class AuthFilter(BaseFilter):
def __init__(self, prev, environ, **config):
BaseFilter.__init__(self, prev, environ, **config)
self._auth = Cork(".auth")
# connect
self.connect("/auth/{action}")
self.connect("/auth/{action}/{username}")
def login(self, environ, req, username=None, password=None, **kw):
if self._auth.login(environ, username, password):
return self.register(environ, REG_KEY+":"+"login", username)
raise HTTPUnauthorized("Unauthorized user!")
def logout(self, environ, req, **kw):
self._auth.logout(environ)
self.register(environ, REG_KEY+":"+"logout", True)
def __is_authenticated(self, environ, roles=None):
# fetch current user
try:
cur = self._auth.current_user(environ)
except AuthException, e:
raise HTTPUnauthorized("Unauthorized user!")
# is authenticated?
if cur \
and roles \
and cur.role in roles:
return cur
# seems not!
self.register(environ, REG_KEY+":*", "Untrusted user")
raise BreakException(None)
