authform: change the way to set replay_condition
This commit is contained in:
parent
b48d55a420
commit
bbbe4c5561
|
@ -1,27 +1,23 @@
|
|||
"""
|
||||
Dispatcher for basic auth form authentifications
|
||||
"""
|
||||
import Cookie
|
||||
import base64
|
||||
import json
|
||||
import copy
|
||||
import re
|
||||
import os
|
||||
import traceback
|
||||
import urllib
|
||||
|
||||
import mandaye
|
||||
|
||||
from cookielib import CookieJar
|
||||
from datetime import datetime
|
||||
from lxml.html import fromstring
|
||||
from urlparse import parse_qs
|
||||
|
||||
from mandaye import config, __version__
|
||||
from mandaye.exceptions import MandayeException
|
||||
from mandaye.log import logger
|
||||
from mandaye.http import HTTPResponse, HTTPHeader, HTTPRequest
|
||||
from mandaye.response import _500, _302, _401
|
||||
from mandaye.response import template_response
|
||||
from mandaye.http import HTTPHeader, HTTPRequest
|
||||
from mandaye.response import _500, _302, _401, json_response, json_error
|
||||
from mandaye.server import get_response
|
||||
|
||||
from mandaye.backends.default import Association
|
||||
|
@ -42,6 +38,11 @@ class AuthForm(object):
|
|||
self.urls = mapper.urls
|
||||
self.site_name = self.env["mandaye.config"]["site_name"]
|
||||
self.form_values = mapper.form_values
|
||||
if hasattr(mapper, 'replay_condition'):
|
||||
self.replay_condition = mapper.replay_condition
|
||||
else:
|
||||
self.replay_condition = None
|
||||
logger.warning('DEPRECATED: you must add replay_condition attribute in you mapper')
|
||||
if not self.form_values.has_key('form_headers'):
|
||||
self.form_values['form_headers'] = {
|
||||
'Content-Type': 'application/x-www-form-urlencoded',
|
||||
|
@ -135,6 +136,13 @@ a password_field key if you want to encode a password.")
|
|||
return env['beaker.session']['unique_id']
|
||||
return None
|
||||
|
||||
def verify_replay(self, response, values):
|
||||
if self.replay_condition:
|
||||
return self.replay_condition(self.env, response)
|
||||
else:
|
||||
# XXX: to be removed test for compability only
|
||||
return eval(values['condition'])
|
||||
|
||||
def replay(self, env, post_values):
|
||||
""" replay the login / password
|
||||
env: WSGI env with beaker session and the target
|
||||
|
@ -245,7 +253,7 @@ a password_field key if you want to encode a password.")
|
|||
return _302(self.urls.get('associate_url') + "?%s" % urllib.urlencode(qs))
|
||||
post_values[field] = post[field][0]
|
||||
response = self.replay(env, post_values)
|
||||
if eval(values['condition']):
|
||||
if self.verify_replay(response, values):
|
||||
logger.debug("Replay works: save the association")
|
||||
self._save_association(env, unique_id, post_values)
|
||||
if qs.has_key('next_url'):
|
||||
|
@ -255,7 +263,7 @@ a password_field key if you want to encode a password.")
|
|||
qs['type'] = 'badlogin'
|
||||
return _302(self.urls.get('associate_url') + "?%s" % urllib.urlencode(qs))
|
||||
|
||||
def _login_sp_user(self, association, env, condition, values):
|
||||
def _login_sp_user(self, association, env, values):
|
||||
""" Log in sp user
|
||||
"""
|
||||
if not association['sp_login']:
|
||||
|
@ -267,7 +275,7 @@ a password_field key if you want to encode a password.")
|
|||
post_values[self.form_values['password_field']] = password
|
||||
response = self.replay(env, post_values)
|
||||
qs = parse_qs(env['QUERY_STRING'])
|
||||
if condition and eval(condition):
|
||||
if self.verify_replay(response, values):
|
||||
Association.update_last_connection(association['id'])
|
||||
env['beaker.session']['old_association_id'] = None
|
||||
env['beaker.session'][self.site_name] = association['id']
|
||||
|
@ -308,7 +316,7 @@ a password_field key if you want to encode a password.")
|
|||
if not association:
|
||||
logger.debug('User %s is not associate' % env['beaker.session']['unique_id'])
|
||||
return _302(self.urls.get('associate_url') + "?type=first")
|
||||
return self._login_sp_user(association, env, values['condition'], values)
|
||||
return self._login_sp_user(association, env, values)
|
||||
|
||||
def logout(self, env, values, request, response):
|
||||
""" Destroy the Beaker session
|
||||
|
@ -376,7 +384,7 @@ a password_field key if you want to encode a password.")
|
|||
association = Association.get_last_connected(self.site_name, unique_id)
|
||||
if not association:
|
||||
return _302(self.urls.get('associate_url'))
|
||||
return self._login_sp_user(association, env, 'response.code==302', values)
|
||||
return self._login_sp_user(association, env, values)
|
||||
|
||||
def disassociate(self, env, values, request, response):
|
||||
""" Disassociate an account with the Mandaye account
|
||||
|
|
Reference in New Issue