Changeset 1729
- Timestamp:
- 12/22/06 05:55:49 (2 years ago)
- Files:
-
- dbauthplugin/simple/dbauth/auth.py (modified) (14 diffs)
- dbauthplugin/simple/dbauth/templates/login.cs (modified) (1 diff)
- dbauthplugin/simple/dbauth/templates/password.cs (modified) (1 diff)
Legend:
- Unmodified
- Added
- Removed
- Modified
- Copied
- Moved
dbauthplugin/simple/dbauth/auth.py
r1491 r1729 52 52 password_changeable = BoolOption('dbauth', 'password_changeable', 'false', 53 53 """Allow user to change his password.""") 54 algorithm = Option('dbauth', 'algorithm', ' md5',54 algorithm = Option('dbauth', 'algorithm', 'sha', 55 55 """Choose which hash algorithm to use. Possible options: 56 56 md5, sha""") … … 98 98 yield 'metanav', 'password', \ 99 99 Markup('<a href="%s">Password</a>' \ 100 % escape( self.env.href.password()))100 % escape(req.href.password())) 101 101 yield 'metanav', 'logout', Markup('<b><a href="%s">Logout</a></b>' \ 102 % escape( self.env.href.logout()))102 % escape(req.href.logout())) 103 103 else: 104 104 yield 'metanav', 'login', Markup('<b><a href="%s">Login</a></b>' \ 105 % escape( self.env.href.login()))105 % escape(req.href.login())) 106 106 107 107 # IRequestHandler methods … … 119 119 referer = req.args.get('referer') 120 120 if not referer or len(referer) == 0: 121 referer = selv.env.href()121 referer = req.href() 122 122 if self._check_login(uid, pwd): 123 123 self._do_login(req, uid) … … 141 141 if not referer or referer.endswith('/login') or \ 142 142 referer.endswith('/settings') or len(referer) == 0: 143 referer = self.env.href()143 referer = req.href() 144 144 145 145 if req.path_info.startswith('/login'): … … 174 174 db = get_db(self.env) 175 175 cursor = db.cursor() 176 sql = 'SELECT %s FROM %s WHERE %s = %%s'% \176 sql = "SELECT %s FROM %s WHERE LOWER(%s) = LOWER(%%s)" % \ 177 177 (self.users['password'], self.users['table'], 178 178 self.users['username']) … … 191 191 db = self.env.get_db_cnx() 192 192 cursor = db.cursor() 193 cursor.execute( 'INSERT INTO auth_cookie ' \194 '(cookie ,name ,ipnr ,time) ' \195 'VALUES (%s, %s, %s, %s)',193 cursor.execute("INSERT INTO auth_cookie " 194 "(cookie ,name ,ipnr ,time) " 195 "VALUES (%s, %s, %s, %s)", 196 196 (cookie, remote_user, req.remote_addr, 197 197 int(time.time()))) … … 199 199 200 200 req.outcookie['db_auth'] = cookie 201 req.outcookie['db_auth']['path'] = self.env.href()201 req.outcookie['db_auth']['path'] = req.href() 202 202 req.outcookie['db_auth']['expires'] = 100000000 203 203 … … 215 215 db = self.env.get_db_cnx() 216 216 cursor = db.cursor() 217 cursor.execute( 'DELETE FROM auth_cookie ' \218 'WHERE name = %s OR time < %s',217 cursor.execute("DELETE FROM auth_cookie " 218 "WHERE LOWER(name) = LOWER(%s) OR time < %s", 219 219 (req.authname, int(time.time()) - self.session_lifetime)) 220 220 db.commit() … … 225 225 "expires" property to a date in the past.""" 226 226 req.outcookie['db_auth'] = '' 227 req.outcookie['db_auth']['path'] = self.env.href()227 req.outcookie['db_auth']['path'] = req.href() 228 228 req.outcookie['db_auth']['expires'] = -10000 229 229 … … 234 234 db = self.env.get_db_cnx() 235 235 cursor = db.cursor() 236 cursor.execute( 'SELECT name, time FROM auth_cookie ' \237 'WHERE cookie = %s',236 cursor.execute("SELECT name, time FROM auth_cookie " 237 "WHERE cookie = %s", 238 238 (cookie,)) 239 239 row = cursor.fetchone() 240 240 if not row or row[1] < int(time.time()) - self.session_lifetime: 241 241 # the cookie has become invalid 242 cursor.execute( 'DELETE FROM auth_cookie ' \243 'WHERE time < %s',242 cursor.execute("DELETE FROM auth_cookie " 243 "WHERE time < %s", 244 244 (int(time.time()) - self.session_lifetime,)) 245 245 db.commit() … … 248 248 elif row[1] < int(time.time()) - 60 * 60: 249 249 # refresh session 250 cursor.execute( 'UPDATE auth_cookie ' \251 'SET time = %s, ipnr = %s ' \252 'WHERE cookie = %s',250 cursor.execute("UPDATE auth_cookie " 251 "SET time = %s, ipnr = %s " 252 "WHERE cookie = %s", 253 253 (int(time.time()), req.remote_addr, cookie)) 254 254 db.commit() 255 255 req.outcookie['db_auth'] = cookie 256 req.outcookie['db_auth']['path'] = self.env.href()256 req.outcookie['db_auth']['path'] = req.href() 257 257 req.outcookie['db_auth']['expires'] = 100000000 258 258 # Don't forget to check whether we have a new email address. … … 267 267 db = get_db(self.env) 268 268 cursor = db.cursor() 269 sql = 'SELECT %s FROM %s WHERE %s = %%s'% \269 sql = "SELECT %s FROM %s WHERE %s = %%s" % \ 270 270 (email_field, self.users['table'], 271 271 self.users['username']) … … 277 277 db = self.env.get_db_cnx() 278 278 cursor = db.cursor() 279 cursor.execute( 'DELETE FROM session_attribute ' \280 'WHERE name="email" AND sid=%s AND authenticated=1',279 cursor.execute("DELETE FROM session_attribute " 280 "WHERE name='email' AND sid=%s AND authenticated=1", 281 281 (user,)) 282 cursor.execute( 'INSERT INTO session_attribute ' \283 '(sid, authenticated, name, value) ' \284 'VALUES (%s, 1, "email", %s)',282 cursor.execute("INSERT INTO session_attribute " 283 "(sid, authenticated, name, value) " 284 "VALUES (%s, 1, 'email', %s)", 285 285 (user, email)) 286 286 db.commit() … … 295 295 db = get_db(self.env) 296 296 cursor = db.cursor() 297 sql = 'UPDATE %s SET %s = %%s WHERE %s = %%s'% \297 sql = "UPDATE %s SET %s = %%s WHERE LOWER(%s) = LOWER(%%s)" % \ 298 298 (self.users['table'], self.users['password'], 299 299 self.users['username']) dbauthplugin/simple/dbauth/templates/login.cs
r1488 r1729 22 22 <input type="hidden" name="referer" value="<?cs var:referer ?>"> 23 23 <input type="submit" name="login" value="Login" /> 24 <input type="submit" name="cancel" value="Cancel" />25 24 </div> 26 25 </form> dbauthplugin/simple/dbauth/templates/password.cs
r1040 r1729 23 23 <div class="buttons"> 24 24 <input type="submit" name="password" value="Change" /> 25 <input type="submit" name="cancel" value="Cancel" />26 25 </div> 27 26 </form>
