[Mpuls-commits] r1252 - wasko/branches/2.0/mpulsweb/controllers

scm-commit@wald.intevation.org scm-commit at wald.intevation.org
Thu Feb 4 18:07:27 CET 2010 

Author: torsten
Date: 2010-02-04 18:07:26 +0100 (Thu, 04 Feb 2010)
New Revision: 1252

Added:
   wasko/branches/2.0/mpulsweb/controllers/auth.py
Log:
Added new controller for authentification (login, logout)

* mpulsweb/controllers/auth.py
  mpulsweb/tests/functional/test_auth.py
- Diese und die folgenden Zeilen werden ignoriert --

A    auth.py


Added: wasko/branches/2.0/mpulsweb/controllers/auth.py
===================================================================
--- wasko/branches/2.0/mpulsweb/controllers/auth.py	2010-02-04 17:06:35 UTC (rev 1251)
+++ wasko/branches/2.0/mpulsweb/controllers/auth.py	2010-02-04 17:07:26 UTC (rev 1252)
@@ -0,0 +1,47 @@
+import logging
+import md5
+
+from pylons import request, response, session, tmpl_context as c
+from pylons.controllers.util import abort, redirect_to
+
+from mpulsweb.lib.base import BaseController, render
+from mpulsweb.lib.security import checkLogin, generateID, userIdentity
+
+log = logging.getLogger(__name__)
+
+class AuthController(BaseController):
+
+    def index(self):
+        return self.login()
+
+    def logout(self):
+        # XXX: invalidate() does not delete backend data :-/
+        session.delete()
+        session.save()
+        session.invalidate()
+        response.delete_cookie('mpuls_auth')
+        return render('/logout.mako')
+
+    def login(self):
+        return render('/login.mako')
+
+    def loginAction(self):
+        try:
+            login = request.params.getone('username')
+            passwd = request.params.getone('password')
+            user = checkLogin(login, passwd)
+            if user:
+                c.login_failed = False
+                shared = generateID()
+                session['USER_AUTHORIZED'] = user
+                session['AUTH'] = md5.new(shared + userIdentity()).digest()
+                session.save()
+                #response.set_cookie('waska_auth', shared, secure=True)
+                response.set_cookie('mpuls_auth', shared)
+                redirect_to(controller="/waska", action="start")
+            else:
+                c.login_failed = True
+                return self.login()
+        except KeyError:
+            log.error('Error while fetching username and password')
+        return self.login()

More information about the Mpuls-commits mailing list