Navigation

← Previous Changeset
Next Changeset →

Changeset 132

Timestamp:

11/02/05 22:48:48 (3 years ago)

Author:

mgood

Message:

re #70: add a form-based authentication handler (requires disabling the component trac.web.auth.LoginModule in trac.ini)

Files:

accountmanagerplugin/0.9/acct_mgr/api.py (modified) (2 diffs)
accountmanagerplugin/0.9/acct_mgr/htfile.py (modified) (3 diffs)
accountmanagerplugin/0.9/acct_mgr/web_ui.py (modified) (2 diffs)

Legend:

: Unmodified
: Added
: Removed
: Modified
: Copied
: Moved

accountmanagerplugin/0.9/acct_mgr/api.py

r131	r132
36	36	Returns True if a new account was created, False if an existing account
37	37	was updated.
	38	"""
	39
	40	def check_password(self, user, password):
	41	"""Checks if the password is valid for the user.
38	42	"""
39	43
…	…
87	91	self._notify('password_changed', user, password)
88	92
	93	def check_password(self, user, password):
	94	return self.password_store.check_password(user, password)
	95
89	96	def delete_user(self, user):
90	97	if self.password_store.delete_user(user):

accountmanagerplugin/0.9/acct_mgr/htfile.py

r131	r132
53	53	return self._update_file(self.prefix(user), None)
54	54
	55	def check_password(self, user, password):
	56	filename = self._get_filename()
	57	if not os.path.exists(filename):
	58	return False
	59	prefix = self.prefix(user)
	60	fd = file(filename)
	61	try:
	62	for line in fd:
	63	if line.startswith(prefix):
	64	return self._check_userline(password, prefix,
	65	line[len(prefix):-1])
	66	finally:
	67	fd.close()
	68	return False
	69
55	70	def _get_filename(self):
56	71	return self.config.get('account-manager', 'password_file')
…	…
105	120
106	121	def userline(self, user, password):
107		return self.prefix(user) + md5crypt(password, salt(),
108		'$apr1$')
	122	return self.prefix(user) + md5crypt(password, salt(), '$apr1$')
	123
	124	def _check_userline(self, password, prefix, suffix):
	125	if not suffix.startswith('$apr1$'):
	126	return False
	127	return suffix == md5crypt(password, suffix[6:].split('$')[0], '$apr1$')
109	128
110	129	def _get_users(self, filename):
…	…
144	163	return p + md5.new(p + password).hexdigest()
145	164
	165	def _check_userline(self, password, prefix, suffix):
	166	return suffix == md5.new(prefix + password).hexdigest()
	167
146	168	def _get_users(self, filename):
147	169	f = open(filename)

accountmanagerplugin/0.9/acct_mgr/web_ui.py

r109	r132
14	14	from trac import perm, util
15	15	from trac.core import *
	16	from trac.web import auth
	17	from trac.web.api import IAuthenticator
16	18	from trac.web.main import IRequestHandler
17	19	from trac.web.chrome import INavigationContributor, ITemplateProvider
…	…
151	153	return [resource_filename(__name__, 'templates')]
152	154
	155	def if_enabled(func):
	156	def wrap(self, args, *kwds):
	157	if not self.enabled:
	158	return None
	159	return func(self, args, *kwds)
	160	return wrap
	161
	162	class LoginModule(auth.LoginModule):
	163
	164	def authenticate(self, req):
	165	if req.method == 'POST' and req.path_info.startswith('/login'):
	166	req.remote_user = self._remote_user(req)
	167	return auth.LoginModule.authenticate(self, req)
	168	authenticate = if_enabled(authenticate)
	169
	170	match_request = if_enabled(auth.LoginModule.match_request)
	171
	172	def process_request(self, req):
	173	if req.path_info.startswith('/login') and req.authname == 'anonymous':
	174	req.hdf['referer'] = self._referer(req)
	175	if req.method == 'POST':
	176	req.hdf['login.error'] = 'Invalid username or password'
	177	return 'login.cs', None
	178	return auth.LoginModule.process_request(self, req)
	179
	180	def _do_login(self, req):
	181	if not req.remote_user:
	182	req.redirect(self.env.abs_href())
	183	return auth.LoginModule._do_login(self, req)
	184
	185	def _remote_user(self, req):
	186	user = req.args.get('user')
	187	if AccountManager(self.env).check_password(user,
	188	req.args.get('password')):
	189	return user
	190	return None
	191
	192	def _redirect_back(self, req):
	193	"""Redirect the user back to the URL she came from."""
	194	referer = self._referer(req)
	195	if referer and not referer.startswith(req.base_url):
	196	# don't redirect to external sites
	197	referer = None
	198	req.redirect(referer or self.env.abs_href())
	199
	200	def _referer(self, req):
	201	return req.args.get('referer') or req.get_header('Referer')
	202
	203	def enabled(self):
	204	# Users should disable the built-in authentication to use this one
	205	return not self.env.is_component_enabled(auth.LoginModule)
	206	enabled = property(enabled)
	207