def lookup_full_user(username):
"""Look up the full user identity for username consisting of e.g. just an
email address.
The method to extract the full identity depends on the back end database.
If username matches either the openid link, the full ID or the dir version
from it, a tuple with the expanded username and the full user dictionary
is returned.
On no match a tuple with the unchanged username and an empty dictionary
is returned.
"""
# print "DEBUG: lookup full user for %s" % username
db_path = os.path.join(configuration.mig_code_base, 'server',
'MiG-users.db')
# print "DEBUG: Loading user DB"
id_map = load_user_db(db_path)
login_url = os.path.join(configuration.user_openid_providers[0], username)
distinguished_name = get_openid_user_dn(configuration, login_url)
# print "DEBUG: compare against %s" % full_id
if distinguished_name in id_map:
url_friendly = client_id_dir(distinguished_name)
return (url_friendly, id_map[distinguished_name])
return (username, {})
def checkLogin(self, username, password):
"""Check username and password in MiG user DB"""
db_path = os.path.join(configuration.mig_code_base, 'server',
'MiG-users.db')
# print "Loading user DB"
id_map = load_user_db(db_path)
# username may be None here
login_url = os.path.join(configuration.user_openid_providers[0],
username or '')
distinguished_name = get_openid_user_dn(configuration, login_url)
if distinguished_name in id_map:
user = id_map[distinguished_name]
print "looked up user %s in DB: %s" % (username, user)
enc_pw = user.get('password', None)
# print "DEBUG: Check password against enc %s" % enc_pw
if password and base64.b64encode(password) == user['password']:
print "Correct password for user %s" % username
self.user_dn = distinguished_name
self.user_dn_dir = client_id_dir(distinguished_name)
return True
else:
print "Failed password check for user %s" % username
print "Invalid login for user %s" % username
return False