Context navigation

source: waeup/branches/ulif-rewrite/src/waeup/authentication.py @ 4073

Last change on this file since 4073 was 4073, checked in by uli, 16 years ago
Add authentication functionality.
File size: 4.2 KB

Line
1	"""Authentication for WAeUP portals.
2	"""
3	import grok
4	from zope import schema
5	from zope.app.authentication.session import SessionCredentialsPlugin
6	from zope.app.authentication.interfaces import (ICredentialsPlugin,
7	IAuthenticatorPlugin,
8	IPrincipalInfo,
9	IPasswordManager)
10	from zope.app.security.interfaces import (IAuthentication,
11	IUnauthenticatedPrincipal,
12	ILogout)
13	from zope.component import getUtility
14	from zope.interface import Interface
15	from waeup.interfaces import IWAeUPObject
16	from waeup.viewlets import Index, MainArea, LeftSidebar
17
18	def setup_authentication(pau):
19	"""Set up plugguble authentication utility.
20
21	Sets up an IAuthenticatorPlugin and
22	ICredentialsPlugin (for the authentication mechanism)
23	"""
24	pau.credentialsPlugins = ['credentials']
25	pau.authenticatorPlugins = ['users']
26
27	class WAeUPSessionCredentialsPlugin(grok.GlobalUtility,
28	SessionCredentialsPlugin):
29	grok.provides(ICredentialsPlugin)
30	grok.name('credentials')
31
32	loginpagename = 'login'
33	loginfield = 'form.login'
34	passwordfield = 'form.password'
35
36	class Login(grok.View):
37	grok.context(IWAeUPObject)
38	grok.require('zope.Public')
39
40	def update(self, SUBMIT=None):
41	self.camefrom = self.request.form.get('camefrom', '')
42	if SUBMIT is not None:
43	self.redirect(self.camefrom)
44
45	class LoginMain(grok.Viewlet):
46	grok.viewletmanager(MainArea)
47	grok.context(IWAeUPObject)
48	grok.view(Login)
49
50	class Logout(grok.Viewlet):
51	grok.viewletmanager(LeftSidebar)
52	grok.context(IWAeUPObject)
53	grok.order(3)
54	grok.require('zope.Public')
55
56	def update(self):
57	if 'form.logout' not in self.request.form.keys():
58	return
59	if not IUnauthenticatedPrincipal.providedBy(self.request.principal):
60	auth = getUtility(IAuthentication)
61	ILogout(auth).logout(self.request)
62	# We redirect to ourself, as we want this page be loaded
63	# without authentication (updating other viewlets on the
64	# page)
65	self.view.redirect(self.view.url())
66
67	class PrincipalInfo(object):
68	grok.implements(IPrincipalInfo)
69
70	def __init__(self, id, title, description):
71	self.id = id
72	self.title = title
73	self.description = description
74	self.credentialsPlugin = None
75	self.authenticatorPlugin = None
76
77	class Account(grok.Model):
78	def __init__(self, name, password):
79	self.name = name
80	self.setPassword(password)
81
82	def setPassword(self, password):
83	passwordmanager = getUtility(IPasswordManager, 'SHA1')
84	self.password = passwordmanager.encodePassword(password)
85
86	def checkPassword(self, password):
87	passwordmanager = getUtility(IPasswordManager, 'SHA1')
88	return passwordmanager.checkPassword(self.password, password)
89
90
91	class UserAuthenticatorPlugin(grok.GlobalUtility):
92	grok.provides(IAuthenticatorPlugin)
93	grok.name('users')
94
95	def authenticateCredentials(self, credentials):
96	if not isinstance(credentials, dict):
97	return None
98	if not ('login' in credentials and 'password' in credentials):
99	return None
100	account = self.getAccount(credentials['login'])
101
102	if account is None:
103	return None
104	if not account.checkPassword(credentials['password']):
105	return None
106	return PrincipalInfo(id=account.name,
107	title=account.name,
108	description=account.name)
109
110	def principalInfo(self, id):
111	account = self.getAccount(id)
112	if account is None:
113	return None
114	return PrincipalInfo(id=account.name,
115	title=account.name,
116	description=account.name)
117
118	def getAccount(self, login):
119	# XXX: while developing, we only support a single user.
120	if login == 'grok':
121	return Account('grok', 'grok')
122	return
123	#... look up the account object and return it ...

Note: See TracBrowser for help on using the repository browser.

Download in other formats: