# HG changeset patch # User paulb # Date 1085931149 0 # Node ID 92ee650c509dcb19c3ee2398b5f44c9b7e22b32e # Parent 5b06d4b70f38f4d23de1674d413069ffe817d6fe [project @ 2004-05-30 15:32:29 by paulb] Added authentication cookies for anonymous users. Changed token construction to use WebStack.Helpers.Auth.get_token. Introduced the anonymous user details as parameters to LoginResource. diff -r 5b06d4b70f38 -r 92ee650c509d examples/Common/Login/__init__.py --- a/examples/Common/Login/__init__.py Sun May 30 15:30:41 2004 +0000 +++ b/examples/Common/Login/__init__.py Sun May 30 15:32:29 2004 +0000 @@ -9,41 +9,73 @@ "A resource providing a login screen." - def __init__(self, authenticator, use_redirect=1): + def __init__(self, authenticator, anonymous_parameter_name=None, anonymous_username="anonymous", use_redirect=1): """ - Initialise the resource with an 'authenticator'. If the optional 'use_redirect' - flag is set to 0, a confirmation screen is given instead of redirecting the user - back to the original application. + Initialise the resource with an 'authenticator'. + + If the optional 'anonymous_parameter_name' is set, clients providing a parameter + of that name in the URL will not be authenticated, but then such clients will not + get a user identity associated with them. The optional 'anonymous_username' is the + username appearing as the identity of anonymous users. + + If the optional 'use_redirect' flag is set to 0, a confirmation screen is given + instead of redirecting the user back to the original application. """ self.authenticator = authenticator + self.anonymous_parameter_name = anonymous_parameter_name + self.anonymous_username = anonymous_username self.use_redirect = use_redirect def respond(self, trans): - fields = trans.get_fields_from_body() - redirect = "" + fields_path = trans.get_fields_from_path() + fields_body = trans.get_fields_from_body() + + # NOTE: Handle missing redirects better. + + if fields_body.has_key("redirect"): + redirects = fields_body["redirect"] + redirect = redirects[0] + elif fields_path.has_key("redirect"): + redirects = fields_path["redirect"] + redirect = redirects[0] + else: + redirect = "" - if fields.has_key("redirect"): - redirects = fields["redirect"] - redirect = redirects[0] + # Check for the anonymous parameter, if appropriate. + + if self.anonymous_parameter_name is not None and fields_path.has_key(self.anonymous_parameter_name): + + # Make a special cookie token. + + self.authenticator.set_token(trans, self.anonymous_username) + self._redirect(trans, redirect) + return + + # Otherwise, check for a submitted login form. + + elif fields_body.has_key("login"): if self.authenticator.authenticate(trans): - if self.use_redirect: - trans.set_header_value("Location", redirect) - trans.set_response_code(307) - return - else: - self._show_success(trans, redirect) - return - else: - fields = trans.get_fields_from_path() - if fields.has_key("redirect"): - redirects = fields["redirect"] - redirect = redirects[0] + self._redirect(trans, redirect) + + # Otherwise, show the login form. self._show_login(trans, redirect) + def _redirect(self, trans, redirect): + + "Redirect the client using 'trans' and the given 'redirect' URL." + + if self.use_redirect: + trans.set_header_value("Location", redirect) + trans.set_response_code(307) + + # Show the success page anyway. + + self._show_success(trans, redirect) + def _show_login(self, trans, redirect): # When authentication fails or is yet to take place, show the login @@ -129,13 +161,18 @@ # Make a special cookie token. - trans.set_cookie_value( - self.cookie_name, - get_token(username, self.secret_key) - ) - + self.set_token(trans, username) return 1 return 0 + def set_token(self, trans, username): + + "Set an authentication in the 'trans' with the given 'username'." + + trans.set_cookie_value( + self.cookie_name, + get_token(username, self.secret_key) + ) + # vim: tabstop=4 expandtab shiftwidth=4