def _store_user_in_session(session, username, remember=False): user = User.get_by_username(username, case_insensitive=True) auth_user = AuthUser(user.user_id) auth_user.set_authenticated() cs = auth_user.get_cookie_store() session['rhodecode_user'] = cs user.update_lastlogin() Session().commit() # If they want to be remembered, update the cookie if remember: _year = (datetime.datetime.now() + datetime.timedelta(seconds=60 * 60 * 24 * 365)) session._set_cookie_expires(_year) session.save() log.info('user %s is now authenticated and stored in ' 'session, session attrs %s', username, cs) # dumps session attrs back to cookie session._update_cookie_out() # we set new cookie headers = None if session.request['set_cookie']: # send set-cookie headers back to response to update cookie headers = [('Set-Cookie', session.request['cookie_out'])] return headers
def index(self): # redirect if already logged in c.came_from = request.GET.get('came_from', None) if self.rhodecode_user.is_authenticated \ and self.rhodecode_user.username != 'default': return redirect(url('home')) if request.POST: # import Login Form validator class login_form = LoginForm() try: c.form_result = login_form.to_python(dict(request.POST)) # form checks for username/password, now we're authenticated username = c.form_result['username'] user = User.get_by_username(username, case_insensitive=True) auth_user = AuthUser(user.user_id) auth_user.set_authenticated() cs = auth_user.get_cookie_store() session['rhodecode_user'] = cs # If they want to be remembered, update the cookie if c.form_result['remember'] is not False: session.cookie_expires = False session._set_cookie_values() session._update_cookie_out() session.save() log.info('user %s is now authenticated and stored in ' 'session, session attrs %s' % (username, cs)) user.update_lastlogin() Session.commit() if c.came_from: return redirect(c.came_from) else: return redirect(url('home')) except formencode.Invalid, errors: return htmlfill.render( render('/login.html'), defaults=errors.value, errors=errors.error_dict or {}, prefix_error=False, encoding="UTF-8")
def index(self): # redirect if already logged in c.came_from = request.GET.get('came_from', None) if self.rhodecode_user.is_authenticated \ and self.rhodecode_user.username != 'default': return redirect(url('home')) if request.POST: # import Login Form validator class login_form = LoginForm() try: c.form_result = login_form.to_python(dict(request.POST)) # form checks for username/password, now we're authenticated username = c.form_result['username'] user = User.get_by_username(username, case_insensitive=True) auth_user = AuthUser(user.user_id) auth_user.set_authenticated() cs = auth_user.get_cookie_store() session['rhodecode_user'] = cs # If they want to be remembered, update the cookie if c.form_result['remember'] is not False: session.cookie_expires = False session._set_cookie_values() session._update_cookie_out() session.save() log.info('user %s is now authenticated and stored in ' 'session, session attrs %s' % (username, cs)) user.update_lastlogin() Session.commit() if c.came_from: return redirect(c.came_from) else: return redirect(url('home')) except formencode.Invalid, errors: return htmlfill.render(render('/login.html'), defaults=errors.value, errors=errors.error_dict or {}, prefix_error=False, encoding="UTF-8")
def get_auth_user(environ): ip_addr = get_ip_addr(environ) # make sure that we update permissions each time we call controller _auth_token = (request.GET.get('auth_token', '') or request.GET.get('api_key', '')) if _auth_token: # when using API_KEY we are sure user exists. auth_user = AuthUser(api_key=_auth_token, ip_addr=ip_addr) authenticated = False else: cookie_store = CookieStoreWrapper(session.get('rhodecode_user')) try: auth_user = AuthUser(user_id=cookie_store.get('user_id', None), ip_addr=ip_addr) except UserCreationError as e: h.flash(e, 'error') # container auth or other auth functions that create users # on the fly can throw this exception signaling that there's # issue with user creation, explanation should be provided # in Exception itself. We then create a simple blank # AuthUser auth_user = AuthUser(ip_addr=ip_addr) if password_changed(auth_user, session): session.invalidate() cookie_store = CookieStoreWrapper( session.get('rhodecode_user')) auth_user = AuthUser(ip_addr=ip_addr) authenticated = cookie_store.get('is_authenticated') if not auth_user.is_authenticated and auth_user.is_user_object: # user is not authenticated and not empty auth_user.set_authenticated(authenticated) return auth_user
def index(self): # redirect if already logged in c.came_from = request.GET.get("came_from", None) if self.rhodecode_user.is_authenticated and self.rhodecode_user.username != "default": return redirect(url("home")) if request.POST: # import Login Form validator class login_form = LoginForm() try: c.form_result = login_form.to_python(dict(request.POST)) # form checks for username/password, now we're authenticated username = c.form_result["username"] user = User.get_by_username(username, case_insensitive=True) auth_user = AuthUser(user.user_id) auth_user.set_authenticated() session["rhodecode_user"] = auth_user session.save() log.info("user %s is now authenticated and stored in session", username) user.update_lastlogin() if c.came_from: return redirect(c.came_from) else: return redirect(url("home")) except formencode.Invalid, errors: return htmlfill.render( render("/login.html"), defaults=errors.value, errors=errors.error_dict or {}, prefix_error=False, encoding="UTF-8", )
def index(self): # redirect if already logged in c.came_from = request.GET.get('came_from') not_default = self.rhodecode_user.username != 'default' ip_allowed = self.rhodecode_user.ip_allowed if self.rhodecode_user.is_authenticated and not_default and ip_allowed: return redirect(url('home')) if request.POST: # import Login Form validator class login_form = LoginForm() try: session.invalidate() c.form_result = login_form.to_python(dict(request.POST)) # form checks for username/password, now we're authenticated username = c.form_result['username'] user = User.get_by_username(username, case_insensitive=True) auth_user = AuthUser(user.user_id) auth_user.set_authenticated() cs = auth_user.get_cookie_store() session['rhodecode_user'] = cs user.update_lastlogin() Session().commit() # If they want to be remembered, update the cookie if c.form_result['remember']: _year = (datetime.datetime.now() + datetime.timedelta(seconds=60 * 60 * 24 * 365)) session._set_cookie_expires(_year) session.save() log.info('user %s is now authenticated and stored in ' 'session, session attrs %s' % (username, cs)) # dumps session attrs back to cookie session._update_cookie_out() # we set new cookie headers = None if session.request['set_cookie']: # send set-cookie headers back to response to update cookie headers = [('Set-Cookie', session.request['cookie_out'])] allowed_schemes = ['http', 'https'] if c.came_from: parsed = urlparse.urlparse(c.came_from) server_parsed = urlparse.urlparse(url.current()) if parsed.scheme and parsed.scheme not in allowed_schemes: log.error( 'Suspicious URL scheme detected %s for url %s' % (parsed.scheme, parsed)) c.came_from = url('home') elif server_parsed.netloc != parsed.netloc: log.error('Suspicious NETLOC detected %s for url %s' 'server url is: %s' % (parsed.netloc, parsed, server_parsed)) c.came_from = url('home') raise HTTPFound(location=c.came_from, headers=headers) else: raise HTTPFound(location=url('home'), headers=headers) except formencode.Invalid, errors: return htmlfill.render( render('/login.html'), defaults=errors.value, errors=errors.error_dict or {}, prefix_error=False, encoding="UTF-8")
def index(self): # redirect if already logged in c.came_from = request.GET.get('came_from') not_default = self.rhodecode_user.username != 'default' ip_allowed = self.rhodecode_user.ip_allowed if self.rhodecode_user.is_authenticated and not_default and ip_allowed: return redirect(url('home')) if request.POST: # import Login Form validator class login_form = LoginForm() try: session.invalidate() c.form_result = login_form.to_python(dict(request.POST)) # form checks for username/password, now we're authenticated username = c.form_result['username'] user = User.get_by_username(username, case_insensitive=True) auth_user = AuthUser(user.user_id) auth_user.set_authenticated() cs = auth_user.get_cookie_store() session['rhodecode_user'] = cs user.update_lastlogin() Session().commit() # If they want to be remembered, update the cookie if c.form_result['remember']: _year = (datetime.datetime.now() + datetime.timedelta(seconds=60 * 60 * 24 * 365)) session._set_cookie_expires(_year) session.save() log.info('user %s is now authenticated and stored in ' 'session, session attrs %s' % (username, cs)) # dumps session attrs back to cookie session._update_cookie_out() # we set new cookie headers = None if session.request['set_cookie']: # send set-cookie headers back to response to update cookie headers = [('Set-Cookie', session.request['cookie_out'])] allowed_schemes = ['http', 'https'] if c.came_from: parsed = urlparse.urlparse(c.came_from) server_parsed = urlparse.urlparse(url.current()) if parsed.scheme and parsed.scheme not in allowed_schemes: log.error( 'Suspicious URL scheme detected %s for url %s' % (parsed.scheme, parsed)) c.came_from = url('home') elif server_parsed.netloc != parsed.netloc: log.error('Suspicious NETLOC detected %s for url %s' 'server url is: %s' % (parsed.netloc, parsed, server_parsed)) c.came_from = url('home') raise HTTPFound(location=c.came_from, headers=headers) else: raise HTTPFound(location=url('home'), headers=headers) except formencode.Invalid, errors: return htmlfill.render( render('/login.html'), defaults=errors.value, errors=errors.error_dict or {}, prefix_error=False, encoding="UTF-8") except UserCreationError, e: # container auth or other auth functions that create users on # the fly can throw this exception signaling that there's issue # with user creation, explanation should be provided in # Exception itself h.flash(e, 'error')