def identify(self, environ):
query = parse_formvars(environ)
if query.get(self.login_form_qs):
from StringIO import StringIO
environ['wsgi.input'] = StringIO()
try:
login = query['loginform.user']
password = query['loginform.password']
except KeyError:
return None
credentials = {
'login': login,
'password': password,
}
# XXX: HACK, change authentication mechanism to repoze.who API as
# soon as repoze.who >= 2.0 takes place
#
# repoze.who first calls identify, then the downstream app and
# finally remembers the credentials. this causes authentication
# checks to fail in downstream app even if credentials are valid.
#
# so we iterate the available IAuthentication plugins and check
# if user is already authenticated. if so, change downstream to
# a HTTPFound instance
already_authenticated = False
for plugin in environ['repoze.who.plugins'].values():
if IAuthenticator.providedBy(plugin):
login = credentials['login']
if plugin.authenticate(environ, credentials) == login:
already_authenticated = True
if already_authenticated:
environ['QUERY_STRING'] = ''
downstream = HTTPFound(construct_url(environ))
environ['repoze.who.application'] = downstream
# XXX: END HACK
del query[self.login_form_qs]
environ['QUERY_STRING'] = urllib.urlencode(query)
max_age = query.get('max_age', None)
if max_age is not None:
credentials['max_age'] = max_age
return credentials
return None
def test_implements_IAuthenticator(self):
from repoze.who.interfaces import IAuthenticator
p = self._make_one()
self.assert_(IAuthenticator.providedBy(p))
