def render(self): login_url = resource_url(self.request.context, self.request, 'login') referrer = self.request.url # never use the login form itself as came_from if referrer == login_url: referrer = '/' came_from = self.request.params.get('came_from', referrer) login = self.request.params.get('user.login', '') if 'form.submitted' in self.request.params: password = self.request.params.get('user.password', u'') if password: if User.by_ldap_credentials( self.session, login, password, self.request.registry.settings) is not None: log.info('login %r succeed', login) headers = remember(self.request, login) return HTTPFound(location=came_from, headers=headers) if User.by_credentials(self.session, login, password) is not None: log.info('login %r succeed', login) headers = remember(self.request, login) return HTTPFound(location=came_from, headers=headers) return { 'came_from': came_from, 'user': User(login=login), }
def render(self): login_url = resource_url(self.request.context, self.request, 'login') referrer = self.request.url # never use the login form itself as came_from if referrer == login_url: referrer = '/' came_from = self.request.params.get('came_from', referrer) login = self.request.params.get('user.login', '') if 'form.submitted' in self.request.params: password = self.request.params.get('user.password', u'') if password: if User.by_ldap_credentials( self.session, login, password, self.request.registry.settings) is not None: log.info('login %r succeed', login) headers = remember(self.request, login) return HTTPFound(location=came_from, headers=headers) if User.by_credentials( self.session, login, password) is not None: log.info('login %r succeed', login) headers = remember(self.request, login) return HTTPFound(location=came_from, headers=headers) return {'came_from': came_from, 'user': User(login=login), }
def authenticated_userid(self, request): auth = request.environ.get('HTTP_AUTHORIZATION') try: authmeth, auth = auth.split(' ', 1) except AttributeError as ValueError: # not enough values to unpack return None if authmeth.lower() != 'basic': return None try: # Python 3's string is already unicode auth = auth.strip().decode('base64') if sys.version_info[0] == 2: auth = unicode(auth) except binascii.Error: # can't decode return None try: login, password = auth.split(':', 1) except ValueError: # not enough values to unpack return None if User.by_credentials(DBSession(), login, password): return login return None
def authenticated_userid(self, request): auth = request.environ.get('HTTP_AUTHORIZATION') try: authmeth, auth = auth.split(' ', 1) except AttributeError: # not enough values to unpack return None if authmeth.lower() != 'basic': return None try: # Python 3's string is already unicode auth = base64.b64decode(auth.strip()) except binascii.Error: # can't decode return None if not isinstance(auth, unicode): auth = auth.decode('utf-8') try: login, password = auth.split(':', 1) except ValueError: # not enough values to unpack return None if User.by_credentials(DBSession(), login, password): return login if User.by_ldap_credentials(DBSession(), login, password, request.registry.settings): return login return None
def authenticated_userid(self, request): auth = request.environ.get('HTTP_AUTHORIZATION') try: authmeth, auth = auth.split(' ', 1) except AttributeError: # not enough values to unpack return None if authmeth.lower() != 'basic': return None try: # Python 3's string is already unicode auth = base64.b64decode(auth.strip()) except binascii.Error: # can't decode return None if not isinstance(auth, unicode): auth = auth.decode('utf-8') try: login, password = auth.split(':', 1) except ValueError: # not enough values to unpack return None if User.by_credentials(DBSession(), login, password): return login if User.by_ldap_credentials(DBSession(), login, password,request.registry.settings): return login return None
def test_update_post_ok(self): from pyshop.models import User from pyshop.views.user import Edit view = Edit( self.create_request( { "form.submitted": u"1", "user.login": u"root", "user.firstname": u"Admin", "user.lastname": u"Istrator", } ) )() self.assertIsRedirect(view) self.session.flush() admin = User.by_credentials(self.session, u"root", u"changeme") self.assertIsInstance(admin, User) self.assertEqual(admin.login, u"root") self.assertEqual(admin.firstname, u"Admin") self.assertEqual(admin.lastname, u"Istrator") admin.login = u"admin" admin.password = u"changeme" admin.firstname = None admin.lastname = None self.session.add(admin)
def test_change_password_post_ok(self): from pyshop.models import User from pyshop.views.user import ChangePassword as ChangePwd view = ChangePwd(self.create_request({'form.submitted': u'1', 'current_password': u'changeme', 'user.password': u'newpassw', 'confirm_password': u'newpassw', }))() admin = User.by_credentials(self.session, u'admin', u'newpassw') self.assertIsInstance(admin, User) admin.password = u'changeme' self.session.add(admin)
def test_change_password_post_ko_unchanged(self): from pyshop.models import User from pyshop.views.user import ChangePassword as ChangePwd view = ChangePwd(self.create_request({'form.submitted': u'1', 'current_password': u'changeme', 'user.password': u'changeme', 'confirm_password': u'changeme', }))() self.assertEqual(view['errors'], [u'password is inchanged']) admin = User.by_credentials(self.session, u'admin', u'changeme') self.assertIsInstance(admin, User)
def validate(self, model, errors): r = self.request if not User.by_credentials(self.session, model.login, r.params['current_password']): errors.append(_(u'current password is not correct')) elif r.params['user.password'] == r.params['current_password']: errors.append(_(u'password is inchanged')) if r.params['user.password'] != r.params['confirm_password']: errors.append(_(u'passwords do not match')) return len(errors) == 0
def validate(self, model, errors): r = self.request if not User.by_credentials(self.session, model.login, r.params['current_password']): errors.append(_(u'current password is not correct')) elif r.params['user.password'] == r.params['current_password']: errors.append(_(u'password is inchanged')) if r.params['user.password'] != r.params['confirm_password']: errors.append(_(u'passwords do not match')) return len(errors) == 0
def test_change_password_post_ko_unchanged(self): from pyshop.models import User from pyshop.views.user import ChangePassword as ChangePwd view = ChangePwd( self.create_request({ 'form.submitted': u'1', 'current_password': u'changeme', 'user.password': u'changeme', 'confirm_password': u'changeme', }))() self.assertEqual(view['errors'], [u'password is inchanged']) admin = User.by_credentials(self.session, u'admin', u'changeme') self.assertIsInstance(admin, User)
def test_change_password_post_ko_not_matched(self): from pyshop.models import User from pyshop.views.user import ChangePassword as ChangePwd view = ChangePwd(self.create_request({'form.submitted': u'1', 'current_password': u'CHANGEME', 'user.password': u'newpassw', 'confirm_password': u'NEWPASSW', }))() self.assertEqual(view['errors'], [u'current password is not correct', u'passwords do not match']) admin = User.by_credentials(self.session, u'admin', u'changeme') self.assertIsInstance(admin, User)
def test_change_password_post_ok(self): from pyshop.models import User from pyshop.views.user import ChangePassword as ChangePwd view = ChangePwd( self.create_request({ 'form.submitted': u'1', 'current_password': u'changeme', 'user.password': u'newpassw', 'confirm_password': u'newpassw', }))() admin = User.by_credentials(self.session, u'admin', u'newpassw') self.assertIsInstance(admin, User) admin.password = u'changeme' self.session.add(admin)
def test_change_password_post_ko_not_matched(self): from pyshop.models import User from pyshop.views.user import ChangePassword as ChangePwd view = ChangePwd( self.create_request({ 'form.submitted': u'1', 'current_password': u'CHANGEME', 'user.password': u'newpassw', 'confirm_password': u'NEWPASSW', }))() self.assertEqual( view['errors'], [u'current password is not correct', u'passwords do not match']) admin = User.by_credentials(self.session, u'admin', u'changeme') self.assertIsInstance(admin, User)
def authbasic(request): """ Authentification basic, Upload pyshop repository access """ if len(request.environ.get('HTTP_AUTHORIZATION','')) > 0: auth = request.environ.get('HTTP_AUTHORIZATION') scheme, data = auth.split(None, 1) assert scheme.lower() == 'basic' username, password = data.decode('base64').split(':', 1) if User.by_credentials(DBSession(), username, password): return HTTPFound(location=request.url) return Response(status=401, headerlist=[('WWW-Authenticate', ('Basic realm="%s"' % _('pyshop repository access')).encode('utf-8') )], )
def test_change_password_post_ko_unchanged(self): from pyshop.models import User from pyshop.views.user import ChangePassword as ChangePwd view = ChangePwd( self.create_request( { "form.submitted": u"1", "current_password": u"changeme", "user.password": u"changeme", "confirm_password": u"changeme", } ) )() self.assertEqual(view["errors"], [u"password is inchanged"]) admin = User.by_credentials(self.session, u"admin", u"changeme") self.assertIsInstance(admin, User)
def test_change_password_post_ko_not_matched(self): from pyshop.models import User from pyshop.views.user import ChangePassword as ChangePwd view = ChangePwd( self.create_request( { "form.submitted": u"1", "current_password": u"CHANGEME", "user.password": u"newpassw", "confirm_password": u"NEWPASSW", } ) )() self.assertEqual(view["errors"], [u"current password is not correct", u"passwords do not match"]) admin = User.by_credentials(self.session, u"admin", u"changeme") self.assertIsInstance(admin, User)
def test_change_password_post_ok(self): from pyshop.models import User from pyshop.views.user import ChangePassword as ChangePwd view = ChangePwd( self.create_request( { "form.submitted": u"1", "current_password": u"changeme", "user.password": u"newpassw", "confirm_password": u"newpassw", } ) )() admin = User.by_credentials(self.session, u"admin", u"newpassw") self.assertIsInstance(admin, User) admin.password = u"changeme" self.session.add(admin)
def test_update_post_ok(self): from pyshop.models import User from pyshop.views.user import Edit view = Edit(self.create_request({'form.submitted': u'1', 'user.login': u'root', 'user.firstname': u'Admin', 'user.lastname': u'Istrator', }))() self.assertIsRedirect(view) self.session.flush() admin = User.by_credentials(self.session, u'root', u'changeme') self.assertIsInstance(admin, User) self.assertEqual(admin.login, u'root') self.assertEqual(admin.firstname, u'Admin') self.assertEqual(admin.lastname, u'Istrator') admin.login = u'admin' admin.password = u'changeme' admin.firstname = None admin.lastname = None self.session.add(admin)
def authbasic(request): """ Authentification basic, Upload pyshop repository access """ if len(request.environ.get('HTTP_AUTHORIZATION','')) > 0: auth = request.environ.get('HTTP_AUTHORIZATION') scheme, data = auth.split(None, 1) assert scheme.lower() == 'basic' data = base64.b64decode(data) if not isinstance(data, unicode): data = data.decode('utf-8') username, password = data.split(':', 1) if User.by_ldap_credentials(DBSession(), username, password, request.registry.settings): return HTTPFound(location=request.url) if User.by_credentials(DBSession(), username, password): return HTTPFound(location=request.url) return Response(status=401, headerlist=[(b'WWW-Authenticate', b'Basic realm="pyshop repository access"' )], )
def test_update_post_ok(self): from pyshop.models import User from pyshop.views.user import Edit view = Edit( self.create_request({ 'form.submitted': u'1', 'user.login': u'root', 'user.firstname': u'Admin', 'user.lastname': u'Istrator', }))() self.assertIsRedirect(view) self.session.flush() admin = User.by_credentials(self.session, u'root', u'changeme') self.assertIsInstance(admin, User) self.assertEqual(admin.login, u'root') self.assertEqual(admin.firstname, u'Admin') self.assertEqual(admin.lastname, u'Istrator') admin.login = u'admin' admin.password = u'changeme' admin.firstname = None admin.lastname = None self.session.add(admin)
def test_by_credentials_ok(self): from pyshop.models import User user = User.by_credentials(self.session, u'local_user', 'secret') self.assertIsInstance(user, User) self.assertEqual(user.login, u'local_user') self.assertEqual(user.name, u'Local User')
def test_by_credentials_ko_password(self): from pyshop.models import User user = User.by_credentials(self.session, u'admin', 'CHANGEME') self.assertIsNone(user)
def test_by_credentials_ko_mirrored(self): from pyshop.models import User user = User.by_credentials(self.session, u'johndo', '') self.assertEqual(user, None)
def test_by_credentials_ko_unexists(self): from pyshop.models import User user = User.by_credentials(self.session, u'u404', u"' OR 1 = 1 #") self.assertEqual(user, None)
def test_by_credentials_ok(self): from pyshop.models import User user = User.by_credentials(self.session, u'local_user', 'secret') self.assertIsInstance(user, User) self.assertEqual(user.login, u'local_user') self.assertEqual(user.name, u'Local User')
def test_by_credentials_ko_password(self): from pyshop.models import User user = User.by_credentials(self.session, u'admin', 'CHANGEME') self.assertIsNone(user)
def test_by_credentials_ko_mirrored(self): from pyshop.models import User user = User.by_credentials(self.session, u'johndo', '') self.assertEqual(user, None)
def test_by_credentials_ko_unexists(self): from pyshop.models import User user = User.by_credentials(self.session, u'u404', u"' OR 1 = 1 #") self.assertEqual(user, None)
def authbasic(request): """ Authentification basic, Upload pyshop repository access """ if len(request.environ.get('HTTP_AUTHORIZATION', '')) > 0: transaction.manager auth = request.environ.get('HTTP_AUTHORIZATION') scheme, data = auth.split(None, 1) assert scheme.lower() == 'basic' data = base64.b64decode(data) if not isinstance(data, unicode): data = data.decode('utf-8') username, password = data.split(':', 1) # if User.by_ldap_credentials( # DBSession(), username, password, request.registry.settings): # return HTTPFound(location=request.url) # if User.by_credentials(DBSession(), username, password): # return HTTPFound(location=request.url) # if user: # return HTTPFound(location=request.url) user = None session = DBSession() if request.registry.settings["pyshop.ldap.use_for_auth"]: user = User.by_ldap_credentials(session, username, password, request.registry.settings) if user: user = User.by_login(session, username) else: user = User.by_login(session, username) if user: session.delete(user) user = None else: user = User.by_credentials(session, username, password) # if user: # return HTTPFound(location=request.url) if user: group_names = [] for group in user.groups: group_names.append(group.name) transaction.commit() if request.matched_route: print("*" * 200) print(request.matched_route.name) if request.matched_route.name in ["upload_releasefile"]: if not "developer" in group_names: return Response( status=401, headerlist=[ (b'WWW-Authenticate', b'Basic realm="pyshop repository access"') ], ) return HTTPFound(location=request.url) else: return Response( status=402, headerlist=[(b'WWW-Authenticate', b'Basic realm="pyshop repository access"')], ) return Response( status=401, headerlist=[(b'WWW-Authenticate', b'Basic realm="pyshop repository access"')], )