Changeset 147
- Timestamp:
- 03/10/08 18:06:26
- Files:
-
- AuthKit/trunk/CHANGELOG.txt (modified) (1 diff)
- AuthKit/trunk/authkit/authenticate/form.py (modified) (7 diffs)
- AuthKit/trunk/examples/docs/form2.py (modified) (1 diff)
Legend:
- Unmodified
- Added
- Removed
- Modified
- Copied
- Moved
AuthKit/trunk/CHANGELOG.txt
r146 r147 4 4 0.4.1 (**svn**) 5 5 6 * Added a form.method option so you can choose GET authentication for 7 cases when another piece of middleware has already parsed the form 8 variables (eg with repoze?). 6 9 * Fixed bug in form action generation for non-standard ports 7 10 * Fixed bug reported by Sam Gentle where remote addr is obtained from AuthKit/trunk/authkit/authenticate/form.py
r146 r147 30 30 log = logging.getLogger('authkit.authenticate.form') 31 31 32 def template( ):33 return"""\32 def template(method=False): 33 t = """\ 34 34 <html> 35 35 <head><title>Please Sign In</title></head> … … 48 48 </html> 49 49 """ 50 if method is not False: 51 t = t.replace('post', method) 52 return t 50 53 51 54 class FormAuthHandler(AuthKitAuthHandler, AuthFormHandler): … … 55 58 charset=None, 56 59 status="200 OK", 60 method='post', 57 61 **p 58 62 ): … … 63 67 else: 64 68 self.charset = '; charset='+charset 69 self.method = method 65 70 66 71 def on_authorized(self, environ, start_response): … … 72 77 # multi handler 73 78 username = environ.get('REMOTE_USER','') 74 if 'POST' == environ['REQUEST_METHOD']: 75 formvars = parse_formvars(environ, include_get_vars=False) 76 username = formvars.get('username') 77 password = formvars.get('password') 78 if username and password: 79 if self.authfunc(environ, username, password): 80 environ['AUTH_TYPE'] = 'form' 81 environ['REMOTE_USER'] = username 82 environ['REQUEST_METHOD'] = 'GET' 83 environ['CONTENT_LENGTH'] = '' 84 environ['CONTENT_TYPE'] = '' 85 del environ['paste.parsed_formvars'] 86 return self.on_authorized(environ, start_response) 79 formvars = parse_formvars(environ, include_get_vars=True) 80 username = formvars.get('username') 81 password = formvars.get('password') 82 if username and password: 83 if self.authfunc(environ, username, password): 84 log.debug("Username and password authenticated successfully") 85 environ['AUTH_TYPE'] = 'form' 86 environ['REMOTE_USER'] = username 87 environ['REQUEST_METHOD'] = 'GET' 88 environ['CONTENT_LENGTH'] = '' 89 environ['CONTENT_TYPE'] = '' 90 del environ['paste.parsed_formvars'] 91 return self.on_authorized(environ, start_response) 92 else: 93 log.debug("Username and password authentication failed") 94 else: 95 log.debug("Either username or password missing") 87 96 action = construct_url(environ) 88 97 log.debug("Form action is: %s", action) 89 content = self.template() % action 98 if self.method == 'post': 99 content = self.template() % action 100 else: 101 content = self.template(method=self.method) % (action) 102 90 103 # @@@ Tell Pylons error documents middleware not to intercept the 91 104 # response … … 180 193 ) 181 194 charset=auth_conf.get('charset') 182 return app, {'authfunc':authfunc, 'template':template_, 'charset':charset}, None 195 method =auth_conf.get('method', 'post') 196 if method.lower() not in ['get','post']: 197 raise Exception('Form method should be GET or POST, not %s'%method) 198 return app, {'authfunc':authfunc, 'template':template_, 'charset':charset, 'method':method}, None 183 199 184 200 def make_form_handler( … … 202 218 authfunc=auth_handler_params['authfunc'], 203 219 template=auth_handler_params['template'], 204 charset=auth_handler_params['charset'] 220 charset=auth_handler_params['charset'], 221 method=auth_handler_params['method'], 205 222 ) 206 223 app.add_checker('form', status_checker) AuthKit/trunk/examples/docs/form2.py
r146 r147 17 17 form_charset='UTF-8', 18 18 cookie_signoutpath = '/signout', 19 form_method='get', 19 20 ) 20 21
