kallithea Changeset - c5ff0bfefdf8

Changeset - c5ff0bfefdf8

Parent rev.

Child rev.

[Not reviewed]

default

0 2 0

Søren Løvborg - 10 years ago 2015-07-14 13:59:59
kwi@kwi.dk

log_in_user: extract user session setup from LoginController

The next changeset will need to set up a user login session outside
LoginController. 'log_in_user' extracted and added as a top-level
function in kallithea.lib.base since the code doesn't need access to
the current controller.

Code refactored to take a User object instead of a username, to allow
callers flexibility in how the user should be looked up.

2 files changed with 41 insertions and 32 deletions:

kallithea/controllers/login.py

kallithea/lib/base.py

0 comments (0 inline, 0 general)

kallithea/controllers/login.py

➞

Show inline comments

@@ @@ -25,25 +25,24 @@ Original author and date, and relevant c @@
 :license: GPLv3, see LICENSE.md for more details.
 """
 import logging
 import formencode
 import datetime
 import urlparse
 from formencode import htmlfill
 from webob.exc import HTTPFound
 from pylons.i18n.translation import _
 from pylons.controllers.util import redirect
 from pylons import request, session, tmpl_context as c, url
 import kallithea.lib.helpers as h
 from kallithea.lib.auth import AuthUser, HasPermissionAnyDecorator
 from kallithea.lib.auth_modules import importplugin
 from kallithea.lib.base import BaseController, render
+from kallithea.lib.base import BaseController, log_in_user, render
 from kallithea.lib.exceptions import UserCreationError
 from kallithea.lib.utils2 import safe_str
 from kallithea.model.db import User, Setting
 from kallithea.model.forms import LoginForm, RegisterForm, PasswordResetForm
 from kallithea.model.user import UserModel
 from kallithea.model.meta import Session
@@ @@ -54,35 +53,12 @@ log = logging.getLogger(__name__) @@
 class LoginController(BaseController):
     def __before__(self):
         super(LoginController, self).__before__()
     def _store_user_in_session(self, username, remember=False):
         user = User.get_by_username(username, case_insensitive=True)
         auth_user = AuthUser(user.user_id)
         auth_user.set_authenticated()
         cs = auth_user.get_cookie_store()
         session['authuser'] = cs
         user.update_lastlogin()
         Session().commit()
         # If they want to be remembered, update the cookie
         if remember:
             _year = (datetime.datetime.now() +
                      datetime.timedelta(seconds=60 * 60 * 24 * 365))
             session._set_cookie_expires(_year)
         session.save()
         log.info('user %s is now authenticated and stored in '
                  'session, session attrs %s' % (username, cs))
         # dumps session attrs back to cookie
         session._update_cookie_out()
     def _validate_came_from(self, came_from):
         """Return True if came_from is valid and can and should be used"""
         if not came_from:
             return False
         parsed = urlparse.urlparse(came_from)
@@ @@ -116,20 +92,16 @@ class LoginController(BaseController): @@
             return self._redirect_to_origin(c.came_from)
         if request.POST:
             # import Login Form validator class
             login_form = LoginForm()
             try:
                 session.invalidate()
                 c.form_result = login_form.to_python(dict(request.POST))
                 # form checks for username/password, now we're authenticated
                 self._store_user_in_session(
                                         username=c.form_result['username'],
                                         remember=c.form_result['remember'])
                 return self._redirect_to_origin(c.came_from)
                 username = c.form_result['username']
                 user = User.get_by_username(username, case_insensitive=True)
             except formencode.Invalid, errors:
                 defaults = errors.value
                 # remove password from filling in form again
                 del defaults['password']
                 return htmlfill.render(
                     render('/login.html'),
@@ @@ -141,12 +113,15 @@ class LoginController(BaseController): @@
             except UserCreationError, e:
                 # container auth or other auth functions that create users on
                 # the fly can throw this exception signaling that there's issue
                 # with user creation, explanation should be provided in
                 # Exception itself
                 h.flash(e, 'error')
             else:
                 log_in_user(user, c.form_result['remember'])
                 return self._redirect_to_origin(c.came_from)
         # check if we use container plugin, and try to login using it.
         auth_plugins = Setting.get_auth_plugins()
         if any((importplugin(name).is_container_auth for name in auth_plugins)):
             from kallithea.lib import auth_modules
             try:
@@ @@ -155,13 +130,15 @@ class LoginController(BaseController): @@
                 log.error(e)
                 h.flash(e, 'error')
                 # render login, with flash message about limit
                 return render('/login.html')
             if auth_info:
                 self._store_user_in_session(auth_info.get('username'))
                 username = auth_info.get('username')
                 user = User.get_by_username(username, case_insensitive=True)
                 log_in_user(user, remember=False)
                 return self._redirect_to_origin(c.came_from)
         return render('/login.html')
     @HasPermissionAnyDecorator('hg.admin', 'hg.register.auto_activate',
                                'hg.register.manual_activate')

kallithea/lib/base.py

➞

Show inline comments

@@ @@ -25,12 +25,13 @@ Original author and date, and relevant c @@
 :created_on: Oct 06, 2010
 :author: marcink
 :copyright: (c) 2013 RhodeCode GmbH, and others.
 :license: GPLv3, see LICENSE.md for more details.
 """
 import datetime
 import logging
 import time
 import traceback
 import webob.exc
 import paste.httpexceptions
@@ @@ -100,12 +101,43 @@ def _get_access_path(environ): @@
     org_req = environ.get('pylons.original_request')
     if org_req:
         path = org_req.environ.get('PATH_INFO')
     return path
 def log_in_user(user, remember):
     """
     Log a `User` in and update session and cookies. If `remember` is True,
     the session cookie is set to expire in a year; otherwise, it expires at
     the end of the browser session.
     """
     user.update_lastlogin()
     meta.Session().commit()
     auth_user = AuthUser(user_id=user.user_id)
     auth_user.set_authenticated()
     # Start new session to prevent session fixation attacks.
     session.invalidate()
     cs = auth_user.get_cookie_store()
     session['authuser'] = cs
     # If they want to be remembered, update the cookie
     if remember:
         t = datetime.datetime.now() + datetime.timedelta(days=365)
         session._set_cookie_expires(t)
     session.save()
     log.info('user %s is now authenticated and stored in '
              'session, session attrs %s', user.username, cs)
     # dumps session attrs back to cookie
     session._update_cookie_out()
 class BasicAuth(paste.auth.basic.AuthBasicAuthenticator):
     def __init__(self, realm, authfunc, auth_http_code=None):
         self.realm = realm
         self.authfunc = authfunc
         self._rc_auth_http_code = auth_http_code

0 comments (0 inline, 0 general)