def identity_from_form(self, visit_key): """Inspect the form to pull out identity information. Must have fields for user name, password, and a login submit button. Returns an identity dictionary or none if the form contained no identity information or the information was incorrect. """ params = request.params # only try to process credentials for login forms if params.has_key(self.submit_button_name): try: # form data contains login credentials user_name = params.pop(self.user_name_field) pw = params.pop(self.password_field) # just lose the submit button to prevent passing to final controller submit = params.pop(self.submit_button_name, None) submit_x = params.pop('%s.x' % self.submit_button_name, None) submit_y = params.pop('%s.y' % self.submit_button_name, None) set_login_attempted(True) identity = self.provider.validate_identity(user_name, pw, visit_key) if identity is None: log.warning("The credentials specified weren't valid") return None return identity except KeyError: log.error("Missing fields in login form") return None else: return None
def identity_from_form(self, visit_key): """Inspect the form to pull out identity information. Must have fields for user name, password, and a login submit button. Returns an identity dictionary or none if the form contained no identity information or the information was incorrect. """ params = request.params # only try to process credentials for login forms if params.has_key(self.submit_button_name): try: # form data contains login credentials user_name = params.pop(self.user_name_field) pw = params.pop(self.password_field) # just lose the submit button to prevent passing to final controller submit = params.pop(self.submit_button_name, None) submit_x = params.pop('%s.x' % self.submit_button_name, None) submit_y = params.pop('%s.y' % self.submit_button_name, None) set_login_attempted(True) identity = self.provider.validate_identity( user_name, pw, visit_key) if identity is None: log.warning("The credentials specified weren't valid") return None return identity except KeyError: log.error("Missing fields in login form") return None else: return None
def load_identity(self, visit_key): user = super(LdapSqlAlchemyIdentityProvider, self).load_identity(visit_key) if not user.anonymous: return user if cherrypy.request.login: if cherrypy.request.login.find("@") != -1: (user_name, realm) = cherrypy.request.login.split('@') else: user_name = cherrypy.request.login else: return None set_login_attempted( True ) return self.validate_identity( user_name, None, visit_key, True )
def load_identity(self, visit_key): '''Lookup the principal represented by visit_key. :arg visit_key: The session key for whom we're looking up an identity. :return: an object with the following properties: :user_name: original user name :user: a provider dependant object (TG_User or similar) :groups: a set of group IDs :permissions: a set of permission IDs ''' ident = SaFasIdentity(visit_key) if 'csrf_login' in cherrypy.request.params: cherrypy.request.params.pop('csrf_login') set_login_attempted(True) return ident
def identity_from_http_auth(self, visit_key): """Only basic auth is handled at the moment.""" try: authorisation = request.headers['Authorization'] except KeyError: return None authScheme, schemeData = authorisation.split(' ', 1) # Only basic is handled at the moment if authScheme.lower() != 'basic': log.error("HTTP Auth is not basic") return None # decode credentials user_name, password = self.decode_basic_credentials(schemeData) set_login_attempted(True) return self.provider.validate_identity(user_name, password, visit_key)
def load_identity(self, visit_key): """Lookup the principal represented by user_name. Return None if there is no principal for the given user ID. Must return an object with the following properties: user_name: original user name user: a provider dependant object (TG_User or similar) groups: a set of group names permissions: a set of permission names """ ident = SqlObjectCsrfIdentity(visit_key) if 'csrf_login' in cherrypy.request.params: cherrypy.request.params.pop('csrf_login') set_login_attempted(True) return ident
def identity_from_form(self, visit_key): """Inspect the request params to pull out identity information. Must have fields for user name, password, and a login submit button. Returns an identity object whose class depends on the current identity provider or None if the form contained no identity information or the information was incorrect. """ # only try to process credentials for login forms if pop_request_params(self.submit_button_name) is None: return None # form data contains login credentials pop_request_params(self.submit_button_name + ['x']) pop_request_params(self.submit_button_name + ['y']) user_name = pop_request_params(self.user_name_field) password = pop_request_params(self.password_field) if user_name is None: log.error("Missing user name in login form") return None elif isinstance(user_name, list): log.error("Multiple user names in login form") return None if password is None: log.error("Missing password in login form") return None elif isinstance(password, list): log.error("Multiple passwords in login form") return None set_login_attempted(True) identity = self.provider.validate_identity( user_name, password, visit_key) if identity is None: log.warning("The credentials specified weren't valid") return None return identity