params.get_username(): # Check for automatic login by providing valid username and password result = authenticators.check_login(self.open_settings_db(), self.params.get_username(), self.params.get_password()) if result: self.set_authenticated( status=True, username=result[authenticators.KEY_USERNAME], fullname=result[authenticators.KEY_FULLNAME], roles=result[authenticators.KEY_ROLES]) return True else: return False else: # Not authenticated return False else: # Authentication not needed return True
def serve(self): """Handle the request and serve the response""" super(self.__class__, self).serve() invalid = False arg_username = self.params.get_username() arg_password = self.params.get_password() arg_forward = self.params.get_forward() if self.params.get_action() == 'logout': # When a logout was issued the session is cleared (invalidated or deleted) self.set_authenticated( status=False, username='', fullname='', roles='') else: if arg_username: # Authenticate for valid access result = authenticators.check_login(self.open_settings_db(), arg_username, arg_password) if result: self.set_authenticated( status=True, username=result[authenticators.KEY_USERNAME], fullname=result[authenticators.KEY_FULLNAME], roles=result[authenticators.KEY_ROLES]) if arg_forward: return 'REDIRECT:%s' % urllib2.unquote(arg_forward) else: return 'REDIRECT:queries' else: # When the authentication has not succeeded then session is # not cleared (not invalidated nor deleted) and a simple message # with invalid credentials is shown invalid = True return self.get_template('login.tpl', INVALID=invalid, FORWARD=arg_forward)
def serve(self): """Handle the request and serve the response""" super(self.__class__, self).serve() invalid = False arg_username = self.params.get_username() arg_password = self.params.get_password() arg_forward = self.params.get_forward() if self.params.get_action() == 'logout': # When a logout was issued the session is cleared (invalidated or deleted) self.set_authenticated(status=False, username='', fullname='', roles='') else: if arg_username: # Authenticate for valid access result = authenticators.check_login(self.open_settings_db(), arg_username, arg_password) if result: self.set_authenticated( status=True, username=result[authenticators.KEY_USERNAME], fullname=result[authenticators.KEY_FULLNAME], roles=result[authenticators.KEY_ROLES]) if arg_forward: return 'REDIRECT:%s' % urllib2.unquote(arg_forward) else: return 'REDIRECT:queries' else: # When the authentication has not succeeded then session is # not cleared (not invalidated nor deleted) and a simple message # with invalid credentials is shown invalid = True return self.get_template('login.tpl', INVALID=invalid, FORWARD=arg_forward)