Mercurial > public > src > rhodecode
comparison pylons_app/lib/auth.py @ 41:71ffa932799d
Added app basic auth.
Changed few deprecations for new pylons.
added sqlite logging for user actions.
| author | Marcin Kuzminski <marcin@python-blog.com> |
|---|---|
| date | Wed, 07 Apr 2010 00:51:55 +0200 |
| parents | |
| children | b2bc08f2974b |
comparison
equal
deleted
inserted
replaced
| 40:cbc1624cb499 | 41:71ffa932799d |
|---|---|
| 1 import sqlite3 | |
| 2 import os | |
| 3 import logging | |
| 4 from os.path import dirname as dn | |
| 5 from datetime import datetime | |
| 6 import crypt | |
| 7 | |
| 8 log = logging.getLogger(__name__) | |
| 9 ROOT = dn(dn(dn(os.path.realpath(__file__)))) | |
| 10 | |
| 11 def get_sqlite_cur_conn(): | |
| 12 conn = sqlite3.connect(os.path.join(ROOT, 'auth.sqlite')) | |
| 13 cur = conn.cursor() | |
| 14 return conn, cur | |
| 15 | |
| 16 def authfunc(environ, username, password): | |
| 17 conn, cur = get_sqlite_cur_conn() | |
| 18 password_crypt = crypt.crypt(password, '6a') | |
| 19 | |
| 20 cur.execute("SELECT * FROM users WHERE username=?", (username,)) | |
| 21 data = cur.fetchone() | |
| 22 | |
| 23 if data: | |
| 24 if data[3]: | |
| 25 if data[1] == username and data[2] == password_crypt: | |
| 26 log.info('user %s authenticated correctly', username) | |
| 27 | |
| 28 http_accept = environ.get('HTTP_ACCEPT') | |
| 29 | |
| 30 if http_accept.startswith('application/mercurial') or \ | |
| 31 environ['PATH_INFO'].find('raw-file') != -1: | |
| 32 cmd = environ['PATH_INFO'] | |
| 33 for qry in environ['QUERY_STRING'].split('&'): | |
| 34 if qry.startswith('cmd'): | |
| 35 cmd += "|" + qry | |
| 36 | |
| 37 try: | |
| 38 cur.execute('''INSERT INTO | |
| 39 user_logs | |
| 40 VALUES(?,?,?,?)''', | |
| 41 (None, data[0], cmd, datetime.now())) | |
| 42 conn.commit() | |
| 43 except Exception as e: | |
| 44 conn.rollback() | |
| 45 log.error(e) | |
| 46 | |
| 47 | |
| 48 return True | |
| 49 else: | |
| 50 log.error('user %s is disabled', username) | |
| 51 | |
| 52 return False | |
| 53 | |
| 54 def create_user_table(): | |
| 55 ''' | |
| 56 Create a auth database | |
| 57 ''' | |
| 58 conn, cur = get_sqlite_cur_conn() | |
| 59 try: | |
| 60 log.info('creating table %s', 'users') | |
| 61 cur.execute('''DROP TABLE IF EXISTS users ''') | |
| 62 cur.execute('''CREATE TABLE users | |
| 63 (id INTEGER PRIMARY KEY AUTOINCREMENT, | |
| 64 username TEXT, | |
| 65 password TEXT, | |
| 66 active INTEGER)''') | |
| 67 log.info('creating table %s', 'user_logs') | |
| 68 cur.execute('''DROP TABLE IF EXISTS user_logs ''') | |
| 69 cur.execute('''CREATE TABLE user_logs | |
| 70 (id INTEGER PRIMARY KEY AUTOINCREMENT, | |
| 71 user_id INTEGER, | |
| 72 last_action TEXT, | |
| 73 last_action_date DATETIME)''') | |
| 74 conn.commit() | |
| 75 except: | |
| 76 conn.rollback() | |
| 77 raise | |
| 78 | |
| 79 cur.close() | |
| 80 | |
| 81 def create_user(username, password): | |
| 82 conn, cur = get_sqlite_cur_conn() | |
| 83 password_crypt = crypt.crypt(password, '6a') | |
| 84 cur_date = datetime.now() | |
| 85 log.info('creating user %s', username) | |
| 86 try: | |
| 87 cur.execute('''INSERT INTO users values (?,?,?,?) ''', | |
| 88 (None, username, password_crypt, 1,)) | |
| 89 conn.commit() | |
| 90 except: | |
| 91 conn.rollback() | |
| 92 raise | |
| 93 | |
| 94 if __name__ == "__main__": | |
| 95 create_user_table() | |
| 96 create_user('marcink', 'qweqwe') | |
| 97 create_user('lukaszd', 'qweqwe') | |
| 98 create_user('adriand', 'qweqwe') | |
| 99 create_user('radek', 'qweqwe') | |
| 100 create_user('skrzeka', 'qweqwe') | |
| 101 create_user('bart', 'qweqwe') | |
| 102 create_user('maho', 'qweqwe') | |
| 103 create_user('michalg', 'qweqwe') | |
| 104 | |
| 105 #authfunc('', 'marcink', 'qweqwe') |