def test_authentication_disabled_app(authentication_disabled_app): # app.auth should = false assert mg_globals assert mg_globals.app.auth is False # Try to visit register page template.clear_test_template_context() response = authentication_disabled_app.get('/auth/register/') response.follow() # Correct redirect? assert urlparse.urlsplit(response.location)[2] == '/' assert 'mediagoblin/root.html' in template.TEMPLATE_TEST_CONTEXT # Try to vist login page template.clear_test_template_context() response = authentication_disabled_app.get('/auth/login/') response.follow() # Correct redirect? assert urlparse.urlsplit(response.location)[2] == '/' assert 'mediagoblin/root.html' in template.TEMPLATE_TEST_CONTEXT ## Test check_login_simple should return None assert auth_tools.check_login_simple('test', 'simple') is None # Try to visit the forgot password page template.clear_test_template_context() response = authentication_disabled_app.get('/auth/register/') response.follow() # Correct redirect? assert urlparse.urlsplit(response.location)[2] == '/' assert 'mediagoblin/root.html' in template.TEMPLATE_TEST_CONTEXT
def pwg_login(request): username = request.form.get("username") password = request.form.get("password") user = check_login_simple(username, password) if not user: return PwgError(999, 'Invalid username/password') request.session["user_id"] = user.id request.session.save() return True
def login(request): """ MediaGoblin login view. If you provide the POST with 'next', it'll redirect to that view. """ if 'pass_auth' not in request.template_env.globals: redirect_name = hook_handle('auth_no_pass_redirect') if redirect_name: return redirect( request, 'mediagoblin.plugins.{0}.login'.format(redirect_name)) else: return redirect(request, 'index') login_form = hook_handle("auth_get_login_form", request) login_failed = False if request.method == 'POST': if login_form.validate(): user = check_login_simple(login_form.username.data, login_form.password.data) if user: # set up login in session if login_form.stay_logged_in.data: request.session['stay_logged_in'] = True request.session['user_id'] = six.text_type(user.id) request.session.save() if request.form.get('next'): return redirect(request, location=request.form['next']) else: return redirect(request, "index") login_failed = True remote_addr = (request.access_route and request.access_route[-1] or request.remote_addr) _log.warn("Failed login attempt from %r", remote_addr) return render_to_response( request, 'mediagoblin/auth/login.html', { 'login_form': login_form, 'next': request.GET.get('next') or request.form.get('next'), 'login_failed': login_failed, 'post_url': request.urlgen('mediagoblin.auth.login'), 'allow_registration': mg_globals.app_config["allow_registration"] })
def __call__(self, request, *args, **kw): _log.debug('Trying to authorize the user agent via HTTP Auth') if not request.authorization: return False user = check_login_simple(unicode(request.authorization['username']), request.authorization['password']) if user: request.user = user return True else: raise Unauthorized() return False
def login(request): """ MediaGoblin login view. If you provide the POST with 'next', it'll redirect to that view. """ #if 'pass_auth' not in request.template_env.globals: # redirect_name = hook_handle('auth_no_pass_redirect') # if redirect_name: # return redirect(request, 'mediagoblin.plugins.{0}.login'.format( # redirect_name)) # else: # return redirect(request, 'index') login_form = auth_forms.LoginForm(request.form) login_failed = False #if request.method == 'POST' and login_form.validate(): if request.method == 'POST': if login_form.validate(): user = check_login_simple( login_form.username.data, login_form.password.data) if user: # set up login in session if login_form.stay_logged_in.data: request.session['stay_logged_in'] = True request.session['user_id'] = unicode(user.id) request.session.save() if request.form.get('next'): return redirect(request, location=request.form['next']) else: return redirect(request, "index") login_failed = True return render_to_response( request, 'mediagoblin/plugins/recaptcha/login.html', {'login_form': login_form, 'next': request.GET.get('next') or request.form.get('next'), 'login_failed': login_failed, 'post_url': request.urlgen('mediagoblin.plugins.recaptcha.login'), 'allow_registration': mg_globals.app_config["allow_registration"]})