Coverage for lino/core/auth.py : 51%

Hot-keys on this page
r m x p toggle line displays
j k next/prev highlighted chunk
0 (zero) top of page
1 (one) first highlighted chunk
# -*- coding: UTF-8 -*- # Copyright 2010-2016 Luc Saffre # License: BSD (see file COPYING for details)
Lino's authentification middleware
"""
"""Common base class for :class:`RemoteUserMiddleware`, :class:`SessionUserMiddleware` and :class:`NoUserMiddleware`.
"""
# Singleton instance
# Save singleton instance # print("20150129 Middleware is {0}".format(self.__class__))
raise NotImplementedError
# first request will trigger site startup to load UserProfiles # settings.SITE.startup()
# logger.info("20150428 %s process_request %s -> %s" % ( # self.__class__.__name__, request.path, user))
# logger.info("20150424 authenticate %s, %s" % (username, password))
return AnonymousUser.instance()
# 20120110 : Alicia once managed to add a space char in front # of her username log in the login dialog. Apache let her in # as " alicia".
logger.info( "Could not authenticate %s : user has no profile", username) return None if not user.check_password(password): logger.info( "Could not authenticate %s : password mismatch", username) return None #~ logger.info("20130923 good password for %s",username) #~ else: #~ logger.info("20130923 no password needed for %s",username) except settings.SITE.user_model.DoesNotExist: logger.debug("Could not authenticate %s : no such user", username) return None
"""The method which is applied when the user has been determined. On multilingual sites, if URL_PARAM_USER_LANGUAGE is present it overrides user.language.
""" # logger.info("20130923 on_login(%s)" % user)
activate(user.timezone or settings.TIME_ZONE)
elif request.method in ('PUT', 'DELETE'): # raw_post_data before Django 1.4 rqdata = http.QueryDict(request.body) elif request.method == 'POST': rqdata = request.POST else: # e.g. OPTIONS, HEAD if len(settings.SITE.languages) > 1: if user_language: translation.activate(user_language) request.LANGUAGE_CODE = translation.get_language() #~ logger.info("20121205 on_login %r",translation.get_language()) request.requesting_panel = None request.subst_user = None return # ~ else: # DELETE #~ request.subst_user = None #~ request.requesting_panel = None #~ return
constants.URL_PARAM_USER_LANGUAGE, user_language)
if su: try: su = settings.SITE.user_model.objects.get(id=int(su)) #~ logger.info("20120714 su is %s",su.username) except settings.SITE.user_model.DoesNotExist: su = None else: su = None # e.g. when it was an empty string "su=" constants.URL_PARAM_REQUESTING_PANEL, None) #~ logger.info("20121228 subst_user is %r",request.subst_user) #~ if request.subst_user is not None and not isinstance(request.subst_user,settings.SITE.user_model): #~ raise Exception("20121228")
return False
raise NotImplementedError
"""Used when :attr:`lino.core.site.Site.default_user` is non-empty. """ user = self.authenticate(settings.SITE.default_user)
# print 20150701, user.profile.role
if user is None: # print("20130514 Unknown username %s from request %s" % ( # username, request)) #~ raise Exception( #~ raise exceptions.PermissionDenied("Unknown or inactive username %r. Please contact your system administrator." # logger.info("Unknown or inactive username %r.", username) raise exceptions.PermissionDenied( "default_user {0} does not exist".format( settings.SITE.default_user))
return user
"""Middleware automatically installed by :meth:`get_middleware_classes <lino.core.site.Site.get_middleware_classes>` when both :attr:`remote_user_header <lino.core.site.Site.remote_user_header>` and :attr:`user_model <lino.core.site.Site.user_model>` are not empty.
This does the same as `django.contrib.auth.middleware.RemoteUserMiddleware`, but in a simplified manner and without using Sessions.
It also activates the User's language, if that field is not empty. Since it will run *after* `django.contrib.auth.middleware.RemoteUserMiddleware` (at least if you didn't change :meth:`lino.Lino.get_middleware_classes`), it will override any browser setting.
"""
raise Exception( "Using remote authentication, but no user credentials found.")
# print 20150701, user.profile.role
# print("20130514 Unknown username %s from request %s" % ( # username, request)) #~ raise Exception( #~ raise exceptions.PermissionDenied("Unknown or inactive username %r. Please contact your system administrator." # logger.info("Unknown or inactive username %r.", username) raise exceptions.PermissionDenied()
"""Middleware automatically installed by :meth:`lino.core.site.Site.get_middleware_classes` when :attr:`lino.core.site.Site.user_model` is None.
"""
return AnonymousUser.instance()
"""Middleware automatically installed by :meth:`get_middleware_classes <lino.site.Site.get_middleware_classes>` when :setting:`remote_user_header` is None and :setting:`user_model` not.
"""
# logger.info("20150428 %s get_user_from_request %s, %s" % ( # self.__class__.__name__, # request.session.get('username'), # request.session.get('password')))
user = self.authenticate(request.session.get('username'), request.session.get('password'))
if user is None: user = AnonymousUser.instance()
return user
""" Middleware automatically installed by :meth:`get_middleware_classes <lino.site.Site.get_middleware_classes>` when
- :setting:`user_model` is not None - :setting:`remote_user_header` is None - :setting:`ldap_auth_server` is not None
Using this requires `activedirectory <https://github.com/theatlantic/python-active-directory>`_.
Thanks to Josef Kejzlar for the initial implementation.
"""
from activedirectory import Client, Creds from activedirectory.core.exception import Error
server_spec = settings.SITE.ldap_auth_server if isinstance(server_spec, basestring): server_spec = server_spec.split()
self.domain = server_spec[0] self.server = server_spec[1]
self.creds = Creds(domain)
try: self.creds.acquire(username, password, server=self.server) return True except Exception as e: pass
return False
if not from_session and username and password != SessionUserMiddleware.NOT_NEEDED: if not self.check_password(username, password): return None
return SessionUserMiddleware.authenticate(username, SessionUserMiddleware.NOT_NEEDED)
user = self.authenticate(request.session.get('username'), request.session.get('password'), True)
if user is None: logger.debug("Login failed from session %s", request.session) user = AnonymousUser.instance()
return user
""" Returns active Authentication Middleware instance
:return: AuthMiddleWareBase """ return AuthMiddleWareBase._instance
""" Needed by the ``/auth`` view (:class:`lino.ui.views.Authenticate`). Called when the Login window of the web interface is confirmed. """ return get_auth_middleware().authenticate(*args, **kwargs) |