def identity_from_form(self, visit_key):
"""Inspect the form to pull out identity information.
Must have fields for user name, password, and a login submit button.
Returns an identity dictionary or none if the form contained no
identity information or the information was incorrect.
"""
params = request.params
# only try to process credentials for login forms
if params.has_key(self.submit_button_name):
try:
# form data contains login credentials
user_name = params.pop(self.user_name_field)
pw = params.pop(self.password_field)
# just lose the submit button to prevent passing to final controller
submit = params.pop(self.submit_button_name, None)
submit_x = params.pop('%s.x' % self.submit_button_name, None)
submit_y = params.pop('%s.y' % self.submit_button_name, None)
set_login_attempted(True)
identity = self.provider.validate_identity(user_name, pw, visit_key)
if identity is None:
log.warning("The credentials specified weren't valid")
return None
return identity
except KeyError:
log.error("Missing fields in login form")
return None
else:
return None
def identity_from_form(self, visit_key):
"""Inspect the form to pull out identity information.
Must have fields for user name, password, and a login submit button.
Returns an identity dictionary or none if the form contained no
identity information or the information was incorrect.
"""
params = request.params
# only try to process credentials for login forms
if params.has_key(self.submit_button_name):
try:
# form data contains login credentials
user_name = params.pop(self.user_name_field)
pw = params.pop(self.password_field)
# just lose the submit button to prevent passing to final controller
submit = params.pop(self.submit_button_name, None)
submit_x = params.pop('%s.x' % self.submit_button_name, None)
submit_y = params.pop('%s.y' % self.submit_button_name, None)
set_login_attempted(True)
identity = self.provider.validate_identity(
user_name, pw, visit_key)
if identity is None:
log.warning("The credentials specified weren't valid")
return None
return identity
except KeyError:
log.error("Missing fields in login form")
return None
else:
return None
def load_identity(self, visit_key):
user = super(LdapSqlAlchemyIdentityProvider, self).load_identity(visit_key)
if not user.anonymous:
return user
if cherrypy.request.login:
if cherrypy.request.login.find("@") != -1:
(user_name, realm) = cherrypy.request.login.split('@')
else:
user_name = cherrypy.request.login
else:
return None
set_login_attempted( True )
return self.validate_identity( user_name, None, visit_key, True )
def load_identity(self, visit_key):
'''Lookup the principal represented by visit_key.
:arg visit_key: The session key for whom we're looking up an identity.
:return: an object with the following properties:
:user_name: original user name
:user: a provider dependant object (TG_User or similar)
:groups: a set of group IDs
:permissions: a set of permission IDs
'''
ident = SaFasIdentity(visit_key)
if 'csrf_login' in cherrypy.request.params:
cherrypy.request.params.pop('csrf_login')
set_login_attempted(True)
return ident
def load_identity(self, visit_key):
'''Lookup the principal represented by visit_key.
:arg visit_key: The session key for whom we're looking up an identity.
:return: an object with the following properties:
:user_name: original user name
:user: a provider dependant object (TG_User or similar)
:groups: a set of group IDs
:permissions: a set of permission IDs
'''
ident = SaFasIdentity(visit_key)
if 'csrf_login' in cherrypy.request.params:
cherrypy.request.params.pop('csrf_login')
set_login_attempted(True)
return ident
def identity_from_http_auth(self, visit_key):
"""Only basic auth is handled at the moment."""
try:
authorisation = request.headers['Authorization']
except KeyError:
return None
authScheme, schemeData = authorisation.split(' ', 1)
# Only basic is handled at the moment
if authScheme.lower() != 'basic':
log.error("HTTP Auth is not basic")
return None
# decode credentials
user_name, password = self.decode_basic_credentials(schemeData)
set_login_attempted(True)
return self.provider.validate_identity(user_name, password, visit_key)
def identity_from_http_auth(self, visit_key):
"""Only basic auth is handled at the moment."""
try:
authorisation = request.headers['Authorization']
except KeyError:
return None
authScheme, schemeData = authorisation.split(' ', 1)
# Only basic is handled at the moment
if authScheme.lower() != 'basic':
log.error("HTTP Auth is not basic")
return None
# decode credentials
user_name, password = self.decode_basic_credentials(schemeData)
set_login_attempted(True)
return self.provider.validate_identity(user_name, password, visit_key)
def load_identity(self, visit_key):
"""Lookup the principal represented by user_name.
Return None if there is no principal for the given user ID.
Must return an object with the following properties:
user_name: original user name
user: a provider dependant object (TG_User or similar)
groups: a set of group names
permissions: a set of permission names
"""
ident = SqlObjectCsrfIdentity(visit_key)
if 'csrf_login' in cherrypy.request.params:
cherrypy.request.params.pop('csrf_login')
set_login_attempted(True)
return ident
def load_identity(self, visit_key):
"""Lookup the principal represented by user_name.
Return None if there is no principal for the given user ID.
Must return an object with the following properties:
user_name: original user name
user: a provider dependant object (TG_User or similar)
groups: a set of group names
permissions: a set of permission names
"""
ident = SqlObjectCsrfIdentity(visit_key)
if 'csrf_login' in cherrypy.request.params:
cherrypy.request.params.pop('csrf_login')
set_login_attempted(True)
return ident
def identity_from_form(self, visit_key):
"""Inspect the request params to pull out identity information.
Must have fields for user name, password, and a login submit button.
Returns an identity object whose class depends on the current identity
provider or None if the form contained no identity information or the
information was incorrect.
"""
# only try to process credentials for login forms
if pop_request_params(self.submit_button_name) is None:
return None
# form data contains login credentials
pop_request_params(self.submit_button_name + ['x'])
pop_request_params(self.submit_button_name + ['y'])
user_name = pop_request_params(self.user_name_field)
password = pop_request_params(self.password_field)
if user_name is None:
log.error("Missing user name in login form")
return None
elif isinstance(user_name, list):
log.error("Multiple user names in login form")
return None
if password is None:
log.error("Missing password in login form")
return None
elif isinstance(password, list):
log.error("Multiple passwords in login form")
return None
set_login_attempted(True)
identity = self.provider.validate_identity(
user_name, password, visit_key)
if identity is None:
log.warning("The credentials specified weren't valid")
return None
return identity
