def authenticated_userid(self, request):
auth = request.environ.get('HTTP_AUTHORIZATION')
try:
authmeth, auth = auth.split(' ', 1)
except AttributeError: # not enough values to unpack
return None
if authmeth.lower() != 'basic':
return None
try:
# Python 3's string is already unicode
auth = base64.b64decode(auth.strip())
except binascii.Error: # can't decode
return None
if not isinstance(auth, unicode):
auth = auth.decode('utf-8')
try:
login, password = auth.split(':', 1)
except ValueError: # not enough values to unpack
return None
if User.by_credentials(DBSession(), login, password):
return login
if User.by_ldap_credentials(DBSession(), login, password,request.registry.settings):
return login
return None
def render(self):
login_url = resource_url(self.request.context, self.request, 'login')
referrer = self.request.url
# never use the login form itself as came_from
if referrer == login_url:
referrer = '/'
came_from = self.request.params.get('came_from', referrer)
login = self.request.params.get('user.login', '')
if 'form.submitted' in self.request.params:
password = self.request.params.get('user.password', u'')
if password:
if User.by_ldap_credentials(
self.session, login, password,
self.request.registry.settings) is not None:
log.info('login %r succeed', login)
headers = remember(self.request, login)
return HTTPFound(location=came_from, headers=headers)
if User.by_credentials(self.session, login,
password) is not None:
log.info('login %r succeed', login)
headers = remember(self.request, login)
return HTTPFound(location=came_from, headers=headers)
return {
'came_from': came_from,
'user': User(login=login),
}
def authenticated_userid(self, request):
auth = request.environ.get('HTTP_AUTHORIZATION')
try:
authmeth, auth = auth.split(' ', 1)
except AttributeError: # not enough values to unpack
return None
if authmeth.lower() != 'basic':
return None
try:
# Python 3's string is already unicode
auth = base64.b64decode(auth.strip())
except binascii.Error: # can't decode
return None
if not isinstance(auth, unicode):
auth = auth.decode('utf-8')
try:
login, password = auth.split(':', 1)
except ValueError: # not enough values to unpack
return None
if User.by_credentials(DBSession(), login, password):
return login
if User.by_ldap_credentials(DBSession(), login, password,
request.registry.settings):
return login
return None
def render(self):
login_url = resource_url(self.request.context, self.request, 'login')
referrer = self.request.url
# never use the login form itself as came_from
if referrer == login_url:
referrer = '/'
came_from = self.request.params.get('came_from', referrer)
login = self.request.params.get('user.login', '')
if 'form.submitted' in self.request.params:
password = self.request.params.get('user.password', u'')
if password:
if User.by_ldap_credentials(
self.session, login, password,
self.request.registry.settings) is not None:
log.info('login %r succeed', login)
headers = remember(self.request, login)
return HTTPFound(location=came_from,
headers=headers)
if User.by_credentials(
self.session, login, password) is not None:
log.info('login %r succeed', login)
headers = remember(self.request, login)
return HTTPFound(location=came_from,
headers=headers)
return {'came_from': came_from,
'user': User(login=login),
}
def authbasic(request):
"""
Authentification basic, Upload pyshop repository access
"""
if len(request.environ.get('HTTP_AUTHORIZATION','')) > 0:
auth = request.environ.get('HTTP_AUTHORIZATION')
scheme, data = auth.split(None, 1)
assert scheme.lower() == 'basic'
data = base64.b64decode(data)
if not isinstance(data, unicode):
data = data.decode('utf-8')
username, password = data.split(':', 1)
if User.by_ldap_credentials(DBSession(), username, password, request.registry.settings):
return HTTPFound(location=request.url)
if User.by_credentials(DBSession(), username, password):
return HTTPFound(location=request.url)
return Response(status=401,
headerlist=[(b'WWW-Authenticate',
b'Basic realm="pyshop repository access"'
)],
)
def authbasic(request):
"""
Authentification basic, Upload pyshop repository access
"""
if len(request.environ.get('HTTP_AUTHORIZATION', '')) > 0:
transaction.manager
auth = request.environ.get('HTTP_AUTHORIZATION')
scheme, data = auth.split(None, 1)
assert scheme.lower() == 'basic'
data = base64.b64decode(data)
if not isinstance(data, unicode):
data = data.decode('utf-8')
username, password = data.split(':', 1)
# if User.by_ldap_credentials(
# DBSession(), username, password, request.registry.settings):
# return HTTPFound(location=request.url)
# if User.by_credentials(DBSession(), username, password):
# return HTTPFound(location=request.url)
# if user:
# return HTTPFound(location=request.url)
user = None
session = DBSession()
if request.registry.settings["pyshop.ldap.use_for_auth"]:
user = User.by_ldap_credentials(session, username, password,
request.registry.settings)
if user:
user = User.by_login(session, username)
else:
user = User.by_login(session, username)
if user:
session.delete(user)
user = None
else:
user = User.by_credentials(session, username, password)
# if user:
# return HTTPFound(location=request.url)
if user:
group_names = []
for group in user.groups:
group_names.append(group.name)
transaction.commit()
if request.matched_route:
print("*" * 200)
print(request.matched_route.name)
if request.matched_route.name in ["upload_releasefile"]:
if not "developer" in group_names:
return Response(
status=401,
headerlist=[
(b'WWW-Authenticate',
b'Basic realm="pyshop repository access"')
],
)
return HTTPFound(location=request.url)
else:
return Response(
status=402,
headerlist=[(b'WWW-Authenticate',
b'Basic realm="pyshop repository access"')],
)
return Response(
status=401,
headerlist=[(b'WWW-Authenticate',
b'Basic realm="pyshop repository access"')],
)
