def _identify_user_default(self): toolkit.c.user = toolkit.request.environ.get(u'REMOTE_USER', u'') if toolkit.c.user: toolkit.c.user = toolkit.c.user.decode(u'utf8') toolkit.c.userobj = model.User.by_name(toolkit.c.user) if toolkit.c.userobj is None or not toolkit.c.userobj.is_active(): ev = request.environ if u'repoze.who.plugins' in ev: pth = getattr(ev[u'repoze.who.plugins'][u'friendlyform'], u'logout_handler_path') redirect(pth) else: toolkit.c.userobj = self._get_user_info() if 'name' in dir(toolkit.c.userobj): toolkit.c.user = toolkit.c.userobj.name toolkit.c.author = toolkit.c.userobj.name log.debug('toolkit.c.userobj.id :' + toolkit.c.userobj.id) log.debug('toolkit.c.userobj.name :' + toolkit.c.userobj.name)
def _identify_user_default(): u''' Identifies the user using two methods: a) If they logged into the web interface then repoze.who will set REMOTE_USER. b) For API calls they may set a header with an API key. ''' # environ['REMOTE_USER'] is set by repoze.who if it authenticates a # user's cookie. But repoze.who doesn't check the user (still) exists # in our database - we need to do that here. (Another way would be # with an userid_checker, but that would mean another db access. # See: http://docs.repoze.org/who/1.0/narr.html#module-repoze.who\ # .plugins.sql ) g.user = request.environ.get(u'REMOTE_USER', u'') if g.user: if six.PY2: g.user = six.ensure_text(g.user) g.userobj = model.User.by_name(g.user) if g.userobj is None or not g.userobj.is_active(): # This occurs when a user that was still logged in is deleted, or # when you are logged in, clean db and then restart (or when you # change your username). There is no user object, so even though # repoze thinks you are logged in and your cookie has # ckan_display_name, we need to force user to logout and login # again to get the User object. ev = request.environ if u'repoze.who.plugins' in ev: pth = getattr(ev[u'repoze.who.plugins'][u'friendlyform'], u'logout_handler_path') redirect(pth) else: g.userobj = _get_user_for_apikey() if g.userobj is not None: g.user = g.userobj.name
def _identify_user_default(): u''' Identifies the user using two methods: a) If they logged into the web interface then repoze.who will set REMOTE_USER. b) For API calls they may set a header with an API key. ''' # environ['REMOTE_USER'] is set by repoze.who if it authenticates a # user's cookie. But repoze.who doesn't check the user (still) exists # in our database - we need to do that here. (Another way would be # with an userid_checker, but that would mean another db access. # See: http://docs.repoze.org/who/1.0/narr.html#module-repoze.who\ # .plugins.sql ) g.user = request.environ.get(u'REMOTE_USER', u'') if g.user: g.user = g.user.decode(u'utf8') g.userobj = model.User.by_name(g.user) if g.userobj is None or not g.userobj.is_active(): # This occurs when a user that was still logged in is deleted, or # when you are logged in, clean db and then restart (or when you # change your username). There is no user object, so even though # repoze thinks you are logged in and your cookie has # ckan_display_name, we need to force user to logout and login # again to get the User object. ev = request.environ if u'repoze.who.plugins' in ev: pth = getattr(ev[u'repoze.who.plugins'][u'friendlyform'], u'logout_handler_path') redirect(pth) else: g.userobj = _get_user_for_apikey() if g.userobj is not None: g.user = g.userobj.name