def login(nickname=None, password=None, login_method=None, action='', remember_me=False, referer=None): if CFG_ACCESS_CONTROL_LEVEL_SITE > 0: return abort(401) # page is not authorized if action: try: action, arguments = mail_cookie_check_authorize_action(action) except InvenioWebAccessMailCookieError: pass form = LoginForm(CombinedMultiDict([ ImmutableMultiDict({'referer': referer} if referer else {}), request.values ]), csrf_enabled=False) try: user = None if not CFG_EXTERNAL_AUTH_USING_SSO: if login_method is 'Local': if form.validate_on_submit(): user = update_login(nickname, password, remember_me) elif login_method in ['openid', 'oauth1', 'oauth2']: pass req = request.get_legacy_request() (iden, nickname, password, msgcode) = webuser.loginUser(req, nickname, password, login_method) if iden: user = update_login(nickname) else: flash(_('Invalid login method.'), 'error') else: req = request.get_legacy_request() # Fake parameters for p_un & p_pw because SSO takes them from the environment (iden, nickname, password, msgcode) = webuser.loginUser(req, '', '', CFG_EXTERNAL_AUTH_USING_SSO) if iden: user = update_login(nickname) if user: flash(_("You are logged in as %s.") % user.nickname, "info") if referer is not None: # Change HTTP method to https if needed. referer = referer.replace(CFG_SITE_URL, CFG_SITE_SECURE_URL) return redirect(referer) except: flash(_("Problem with login."), "error") current_app.config.update( dict((k, v) for k, v in vars(websession_config).iteritems() if "CFG_" == k[:4])) return render_template('webaccount_login.html', form=form)
def _traverse(self, req, path, do_head=False, guest_p=True): """ Locate the handler of an URI by traversing the elements of the path.""" _debug(req, 'traversing %r' % path) component, path = path[0], path[1:] name = self._translate(component) if name is None: obj, path = self._lookup(component, path) else: obj = getattr(self, name) if obj is None: _debug(req, 'could not resolve %s' % repr((component, path))) raise TraversalError() # We have found the next segment. If we know that from this # point our subpages are over HTTPS, do the switch. if CFG_HAS_HTTPS_SUPPORT and self._force_https and not req.is_https(): # We need to isolate the part of the URI that is after # CFG_SITE_URL, and append that to our CFG_SITE_SECURE_URL. original_parts = urlparse.urlparse(req.unparsed_uri) plain_prefix_parts = urlparse.urlparse(CFG_SITE_URL) secure_prefix_parts = urlparse.urlparse(CFG_SITE_SECURE_URL) # Compute the new path plain_path = original_parts[2] plain_path = secure_prefix_parts[2] + \ plain_path[len(plain_prefix_parts[2]):] # ...and recompose the complete URL final_parts = list(secure_prefix_parts) final_parts[2] = plain_path final_parts[-3:] = original_parts[-3:] target = urlparse.urlunparse(final_parts) redirect_to_url(req, target) if CFG_EXTERNAL_AUTH_USING_SSO and req.is_https() and guest_p: (iden, p_un, dummy, dummy) = loginUser(req, '', '', CFG_EXTERNAL_AUTH_USING_SSO) if len(iden)>0: update_Uid(req, p_un) guest_p = False # Continue the traversal. If there is a path, continue # resolving, otherwise call the method as it is our final # renderer. We even pass it the parsed form arguments. if path: if hasattr(obj, '_traverse'): return obj._traverse(req, path, do_head, guest_p) else: raise apache.SERVER_RETURN, apache.HTTP_NOT_FOUND if do_head: req.content_type = "text/html; charset=UTF-8" raise apache.SERVER_RETURN, apache.DONE form = req.form if 'ln' not in form and \ req.uri not in CFG_NO_LANG_RECOGNITION_URIS: ln = get_preferred_user_language(req) form.add_field('ln', ln) result = _check_result(req, obj(req, form)) return result
def login(nickname=None, password=None, login_method=None, action='', remember_me=False, referer=None): if CFG_ACCESS_CONTROL_LEVEL_SITE > 0: return abort(401) # page is not authorized if action: try: action, arguments = mail_cookie_check_authorize_action(action) except InvenioWebAccessMailCookieError: pass form = LoginForm(CombinedMultiDict([ImmutableMultiDict({'referer': referer} if referer else {}), request.values]), csrf_enabled=False) try: user = None if not CFG_EXTERNAL_AUTH_USING_SSO: if login_method == 'Local': if form.validate_on_submit(): user = update_login(nickname, password, remember_me) elif login_method in ['openid', 'oauth1', 'oauth2']: pass req = request.get_legacy_request() (iden, nickname, password, msgcode) = webuser.loginUser(req, nickname, password, login_method) if iden: user = update_login(nickname) else: flash(_('Invalid login method.'), 'error') else: req = request.get_legacy_request() # Fake parameters for p_un & p_pw because SSO takes them from the environment (iden, nickname, password, msgcode) = webuser.loginUser(req, '', '', CFG_EXTERNAL_AUTH_USING_SSO) if iden: user = update_login(nickname) if user: flash(_("You are logged in as %s.") % user.nickname, "info") if referer is not None: from urlparse import urlparse # we should not redirect to these URLs after login blacklist = [url_for('webaccount.register'), url_for('webaccount.logout'), url_for('webaccount.login')] if not urlparse(referer).path in blacklist: # Change HTTP method to https if needed. referer = referer.replace(CFG_SITE_URL, CFG_SITE_SECURE_URL) return redirect(referer) return redirect('/') except: flash(_("Problem with login."), "error") current_app.config.update(dict((k, v) for k, v in vars(websession_config).iteritems() if "CFG_" == k[:4])) collection = Collection.query.get_or_404(1) from invenio.b2share_utils import get_latest_deposits latest_deposits = get_latest_deposits() # @register_template_context_processor # def index_context(): # return dict( # easy_search_form=EasySearchForm(csrf_enabled=False), # format_record=cached_format_record, # get_creation_date=get_creation_date, # unregistered=(not current_user.is_authenticated()) # ) return render_template('webaccount_login.html', form=form, collection=collection, latest_deposits=latest_deposits)