~azzar1/unity/add-show-desktop-key

« back to all changes in this revision

Viewing changes to ivle/auth/authenticate.py

Committer: William Grant
Date: 2009-12-08 03:43:27 UTC
Revision ID: grantw@unimelb.edu.au-20091208034327-iv33bf1kn9lim6mh

make_svn_auth now only generates a new password if none is already known by the DB.

files added:
.bzrignore

COPYING

bin/ivle-addexercise

bin/ivle-adduser

bin/ivle-buildjail

bin/ivle-cloneworksheets

bin/ivle-config

bin/ivle-createdatadirs

bin/ivle-enrol

bin/ivle-enrolallusers

bin/ivle-fetchsubmissions

bin/ivle-listusers

bin/ivle-marks

bin/ivle-mountallusers

bin/ivle-refreshfilesystem

bin/ivle-remakeuser

bin/ivle-showenrolment

bin/timount

bin/timount/Makefile

bin/timount/timount.c

bin/trampoline

bin/trampoline/Makefile

bin/trampoline/norm.c

bin/trampoline/norm.dot

bin/trampoline/norm.h

bin/trampoline/test.c

bin/trampoline/trampoline.c

doc/Makefile

doc/conf.py

doc/dev

doc/dev/architecture.rst

doc/dev/coding.rst

doc/dev/index.rst

doc/dev/packaging.rst

doc/images

doc/images/ivle-system-diagram.png

doc/index.rst

doc/man

doc/man/architecture.rst

doc/man/config.rst

doc/man/directory.rst

doc/man/faq.rst

doc/man/index.rst

doc/man/install.rst

doc/man/sample.rst

doc/man/scripts.rst

doc/static

doc/templates

examples

examples/config

examples/config/apache-svn.conf

examples/config/apache.conf

examples/config/usrmgt-server.init

examples/db

examples/db/sample.sql

exercises

exercises/sample

exercises/sample/all_input.xml

exercises/sample/fib.xml

exercises/sample/hello.xml

image-source

image-source/h1-bg.svg

image-source/ivle-system-diagram.svg

image-source/split-tab.sh

image-source/tab.svg

image-source/title.svg

image-source/topbar-slashes.svg

ivle

ivle/__init__.py

ivle/auth

ivle/auth/__init__.py

ivle/auth/authenticate.py

ivle/auth/guest_auth.py

ivle/auth/ldap_auth.py

ivle/cgirequest.py

ivle/chat.py

ivle/conf

ivle/conf/__init__.py

ivle/conf/app

ivle/conf/app/__init__.py

ivle/conf/app/server.py

ivle/conf/conf.py

ivle/config

ivle/config/__init__.py

ivle/config/ivle-spec.conf

ivle/console.py

ivle/database.py

ivle/date.py

ivle/dispatch

ivle/dispatch/__init__.py

ivle/dispatch/request.py

ivle/fileservice_lib

ivle/fileservice_lib/__init__.py

ivle/fileservice_lib/action.py

ivle/fileservice_lib/exceptions.py

ivle/fileservice_lib/listing.py

ivle/interpret.py

ivle/jailbuilder

ivle/jailbuilder/__init__.py

ivle/jailbuilder/debian.py

ivle/jailbuilder/exceptions.py

ivle/makeuser.py

ivle/mimetypes.py

ivle/pulldown_subj

ivle/pulldown_subj/__init__.py

ivle/pulldown_subj/dummy_subj.py

ivle/pulldown_subj/subjecterror.py

ivle/rpc

ivle/rpc/__init__.py

ivle/rpc/decorators.py

ivle/studpath.py

ivle/svn.py

ivle/testfilespace.py

ivle/util.py

ivle/webapp

ivle/webapp/__init__.py

ivle/webapp/admin

ivle/webapp/admin/__init__.py

ivle/webapp/admin/offeringservice.py

ivle/webapp/admin/projectservice.py

ivle/webapp/admin/subject-media

ivle/webapp/admin/subject-media/project.css

ivle/webapp/admin/subject-media/project.js

ivle/webapp/admin/subject-media/subjects-small.png

ivle/webapp/admin/subject-media/subjects.png

ivle/webapp/admin/subject.py

ivle/webapp/admin/templates

ivle/webapp/admin/templates/enrol.html

ivle/webapp/admin/templates/offering_projects.html

ivle/webapp/admin/templates/project.html

ivle/webapp/admin/templates/project_fragment.html

ivle/webapp/admin/templates/projectset_fragment.html

ivle/webapp/admin/templates/subject.html

ivle/webapp/admin/templates/subjects.html

ivle/webapp/admin/templates/user-admin.html

ivle/webapp/admin/templates/user-edit.html

ivle/webapp/admin/templates/user-password-change.html

ivle/webapp/admin/templates/user-password-reset.html

ivle/webapp/admin/user.py

ivle/webapp/base

ivle/webapp/base/__init__.py

ivle/webapp/base/ivle-headings.html

ivle/webapp/base/overlays.py

ivle/webapp/base/plugins.py

ivle/webapp/base/rest.py

ivle/webapp/base/test

ivle/webapp/base/test/test_rest.py

ivle/webapp/base/views.py

ivle/webapp/base/xhtml.py

ivle/webapp/base/xhtmlerror.html

ivle/webapp/base/xhtmlunauthorized.html

ivle/webapp/console

ivle/webapp/console/__init__.py

ivle/webapp/console/help.html

ivle/webapp/console/media

ivle/webapp/console/media/console-small.png

ivle/webapp/console/media/console.css

ivle/webapp/console/media/console.js

ivle/webapp/console/media/console.png

ivle/webapp/console/media/console_app.css

ivle/webapp/console/media/console_app.js

ivle/webapp/console/overlay.html

ivle/webapp/console/overlay.py

ivle/webapp/console/service.py

ivle/webapp/console/template.html

ivle/webapp/core.py

ivle/webapp/coremedia

ivle/webapp/coremedia/images

ivle/webapp/coremedia/images/README

ivle/webapp/coremedia/images/apps

ivle/webapp/coremedia/images/apps/editor.png

ivle/webapp/coremedia/images/apps/groups.png

ivle/webapp/coremedia/images/apps/home.png

ivle/webapp/coremedia/images/apps/settings.png

ivle/webapp/coremedia/images/apps/small

ivle/webapp/coremedia/images/apps/small/editor.png

ivle/webapp/coremedia/images/apps/small/groups.png

ivle/webapp/coremedia/images/apps/small/home.png

ivle/webapp/coremedia/images/apps/small/settings.png

ivle/webapp/coremedia/images/chrome

ivle/webapp/coremedia/images/chrome/h1-bg.png

ivle/webapp/coremedia/images/chrome/tab-hover-left.png

ivle/webapp/coremedia/images/chrome/tab-hover-mid.png

ivle/webapp/coremedia/images/chrome/tab-hover-right.png

ivle/webapp/coremedia/images/chrome/tab-left.png

ivle/webapp/coremedia/images/chrome/tab-mid.png

ivle/webapp/coremedia/images/chrome/tab-right.png

ivle/webapp/coremedia/images/chrome/tab-selected-left.png

ivle/webapp/coremedia/images/chrome/tab-selected-mid.png

ivle/webapp/coremedia/images/chrome/tab-selected-right.png

ivle/webapp/coremedia/images/chrome/title.png

ivle/webapp/coremedia/images/chrome/topbar-slashes.png

ivle/webapp/coremedia/images/interface

ivle/webapp/coremedia/images/interface/cross.png

ivle/webapp/coremedia/images/interface/loading.gif

ivle/webapp/coremedia/images/interface/maximize.png

ivle/webapp/coremedia/images/interface/minimize.png

ivle/webapp/coremedia/images/interface/published.png

ivle/webapp/coremedia/images/interface/sortdown.png

ivle/webapp/coremedia/images/interface/sortup.png

ivle/webapp/coremedia/images/mime

ivle/webapp/coremedia/images/mime/dir.png

ivle/webapp/coremedia/images/mime/large

ivle/webapp/coremedia/images/mime/large/dir.png

ivle/webapp/coremedia/images/mime/large/multi.png

ivle/webapp/coremedia/images/mime/large/py.png

ivle/webapp/coremedia/images/mime/large/txt.png

ivle/webapp/coremedia/images/mime/py.png

ivle/webapp/coremedia/images/mime/txt.png

ivle/webapp/coremedia/images/svn

ivle/webapp/coremedia/images/svn/added.png

ivle/webapp/coremedia/images/svn/conflicted.png

ivle/webapp/coremedia/images/svn/deleted.png

ivle/webapp/coremedia/images/svn/missing.png

ivle/webapp/coremedia/images/svn/modified.png

ivle/webapp/coremedia/images/svn/normal.png

ivle/webapp/coremedia/images/svn/revision.png

ivle/webapp/coremedia/md5.js

ivle/webapp/errors.py

ivle/webapp/fileservice

ivle/webapp/fileservice/__init__.py

ivle/webapp/filesystem

ivle/webapp/filesystem/__init__.py

ivle/webapp/filesystem/browser/media/browser-small.png

ivle/webapp/filesystem/browser/media/browser.png

ivle/webapp/filesystem/browser/media/codepress

ivle/webapp/filesystem/browser/media/codepress/codepress.css

ivle/webapp/filesystem/browser/media/codepress/codepress.html

ivle/webapp/filesystem/browser/media/codepress/codepress.js

ivle/webapp/filesystem/browser/media/codepress/engines

ivle/webapp/filesystem/browser/media/codepress/engines/gecko.js

ivle/webapp/filesystem/browser/media/codepress/engines/khtml.js

ivle/webapp/filesystem/browser/media/codepress/engines/msie.js

ivle/webapp/filesystem/browser/media/codepress/engines/older.js

ivle/webapp/filesystem/browser/media/codepress/engines/opera.js

ivle/webapp/filesystem/browser/media/codepress/images

ivle/webapp/filesystem/browser/media/codepress/images/line-numbers.png

ivle/webapp/filesystem/browser/media/codepress/index.html

ivle/webapp/filesystem/browser/media/codepress/languages

ivle/webapp/filesystem/browser/media/codepress/languages/asp.css

ivle/webapp/filesystem/browser/media/codepress/languages/asp.js

ivle/webapp/filesystem/browser/media/codepress/languages/autoit.css

ivle/webapp/filesystem/browser/media/codepress/languages/autoit.js

ivle/webapp/filesystem/browser/media/codepress/languages/csharp.css

ivle/webapp/filesystem/browser/media/codepress/languages/csharp.js

ivle/webapp/filesystem/browser/media/codepress/languages/css.css

ivle/webapp/filesystem/browser/media/codepress/languages/css.js

ivle/webapp/filesystem/browser/media/codepress/languages/generic.css

ivle/webapp/filesystem/browser/media/codepress/languages/generic.js

ivle/webapp/filesystem/browser/media/codepress/languages/html.css

ivle/webapp/filesystem/browser/media/codepress/languages/html.js

ivle/webapp/filesystem/browser/media/codepress/languages/java.css

ivle/webapp/filesystem/browser/media/codepress/languages/java.js

ivle/webapp/filesystem/browser/media/codepress/languages/javascript.css

ivle/webapp/filesystem/browser/media/codepress/languages/javascript.js

ivle/webapp/filesystem/browser/media/codepress/languages/perl.css

ivle/webapp/filesystem/browser/media/codepress/languages/perl.js

ivle/webapp/filesystem/browser/media/codepress/languages/php.css

ivle/webapp/filesystem/browser/media/codepress/languages/php.js

ivle/webapp/filesystem/browser/media/codepress/languages/python.css

ivle/webapp/filesystem/browser/media/codepress/languages/python.js

ivle/webapp/filesystem/browser/media/codepress/languages/ruby.css

ivle/webapp/filesystem/browser/media/codepress/languages/ruby.js

ivle/webapp/filesystem/browser/media/codepress/languages/sql.css

ivle/webapp/filesystem/browser/media/codepress/languages/sql.js

ivle/webapp/filesystem/browser/media/codepress/languages/text.css

ivle/webapp/filesystem/browser/media/codepress/languages/text.js

ivle/webapp/filesystem/browser/media/codepress/languages/vbscript.css

ivle/webapp/filesystem/browser/media/codepress/languages/vbscript.js

ivle/webapp/filesystem/browser/media/codepress/languages/xsl.css

ivle/webapp/filesystem/browser/media/codepress/languages/xsl.js

ivle/webapp/filesystem/browser/media/codepress/license.txt

ivle/webapp/filesystem/browser/media/editor.css

ivle/webapp/filesystem/browser/media/editor.js

ivle/webapp/filesystem/browser/media/listing.css

ivle/webapp/filesystem/browser/media/listing.js

ivle/webapp/filesystem/browser/media/specialhome.js

ivle/webapp/filesystem/browser/template.html

ivle/webapp/filesystem/diff

ivle/webapp/filesystem/diff/__init__.py

ivle/webapp/filesystem/diff/media

ivle/webapp/filesystem/diff/media/diff.css

ivle/webapp/filesystem/diff/template.html

ivle/webapp/filesystem/svnlog

ivle/webapp/filesystem/svnlog/__init__.py

ivle/webapp/filesystem/svnlog/media

ivle/webapp/filesystem/svnlog/media/log.css

ivle/webapp/filesystem/svnlog/media/log.js

ivle/webapp/filesystem/svnlog/template.html

ivle/webapp/forum

ivle/webapp/forum/__init__.py

ivle/webapp/forum/media

ivle/webapp/forum/media/forum-small.png

ivle/webapp/forum/media/forum.css

ivle/webapp/forum/media/forum.png

ivle/webapp/forum/phpbb3.diff

ivle/webapp/forum/template.html

ivle/webapp/groups

ivle/webapp/groups/__init__.py

ivle/webapp/groups/help.html

ivle/webapp/groups/media

ivle/webapp/groups/media/cross.png

ivle/webapp/groups/media/groups.css

ivle/webapp/groups/media/groups.js

ivle/webapp/groups/template.html

ivle/webapp/help

ivle/webapp/help/__init__.py

ivle/webapp/help/helpview.html

ivle/webapp/help/media

ivle/webapp/help/media/help-small.png

ivle/webapp/help/media/help.css

ivle/webapp/help/media/help.png

ivle/webapp/help/toc.html

ivle/webapp/media.py

ivle/webapp/security

ivle/webapp/security/__init__.py

ivle/webapp/security/login.html

ivle/webapp/security/logout.html

ivle/webapp/security/views.py

ivle/webapp/submit

ivle/webapp/submit/__init__.py

ivle/webapp/submit/submit.html

ivle/webapp/submit/submitted.html

ivle/webapp/testing

ivle/webapp/testing/__init__.py

ivle/webapp/tos

ivle/webapp/tos/__init__.py

ivle/webapp/tos/accept.html

ivle/webapp/tos/media

ivle/webapp/tos/media/tos.js

ivle/webapp/tos/view.html

ivle/webapp/tutorial

ivle/webapp/tutorial/__init__.py

ivle/webapp/tutorial/exercise_service.py

ivle/webapp/tutorial/help.html

ivle/webapp/tutorial/media

ivle/webapp/tutorial/media/default.css

ivle/webapp/tutorial/media/exercise_admin.css

ivle/webapp/tutorial/media/exercise_admin.js

ivle/webapp/tutorial/media/images

ivle/webapp/tutorial/media/images/README

ivle/webapp/tutorial/media/images/check.png

ivle/webapp/tutorial/media/images/cross.png

ivle/webapp/tutorial/media/images/down.png

ivle/webapp/tutorial/media/images/exception.png

ivle/webapp/tutorial/media/images/fail.png

ivle/webapp/tutorial/media/images/incomplete.png

ivle/webapp/tutorial/media/images/pass.png

ivle/webapp/tutorial/media/images/pencil.png

ivle/webapp/tutorial/media/images/semifail.png

ivle/webapp/tutorial/media/images/signature.png

ivle/webapp/tutorial/media/images/tiny

ivle/webapp/tutorial/media/images/tiny/complete.png

ivle/webapp/tutorial/media/images/tiny/incomplete.png

ivle/webapp/tutorial/media/images/tiny/semicomplete.png

ivle/webapp/tutorial/media/images/up.png

ivle/webapp/tutorial/media/tutorial-small.png

ivle/webapp/tutorial/media/tutorial.css

ivle/webapp/tutorial/media/tutorial.js

ivle/webapp/tutorial/media/tutorial.png

ivle/webapp/tutorial/media/tutorial_admin.css

ivle/webapp/tutorial/media/tutorial_admin.js

ivle/webapp/tutorial/service.py

ivle/webapp/tutorial/templates

ivle/webapp/tutorial/templates/exercise.html

ivle/webapp/tutorial/templates/exercise_add.html

ivle/webapp/tutorial/templates/exercise_delete.html

ivle/webapp/tutorial/templates/exercise_edit.html

ivle/webapp/tutorial/templates/exercises.html

ivle/webapp/tutorial/templates/subjectmenu.html

ivle/webapp/tutorial/templates/worksheet.html

ivle/webapp/tutorial/templates/worksheet_add.html

ivle/webapp/tutorial/templates/worksheet_edit.html

ivle/webapp/tutorial/templates/worksheets_edit.html

ivle/webapp/tutorial/test

ivle/webapp/tutorial/test/README-framework

ivle/webapp/tutorial/test/TestFramework.py

ivle/webapp/tutorial/test/__init__.py

ivle/webapp/tutorial/test/parse_exercise.py

ivle/webapp/userservice

ivle/webapp/userservice/__init__.py

ivle/worksheet

ivle/worksheet/__init__.py

ivle/worksheet/definitions.txt

ivle/worksheet/rst.py

ivle/worksheet/utils.py

ivle/zip.py

services

services/diffservice

services/fileservice

services/python-console

services/serveservice

services/svnlogservice

services/usrmgt-server

setup

setup/__init__.py

setup/build.py

setup/install.py

setup/util.py

subjects

subjects/sample

subjects/sample/subject.xml

subjects/sample/ws1.xml

subjects/sample/ws2.xml

test

test/misc

test/misc/make_date_test.py

test/test_framework

test/test_framework/README-examples

test/test_framework/all_input.py

test/test_framework/all_input_text.xml

test/test_framework/fib.py

test/test_framework/fib_text.xml

test/test_framework/file_test.py

test/test_framework/filespace_test.py

test/test_framework/filesum.py

test/test_framework/filesum_text.xml

test/test_framework/hack_1.py

test/test_framework/hello.py

test/test_framework/hello_text.xml

test/test_framework/problem.dtd

test/test_framework/test.py

test/test_framework/test_framework_tests.py

test/test_framework/test_json.py

test/test_framework/tests.py

test/test_framework/tute_doc.tex

userdb/migrations

userdb/migrations/20080707-01.sql

userdb/migrations/20080715-01.sql

userdb/migrations/20080718-01.sql

userdb/migrations/20080721-01.sql

userdb/migrations/20080721-02.sql

userdb/migrations/20080721-03.sql

userdb/migrations/20080721-04.sql

userdb/migrations/20080723-01.sql

userdb/migrations/20080818.sql

userdb/migrations/20080903-01.sql

userdb/migrations/20090120-01.sql

userdb/migrations/20090212-01.sql

userdb/migrations/20090224-01.sql

userdb/migrations/20090225-01.sql

userdb/migrations/20090406-01.sql

userdb/migrations/20090814-01.sql

userdb/migrations/README

files removed:
LICENSE.txt

Makefile

console

console/console.js

console/index.html

console/json2.js

console/md5.js

console/python-console

doc/Makefile

doc/app_howto.txt

doc/dependencies.txt

doc/notes

doc/notes/Makefile

doc/notes/README

doc/notes/apps

doc/notes/apps/Makefile

doc/notes/apps/browser.txt

doc/notes/apps/dispatch.txt

doc/notes/architecture.txt

doc/notes/execution.txt

doc/notes/imports.txt

doc/notes/misc.txt

doc/notes/session.txt

doc/notes/subversion.txt

doc/notes/timeline.txt

doc/template.py

makeuser.py

platform

platform/Makefile

platform/README

platform/TODO

platform/config

platform/config/lite.conf

platform/config/svn-apache.conf

platform/scripts

platform/scripts/mkJail.sh

platform/scripts/post-commit

platform/scripts/safe-python

prototypes

prototypes/browser

prototypes/browser/.htaccess

prototypes/browser/README

prototypes/browser/browser-interface

prototypes/browser/browser-interface/TODO

prototypes/browser/browser-interface/browser.css

prototypes/browser/browser-interface/browser.html

prototypes/browser/browser-interface/browser.js

prototypes/browser/browser-interface/images

prototypes/browser/browser-interface/images/README

prototypes/browser/browser-interface/images/interface

prototypes/browser/browser-interface/images/interface/sortdown.png

prototypes/browser/browser-interface/images/interface/sortup.png

prototypes/browser/browser-interface/images/mime

prototypes/browser/browser-interface/images/mime/dir.png

prototypes/browser/browser-interface/images/mime/large

prototypes/browser/browser-interface/images/mime/large/dir.png

prototypes/browser/browser-interface/images/mime/large/multi.png

prototypes/browser/browser-interface/images/mime/large/py.png

prototypes/browser/browser-interface/images/mime/large/txt.png

prototypes/browser/browser-interface/images/mime/py.png

prototypes/browser/browser-interface/images/mime/txt.png

prototypes/browser/browser-interface/images/svn

prototypes/browser/browser-interface/images/svn/modified.png

prototypes/browser/browser-interface/images/svn/normal.png

prototypes/browser/browser-interface/images/svn/unversioned.png

prototypes/browser/browser.html

prototypes/browser/browser.js

prototypes/browser/edit.html

prototypes/browser/encoder.py

prototypes/browser/files.py

prototypes/browser/files.readme

prototypes/browser/json2.js

trampoline

trampoline/trampoline.c

userdb/README

userdb/query.py

www/README

www/apps

www/apps/__init__.py

www/apps/debuginfo

www/apps/debuginfo/__init__.py

www/apps/download

www/apps/download/__init__.py

www/apps/dummy

www/apps/dummy/__init__.py

www/apps/dummy/help.html

www/apps/fileservice

www/apps/fileservice/__init__.py

www/apps/fileservice/action.py

www/apps/fileservice/listing.py

www/apps/help

www/apps/help/__init__.py

www/auth

www/auth/__init__.py

www/auth/authenticate.py

www/common

www/common/__init__.py

www/common/interpret.py

www/common/makeuser.py

www/common/studpath.py

www/common/util.py

www/conf

www/conf/README

www/conf/__init__.py

www/conf/app

www/conf/app/__init__.py

www/conf/app/server.py

www/conf/apps.py

www/conf/mimetypes.py

www/dispatch

www/dispatch/__init__.py

www/dispatch/html.py

www/dispatch/login.py

www/dispatch/request.py

www/dispatch_handler.py

www/media

www/media/common

www/media/images

www/media/images/mime

www/media/images/mime/dir.png

files renamed:
www/media/common/ivle.css => ivle/webapp/coremedia/ivle.css

www/media/common/json2.js => ivle/webapp/coremedia/json2.js

www/media/common/util.js => ivle/webapp/coremedia/util.js

www/apps/browser/ => ivle/webapp/filesystem/browser/

www/media/browser/ => ivle/webapp/filesystem/browser/media/

www/apps/server/ => ivle/webapp/filesystem/serve/

files modified:
ivle/webapp/filesystem/browser/__init__.py

ivle/webapp/filesystem/browser/help.html

ivle/webapp/filesystem/browser/media/browser.css

ivle/webapp/filesystem/browser/media/browser.js

ivle/webapp/filesystem/serve/__init__.py

setup.py

userdb/users.sql

Show diffs side-by-side

added added

removed removed

ivle/auth/authenticate.py

# IVLE - Informatics Virtual Learning Environment

# This program is free software; you can redistribute it and/or modify

# it under the terms of the GNU General Public License as published by

# the Free Software Foundation; either version 2 of the License, or

# (at your option) any later version.

# This program is distributed in the hope that it will be useful,

# but WITHOUT ANY WARRANTY; without even the implied warranty of

# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the

# GNU General Public License for more details.

# You should have received a copy of the GNU General Public License

# along with this program; if not, write to the Free Software

# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA

# Module: authenticate

# Author: Matt Giuca

# Date: 19/2/2008

# Provides a mechanism for authenticating a username and password, and

# returning a yes/no response.

# Has a plugin interface for authentication modules.

# An authentication module is a Python module with an "auth" function,

# which accepts 3 positional arguments.

# plugin_module.auth(store, login, password, user)

# store is an open store connected to the IVLE database.

# login and password are required strings, password is cleartext.

# user is a User object or None.

# If it's a User object, it must return the same object if it returns a user.

# This object should describe the user logging in.

# It may be None if the user is not known to this DB.

# Returns either a User object or None, or raises an AuthError.

# Returning a User object implies success, and also gives details about the

# user if none were known to the DB (such details will be written to the DB).

# Returning None implies a soft failure, and that another auth method should

# be found.

# Raising an AuthError implies a hard failure, with an appropriate error

# message. No more auth will be done.

import sys

import os

from ivle.auth import AuthError

import ivle.database

def authenticate(config, store, login, password):

"""Determines whether a particular login/password combination is

valid for the given database. The password is in cleartext.

Returns a User object containing the user's details on success.

Raises an AuthError containing an appropriate error message on failure.

'store' is expected to be a storm.store.Store connected to the IVLE

database to which we should authenticate.

The User returned is guaranteed to be in the IVLE database.

This could be from reading or writing to the DB. If authenticate can't

find the user in the DB, it may get user data from some other source

(such as LDAP) and actually write it to the DB before returning.

"""

# WARNING: Both username and password may contain any characters, and must

# be sanitized within this function.

# (Not SQL-sanitized, just sanitized to our particular constraints).

# TODO Sanitize username

# Spawn a DB object just for making this call.

# (This should not spawn a DB connection on each page reload, only when

# there is no session object to begin with).

user = ivle.database.User.get_by_login(store, login)

for modname, m in get_auth_modules(config):

# May raise an AuthError - allow to propagate

auth_result = m(store, login, password, user)

if auth_result is None:

# Can't auth with this module; try another

pass

elif auth_result == False:

return None

elif isinstance(auth_result, ivle.database.User):

if user is not None and auth_result is not user:

# If user is not None, then it must return the same user

raise AuthError("Internal error: "

"Bad authentication module %s (changed user)"

% repr(modname))

elif user is None:

# We just got ourselves some user details from an external

# source. Put them in the DB.

store.add(auth_result)

# Don't allow login if it is expired or disabled.

if auth_result.state == 'disabled' or auth_result.account_expired:

raise AuthError("Account is not valid.")

return auth_result

else:

100

raise AuthError("Internal error: "

101

"Bad authentication module %s (bad return type)"

102

% repr(modname))

103

# No auths checked out; fail.

104

raise AuthError()

105

106

def simple_db_auth(store, login, password, user):

107

"""

108

A plugin auth function, as described above.

109

This one just authenticates against the local database.

110

Returns None if the password in the DB is NULL, indicating that another

111

auth method should be used.

112

Raises an AuthError if mismatched, indicating failure to auth.

113

"""

114

if user is None:

115

# The login doesn't exist. Therefore return None so we can try other

116

# means of authentication.

117

return None

118

119

# They should always match, but it's best to be sure!

120

assert(user.login == login)

121

122

auth_result = user.authenticate(password)

123

# auth_result is either True, False (fail) or None (try another)

124

if auth_result is None:

125

return None

126

elif auth_result:

127

return user

128

else:

129

raise AuthError()

130

131

def get_auth_modules(config):

132

"""Get the auth modules defined in the configuration.

133

134

Returns a list of (name, function object)s. This list consists of

135

simple_db_auth, plus the "auth" functions of all the plugin auth modules.

136

"""

137

138

oldpath = sys.path

139

# Allow imports to get files from this directory.

140

# Get the directory that this module (authenticate) is in

141

authpath = os.path.split(sys.modules[__name__].__file__)[0]

142

# Add it to sys.path

143

sys.path.append(authpath)

144

145

auth_modules = [("simple_db_auth", simple_db_auth)]

146

for modname in config['auth']['modules']:

147

try:

148

mod = __import__(modname)

149

except ImportError:

150

raise AuthError("Internal error: Can't import auth module %s"

151

% repr(modname))

152

except ValueError:

153

# If auth_modules is "", we may get an empty string - ignore

154

continue

155

try:

156

authfunc = mod.auth

157

except AttributeError:

158

raise AuthError("Internal error: Auth module %s has no 'auth' "

159

"function" % repr(modname))

160

auth_modules.append((modname, authfunc))

161

162

# Restore the old path, without this directory in it.

163

sys.path = oldpath

164

return auth_modules

Older »