Changeset 5446 for main/waeup.sirp/trunk/src/waeup/sirp/jambtables/authentication.py

Timestamp:

16 Aug 2010, 11:18:41 (14 years ago)

Author:

uli

Message:

Clean up and check access_code before authenticating an applicant.

File:

• main/waeup.sirp/trunk/src/waeup/sirp/jambtables/authentication.py (modified) (3 diffs)

main/waeup.sirp/trunk/src/waeup/sirp/jambtables/authentication.py

@@ -38 +38 @@
     IApplicantPrincipalInfo, IApplicantPrincipal, IApplicantSessionCredentials,
     IJAMBApplicantSessionCredentials)
-from waeup.sirp.jambtables.util import get_applicant_data
+from waeup.sirp.jambtables.util import get_applicant_data, get_access_code
 
 class PortalUser(grok.Role):
@@ -243 +243 @@
 
     def authenticateCredentials(self, credentials):
-        #print "AUTH: ", credentials
         if not isinstance(credentials, dict):
             return None
@@ -250 +249 @@
         if not 'jambregno' in credentials.keys():
             credentials['jambregno'] = None
+        ac = get_access_code(credentials['accesscode'])
+        if ac is None:
+            # Invalid access code entered.
+            # XXX: log this.
+            return None
         return ApplicantPrincipalInfo(
             credentials['accesscode'], credentials['jambregno']
-            # credentials['login'], credentials['password']
             )