def lookup_full_user(username): """Look up the full user identity for username consisting of e.g. just an email address. The method to extract the full identity depends on the back end database. If username matches either the openid link, the full ID or the dir version from it, a tuple with the expanded username and the full user dictionary is returned. On no match a tuple with the unchanged username and an empty dictionary is returned. """ # print "DEBUG: lookup full user for %s" % username db_path = os.path.join(configuration.mig_code_base, 'server', 'MiG-users.db') # print "DEBUG: Loading user DB" id_map = load_user_db(db_path) login_url = os.path.join(configuration.user_openid_providers[0], username) distinguished_name = get_openid_user_dn(configuration, login_url) # print "DEBUG: compare against %s" % full_id if distinguished_name in id_map: url_friendly = client_id_dir(distinguished_name) return (url_friendly, id_map[distinguished_name]) return (username, {})
def checkLogin(self, username, password): """Check username and password in MiG user DB""" db_path = os.path.join(configuration.mig_code_base, 'server', 'MiG-users.db') # print "Loading user DB" id_map = load_user_db(db_path) # username may be None here login_url = os.path.join(configuration.user_openid_providers[0], username or '') distinguished_name = get_openid_user_dn(configuration, login_url) if distinguished_name in id_map: user = id_map[distinguished_name] print "looked up user %s in DB: %s" % (username, user) enc_pw = user.get('password', None) # print "DEBUG: Check password against enc %s" % enc_pw if password and base64.b64encode(password) == user['password']: print "Correct password for user %s" % username self.user_dn = distinguished_name self.user_dn_dir = client_id_dir(distinguished_name) return True else: print "Failed password check for user %s" % username print "Invalid login for user %s" % username return False