lance/edbob
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

add initial auth framework

Browse source
This commit is contained in:
Lance Edgar 2012-04-16 20:04:48 -05:00
parent 4808857f40
commit df9524a6ac
12 changed files with 280 additions and 202 deletions
Download patch file Download diff file Expand all files Collapse all files

2
edbob/pyramid/static/css/edbob.css
View file

@ -77,7 +77,7 @@ table.wrapper td.right {
}
#login {
margin: 8px auto auto 20px;
margin: 8px 20px auto auto;
}
#user-menu {

7
edbob/pyramid/subscribers.py
View file

@ -32,6 +32,7 @@ from pyramid.security import authenticated_userid
import edbob
from edbob.db.auth import has_permission
from edbob.pyramid import helpers
from edbob.pyramid import Session
def before_render(event):
@ -62,9 +63,9 @@ def context_found(event):
def has_perm_func(request):
def has_perm(perm):
if not request.current_user:
if not request.user:
return False
return has_permission(request.current_user, perm)
return has_permission(request.user, perm)
return has_perm
request = event.request
@ -73,7 +74,7 @@ def context_found(event):
uuid = authenticated_userid(request)
if uuid:
request.user = get_session().query(rattail.User).get(uuid)
request.user = Session.query(edbob.User).get(uuid)
def includeme(config):

9
edbob/pyramid/templates/edbob/base.mako
View file

@ -30,13 +30,12 @@
<div id="header">
${self.home_link()}
<h1 class="left">${self.title()}</h1>
<div id="login" class="left">
## <% user = request.current_user %>
% if user:
logged in as <strong>${user.display_name}</strong>
<div id="login" class="right">
% if request.user:
logged in as <strong>${request.user.display_name}</strong>
(${h.link_to("logout", url('logout'))})
% else:
## ${h.link_to("login", url('login'))}
${h.link_to("login", url('login'))}
% endif
</div>
</div><!-- header -->

64
edbob/pyramid/templates/edbob/login.mako Normal file
View file

@ -0,0 +1,64 @@
<%inherit file="/base.mako" />
<%def name="title()">Login</%def>
<%def name="head_tags()">
${h.stylesheet_link(request.static_url('edbob.pyramid:static/css/login.css'))}
</%def>
${h.image(request.static_url('edbob.pyramid:static/img/logo.jpg'), "edbob logo")}
<div class="fieldset">
${h.form('')}
## <input type="hidden" name="login" value="True" />
<input type="hidden" name="referer" value="${referer}" />
% if error:
<div class="error">${error}</div>
% endif
<div class="field-couple">
<label for="username">Username:</label>
<input type="text" name="username" id="username" value="" />
</div>
<div class="field-couple">
<label for="password">Password:</label>
<input type="password" name="password" id="password" value="" />
</div>
<div class="buttons">
${h.submit('submit', "Login")}
<input type="reset" value="Reset" />
</div>
${h.end_form()}
</div>
<script language="javascript" type="text/javascript">
$(function() {
$('form').submit(function() {
if (! $('#username').val()) {
with ($('#username').get(0)) {
select();
focus();
}
return false;
}
if (! $('#password').val()) {
with ($('#password').get(0)) {
select();
focus();
}
return false;
}
return true;
});
$('#username').focus();
});
</script>

66
edbob/pyramid/templates/login.mako
View file

@ -1,64 +1,2 @@
<%inherit file="base.mako" />
<%def name="title()">Login</%def>
<%def name="head_tags()">
${h.stylesheet_link('edbob/css/login.css')}
</%def>
${h.image('edbob/img/logo.jpg', "edbob logo")}
<div class="fieldset">
${h.form('')}
## <input type="hidden" name="login" value="True" />
## <input type="hidden" name="referrer" value="${referrer}" />
% if error:
<div class="error">${error}</div>
% endif
<div class="field-couple">
<label for="username">Username:</label>
<input type="text" name="username" id="username" value="" />
</div>
<div class="field-couple">
<label for="password">Password:</label>
<input type="password" name="password" id="password" value="" />
</div>
<div class="buttons">
${h.submit('submit', "Login")}
<input type="reset" value="Reset" />
</div>
${h.end_form()}
</div>
<script language="javascript" type="text/javascript">
$(function() {
$('form').submit(function() {
if (! $('#username').val()) {
with ($('#username').get(0)) {
select();
focus();
}
return false;
}
if (! $('#password').val()) {
with ($('#password').get(0)) {
select();
focus();
}
return false;
}
return true;
});
$('#username').focus();
});
</script>
<%inherit file="/edbob/login.mako" />
${parent.body()}

67
edbob/pyramid/views/__init__.py
View file

@ -26,71 +26,6 @@
``edbob.pyramid.views`` -- Views
"""
import os
import os.path
from pyramid.response import Response
from pyramid.view import view_config
from pyramid.httpexceptions import HTTPFound
from edbob.db.auth import authenticate_user
_here = os.path.join(os.path.dirname(__file__), os.pardir)
# _favicon = open(os.path.join(_here, 'static', 'favicon.ico'), 'rb').read()
# _favicon_response = Response(content_type='image/x-icon', body=_favicon)
# @view_config(route_name='favicon.ico')
# def favicon_ico(context, request):
# return _favicon_response
# @view_config(route_name='home', renderer='/home.mako')
# def home(context, request):
# return {}
@view_config(route_name='login', renderer='login.mako')
def login(context, request):
"""
The login view, responsible for displaying and handling the login form.
"""
if request.params.get('referer'):
referer = request.params['referer']
elif request.session.get('referer'):
referer = request.session.pop('referer')
else:
referer = request.referer or request.route_url('home')
# if request.current_user:
# return HTTPFound(location=referer)
# form = Form(self.request, schema=UserLogin)
# if form.validate():
# user = authenticate_user(self.Session(), form.data['username'], form.data['password'])
# if user:
# self.request.session.flash("%s logged in at %s" % (
# user.display_name,
# datetime.datetime.now().strftime("%I:%M %p")))
# headers = remember(self.request, user.uuid)
# return HTTPFound(location=referer, headers=headers)
# self.request.session.flash("Invalid username or password.")
# return {'form':FormRenderer(form), 'referer':referer}
return {}
# _robots = open(os.path.join(_here, 'static', 'robots.txt')).read()
# _robots_response = Response(content_type='text/plain', body=_robots)
# @view_config(route_name='robots.txt')
# def robots_txt(context, request):
# return _robots_response
def includeme(config):
# config.add_route('home', '/')
# config.add_route('favicon.ico', '/favicon.ico')
# config.add_route('robots.txt', '/robots.txt')
config.add_route('login', '/login')
config.scan()
config.include('edbob.pyramid.views.auth')

95
edbob/pyramid/views/auth.py Normal file
View file

@ -0,0 +1,95 @@
#!/usr/bin/env python
# -*- coding: utf-8 -*-
################################################################################
#
# edbob -- Pythonic Software Framework
# Copyright © 2010-2012 Lance Edgar
#
# This file is part of edbob.
#
# edbob is free software: you can redistribute it and/or modify it under the
# terms of the GNU Affero General Public License as published by the Free
# Software Foundation, either version 3 of the License, or (at your option)
# any later version.
#
# edbob is distributed in the hope that it will be useful, but WITHOUT ANY
# WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
# FOR A PARTICULAR PURPOSE. See the GNU Affero General Public License for
# more details.
#
# You should have received a copy of the GNU Affero General Public License
# along with edbob. If not, see <http://www.gnu.org/licenses/>.
#
################################################################################
"""
``edbob.pyramid.views.auth`` -- Auth Views
"""
import formencode
from pyramid.view import view_config
from pyramid.httpexceptions import HTTPFound
from pyramid.security import remember, forget
from pyramid_simpleform import Form
from pyramid_simpleform.renderers import FormRenderer
import edbob
from edbob.db.auth import authenticate_user
from edbob.pyramid import Session
class UserLogin(formencode.Schema):
allow_extra_fields = True
filter_extra_fields = True
username = formencode.validators.NotEmpty()
password = formencode.validators.NotEmpty()
@view_config(route_name='login', renderer='/login.mako')
def login(context, request):
"""
The login view, responsible for displaying and handling the login form.
"""
if request.params.get('referer'):
referer = request.params['referer']
elif request.session.get('referer'):
referer = request.session.pop('referer')
else:
referer = request.referer or request.route_url('home')
if referer == request.route_url('login'):
referer = request.route_url('home')
# Redirect if already logged in.
if request.user:
return HTTPFound(location=referer)
form = Form(request, schema=UserLogin)
if form.validate():
user = authenticate_user(form.data['username'],
form.data['password'],
session=Session())
if user:
request.session.flash("%s logged in at %s" % (
user.display_name,
edbob.local_time().strftime('%I:%M %p')))
headers = remember(request, user.uuid)
return HTTPFound(location=referer, headers=headers)
request.session.flash("Invalid username or password")
return {'form': FormRenderer(form), 'referer': referer}
@view_config(route_name='logout')
def logout(context, request):
request.session.delete()
request.session.flash("%s logged out at %s" % (
request.user.display_name,
edbob.local_time().strftime("%I:%M %p")))
headers = forget(request)
return HTTPFound(location=request.route_url('login'), headers=headers)
def includeme(config):
config.add_route('login', '/login')
config.add_route('logout', '/logout')
config.scan()