kallithea Changeset - 52bf718b30f5

Changeset - 52bf718b30f5

Parent rev.

Child rev.

[Not reviewed]

default

0 1 0

Mads Kiilerich - 11 years ago 2015-01-06 00:54:36
madski@unity3d.com

auth: don't log a message when auth without username fails - that happens all the time for basic auth and ldap

1 file changed with 3 insertions and 2 deletions:

kallithea/lib/auth_modules/__init__.py

0 comments (0 inline, 0 general)

kallithea/lib/auth_modules/__init__.py

➞

Show inline comments

@@ @@ -324,99 +324,100 @@ def importplugin(plugin): @@
             plugin = u'kallithea.lib.auth_modules.auth_' + pn
     PLUGIN_CLASS_NAME = "KallitheaAuthPlugin"
     try:
         module = importlib.import_module(plugin)
     except (ImportError, TypeError):
         log.error(traceback.format_exc())
         # TODO: make this more error prone, if by some accident we screw up
         # the plugin name, the crash is preatty bad and hard to recover
         raise
     log.debug("Loaded auth plugin from %s (module:%s, file:%s)"
               % (plugin, module.__name__, module.__file__))
     pluginclass = getattr(module, PLUGIN_CLASS_NAME)
     if not issubclass(pluginclass, KallitheaAuthPluginBase):
         raise TypeError("Authentication class %s.KallitheaAuthPlugin is not "
                         "a subclass of %s" % (plugin, KallitheaAuthPluginBase))
     return pluginclass
 def loadplugin(plugin):
     """
     Loads and returns an instantiated authentication plugin.
         see: importplugin
     """
     plugin = importplugin(plugin)()
     if plugin.plugin_settings.im_func != KallitheaAuthPluginBase.plugin_settings.im_func:
         raise TypeError("Authentication class %s.KallitheaAuthPluginBase "
                         "has overriden the plugin_settings method, which is "
                         "forbidden." % plugin)
     return plugin
 def authenticate(username, password, environ=None):
     """
     Authentication function used for access control,
     It tries to authenticate based on enabled authentication modules.
     :param username: username can be empty for container auth
     :param password: password can be empty for container auth
     :param environ: environ headers passed for container auth
     :returns: None if auth failed, plugin_user dict if auth is correct
     """
     auth_plugins = Setting.get_auth_plugins()
     log.debug('Authentication against %s plugins' % (auth_plugins,))
     for module in auth_plugins:
         try:
             plugin = loadplugin(module)
         except (ImportError, AttributeError, TypeError), e:
             raise ImportError('Failed to load authentication module %s : %s'
                               % (module, str(e)))
         log.debug('Trying authentication using ** %s **' % (module,))
         # load plugin settings from Kallithea database
         plugin_name = plugin.name
         plugin_settings = {}
         for v in plugin.plugin_settings():
             conf_key = "auth_%s_%s" % (plugin_name, v["name"])
             setting = Setting.get_by_name(conf_key)
             plugin_settings[v["name"]] = setting.app_settings_value if setting else None
         log.debug('Plugin settings \n%s' % formatted_json(plugin_settings))
         if not str2bool(plugin_settings["enabled"]):
             log.info("Authentication plugin %s is disabled, skipping for %s"
                      % (module, username))
             continue
         # use plugin's method of user extraction.
         user = plugin.get_user(username, environ=environ,
                                settings=plugin_settings)
         log.debug('Plugin %s extracted user is `%s`' % (module, user))
         if not plugin.accepts(user):
             log.debug('Plugin %s does not accept user `%s` for authentication'
                       % (module, user))
             continue
         else:
             log.debug('Plugin %s accepted user `%s` for authentication'
                       % (module, user))
         log.info('Authenticating user using %s plugin' % plugin.__module__)
         # _authenticate is a wrapper for .auth() method of plugin.
         # it checks if .auth() sends proper data. for KallitheaExternalAuthPlugin
         # it also maps users to Database and maps the attributes returned
         # from .auth() to Kallithea database. If this function returns data
         # then auth is correct.
         plugin_user = plugin._authenticate(user, username, password,
                                            plugin_settings,
                                            environ=environ or {})
         log.debug('PLUGIN USER DATA: %s' % plugin_user)
         if plugin_user:
             log.debug('Plugin returned proper authentication data')
             return plugin_user
         # we failed to Auth because .auth() method didn't return proper the user
         log.warning("User `%s` failed to authenticate against %s"
                     % (username, plugin.__module__))
         if username:
             log.warning("User `%s` failed to authenticate against %s"
                         % (username, plugin.__module__))
     return None

0 comments (0 inline, 0 general)