Mercurial > public > src > rhodecode
comparison pylons_app/lib/auth.py @ 64:08707974eae4
Changed auth lib for sqlalchemy
| author | Marcin Kuzminski <marcin@python-blog.com> |
|---|---|
| date | Sat, 10 Apr 2010 16:44:47 +0200 |
| parents | 25e516447a33 |
| children | f24b9a2934cf |
comparison
equal
deleted
inserted
replaced
| 63:3cf0603cd4f5 | 64:08707974eae4 |
|---|---|
| 1 import sqlite3 | |
| 2 import os | |
| 3 import logging | 1 import logging |
| 4 from os.path import dirname as dn | |
| 5 from datetime import datetime | 2 from datetime import datetime |
| 6 import crypt | 3 import crypt |
| 7 from pylons import session, url | 4 from pylons import session, url |
| 8 from pylons.controllers.util import abort, redirect | 5 from pylons.controllers.util import abort, redirect |
| 9 from decorator import decorator | 6 from decorator import decorator |
| 7 from sqlalchemy.exc import OperationalError | |
| 10 log = logging.getLogger(__name__) | 8 log = logging.getLogger(__name__) |
| 11 ROOT = dn(dn(dn(os.path.realpath(__file__)))) | 9 from pylons_app.model import meta |
| 10 from pylons_app.model.db import Users, UserLogs | |
| 11 from sqlalchemy.orm.exc import NoResultFound, MultipleResultsFound | |
| 12 | 12 |
| 13 def get_sqlite_conn_cur(): | 13 def get_crypt_password(password): |
| 14 conn = sqlite3.connect(os.path.join(ROOT, 'auth.sqlite')) | 14 return crypt.crypt(password, '6a') |
| 15 cur = conn.cursor() | |
| 16 return conn, cur | |
| 17 | |
| 18 | 15 |
| 19 def admin_auth(username, password): | 16 def admin_auth(username, password): |
| 20 conn, cur = get_sqlite_conn_cur() | 17 sa = meta.Session |
| 21 password_crypt = crypt.crypt(password, '6a') | 18 password_crypt = get_crypt_password(password) |
| 22 | 19 |
| 23 try: | 20 try: |
| 24 cur.execute("SELECT * FROM users WHERE username=?", (username,)) | 21 user = sa.query(Users).filter(Users.username == username).one() |
| 25 data = cur.fetchone() | 22 except (NoResultFound, MultipleResultsFound, OperationalError) as e: |
| 26 except sqlite3.OperationalError as e: | |
| 27 data = None | |
| 28 log.error(e) | 23 log.error(e) |
| 24 user = None | |
| 29 | 25 |
| 30 if data: | 26 if user: |
| 31 if data[3]: | 27 if user.active: |
| 32 if data[1] == username and data[2] == password_crypt and data[4]: | 28 if user.username == username and user.password == password_crypt and user.admin: |
| 33 log.info('user %s authenticated correctly', username) | 29 log.info('user %s authenticated correctly', username) |
| 34 return True | 30 return True |
| 35 else: | 31 else: |
| 36 log.error('user %s is disabled', username) | 32 log.error('user %s is disabled', username) |
| 37 | 33 |
| 38 return False | 34 return False |
| 39 | 35 |
| 40 def authfunc(environ, username, password): | 36 def authfunc(environ, username, password): |
| 41 conn, cur = get_sqlite_conn_cur() | 37 sa = meta.Session |
| 42 password_crypt = crypt.crypt(password, '6a') | 38 password_crypt = get_crypt_password(password) |
| 43 | 39 |
| 44 try: | 40 try: |
| 45 cur.execute("SELECT * FROM users WHERE username=?", (username,)) | 41 user = sa.query(Users).filter(Users.username == username).one() |
| 46 data = cur.fetchone() | 42 except (NoResultFound, MultipleResultsFound, OperationalError) as e: |
| 47 except sqlite3.OperationalError as e: | |
| 48 data = None | |
| 49 log.error(e) | 43 log.error(e) |
| 50 if data: | 44 user = None |
| 51 if data[3]: | 45 |
| 52 if data[1] == username and data[2] == password_crypt: | 46 if user: |
| 47 if user.active: | |
| 48 if user.username == username and user.password == password_crypt: | |
| 53 log.info('user %s authenticated correctly', username) | 49 log.info('user %s authenticated correctly', username) |
| 54 if environ: | 50 if environ: |
| 55 http_accept = environ.get('HTTP_ACCEPT') | 51 http_accept = environ.get('HTTP_ACCEPT') |
| 56 | 52 |
| 57 if http_accept.startswith('application/mercurial') or \ | 53 if http_accept.startswith('application/mercurial') or \ |
| 58 environ['PATH_INFO'].find('raw-file') != -1: | 54 environ['PATH_INFO'].find('raw-file') != -1: |
| 59 cmd = environ['PATH_INFO'] | 55 repo = environ['PATH_INFO'] |
| 60 for qry in environ['QUERY_STRING'].split('&'): | 56 for qry in environ['QUERY_STRING'].split('&'): |
| 61 if qry.startswith('cmd'): | 57 if qry.startswith('cmd'): |
| 62 cmd += "|" + qry | |
| 63 | 58 |
| 64 try: | 59 try: |
| 65 cur.execute("""INSERT INTO | 60 user_log = UserLogs() |
| 66 user_logs | 61 user_log.user_id = user.user_id |
| 67 VALUES(?,?,?,?)""", | 62 user_log.action = qry |
| 68 (None, data[0], cmd, datetime.now())) | 63 user_log.repository = repo |
| 69 conn.commit() | 64 user_log.action_date = datetime.now() |
| 65 sa.add(user_log) | |
| 66 sa.commit() | |
| 67 log.info('Adding user %s, action %s', username, qry) | |
| 70 except Exception as e: | 68 except Exception as e: |
| 71 conn.rollback() | 69 sa.rollback() |
| 72 log.error(e) | 70 log.error(e) |
| 73 | 71 |
| 74 return True | 72 return True |
| 75 else: | 73 else: |
| 76 log.error('user %s is disabled', username) | 74 log.error('user %s is disabled', username) |
| 82 def authenticate(fn, *args, **kwargs): | 80 def authenticate(fn, *args, **kwargs): |
| 83 if not session.get('admin_user', False): | 81 if not session.get('admin_user', False): |
| 84 redirect(url('admin_home'), 301) | 82 redirect(url('admin_home'), 301) |
| 85 return fn(*args, **kwargs) | 83 return fn(*args, **kwargs) |
| 86 | 84 |
| 87 def create_user_table(): | |
| 88 """ | |
| 89 Create a auth database | |
| 90 """ | |
| 91 conn, cur = get_sqlite_conn_cur() | |
| 92 try: | |
| 93 log.info('creating table %s', 'users') | |
| 94 cur.execute("""DROP TABLE IF EXISTS users """) | |
| 95 cur.execute("""CREATE TABLE users | |
| 96 (user_id INTEGER PRIMARY KEY AUTOINCREMENT, | |
| 97 username TEXT, | |
| 98 password TEXT, | |
| 99 active INTEGER, | |
| 100 admin INTEGER)""") | |
| 101 log.info('creating table %s', 'user_logs') | |
| 102 cur.execute("""DROP TABLE IF EXISTS user_logs """) | |
| 103 cur.execute("""CREATE TABLE user_logs | |
| 104 (id INTEGER PRIMARY KEY AUTOINCREMENT, | |
| 105 user_id INTEGER, | |
| 106 last_action TEXT, | |
| 107 last_action_date DATETIME)""") | |
| 108 conn.commit() | |
| 109 except: | |
| 110 conn.rollback() | |
| 111 raise | |
| 112 | |
| 113 cur.close() | |
| 114 | |
| 115 def create_user(username, password, admin=False): | |
| 116 conn, cur = get_sqlite_conn_cur() | |
| 117 password_crypt = crypt.crypt(password, '6a') | |
| 118 log.info('creating user %s', username) | |
| 119 try: | |
| 120 cur.execute("""INSERT INTO users values (?,?,?,?,?) """, | |
| 121 (None, username, password_crypt, 1, admin)) | |
| 122 conn.commit() | |
| 123 except: | |
| 124 conn.rollback() | |
| 125 raise | |
| 126 | |
| 127 if __name__ == "__main__": | |
| 128 create_user_table() | |
| 129 create_user('marcink', 'qweqwe', True) | |
| 130 create_user('lukaszd', 'qweqwe') | |
| 131 create_user('adriand', 'qweqwe') | |
| 132 create_user('radek', 'qweqwe') | |
| 133 create_user('skrzeka', 'qweqwe') | |
| 134 create_user('bart', 'qweqwe') | |
| 135 create_user('maho', 'qweqwe') | |
| 136 create_user('michalg', 'qweqwe') | |
| 137 | |
| 138 #authfunc('', 'marcink', 'qweqwe') |