示例#1
0
文件: auth.py 项目: jsgf/imagestore2
def _do_authenticate(auth_hdr, method):
    user = None

    response = quixote.get_response()
    session = quixote.get_session()

    try:
        if auth_hdr is None:
            return None

        scheme,dict = parse_auth_header(auth_hdr)

        if scheme not in _schemes_allowed:
            return None

        method = dict.get('method', method)
        dict['method'] = method

        try:
            if _schemes[scheme](dict, method):
                username = dict.get('username')
                user = db.User.byUsername(username)
        except (KeyError, SQLObjectNotFound):
            pass

        # If we got an auth string but login failed, then delay a bit
        # to prevent being pounded with bad requests.
        if user is None:
            time.sleep(2)
    finally:
        if user is None:
            response.expire_cookie(_auth_cookie, path=imagestore.path())
        else:
            response.set_cookie(_auth_cookie, _format_auth('digest', dict), path=imagestore.path())

    return user
示例#2
0
文件: auth.py 项目: jsgf/imagestore2
def _auth_challenge(scheme, realm, stale=False):
    if scheme == 'basic':
        ret =(0, { 'realm': realm })
    if scheme == 'digest':
        expire = 0
        life=config.get('auth', 'nonce_life')
        if life != 'unlimited' and int(life) != 0:
            expire = int(time.time()) + int(life)
            
        ret = (expire, {
            'realm': realm,
            'nonce': makenonce(expire),
            'uri': imagestore.path(),
            'algorithm': 'MD5',
            'qop': 'auth',
            'stale': stale and 'true' or 'false'
            })

    return ret
示例#3
0
文件: user.py 项目: jsgf/imagestore2
def path():
    return imagestore.path() + 'user/'
示例#4
0
文件: user.py 项目: jsgf/imagestore2
def editmode_url(onoff):
    return '%suser/editmode?wantedit=%d' % (imagestore.path(), onoff)
示例#5
0
文件: user.py 项目: jsgf/imagestore2
def _q_access(request):
    sess_user = auth.login_user(quiet=True)
    
    if sess_user and sess_user.mayAdmin:
        request.context_menu += [ menu.Separator(),
                                  menu.Link('User admin', '%suser/editusers' % imagestore.path()) ]