Changeset 6:17bbd5e80d15 in OKFNAnnotator (for Zope) for AuthTokenGenerator.py
- Timestamp:
- Oct 30, 2012, 7:20:31 PM (12 years ago)
- Branch:
- default
- File:
-
- 1 edited
Legend:
- Unmodified
- Added
- Removed
-
AuthTokenGenerator.py
r2 r6 2 2 from Products.PageTemplates.PageTemplateFile import PageTemplateFile 3 3 from OFS.PropertyManager import PropertyManager 4 from AccessControl import getSecurityManager 5 from zExceptions import Unauthorized 4 6 5 7 import logging … … 40 42 self.consumer_secret = consumerSecret 41 43 42 def index_html(self, user='anonymous' , password=None):43 """returns authentication token for user """44 if self._ token_allowed():44 def index_html(self, user='anonymous'): 45 """returns authentication token for user (Zope style)""" 46 if self._user_allowed(user=user): 45 47 token = self._generate_token(user) 46 48 # set CORS headers … … 52 54 53 55 self.REQUEST.RESPONSE.setHeader("Access-Control-Allow-Credentials", "true") 54 logging.debug("token =%s"%token)56 logging.debug("token for user %s: %s"%(user, token)) 55 57 self.REQUEST.RESPONSE.setHeader("Content-Type", "text/plain") 56 58 return token 57 # send as JSON58 #self.REQUEST.RESPONSE.setHeader("Content-Type", "application/json")59 #json.dump(token, self.REQUEST.RESPONSE)60 59 else: 61 self.REQUEST.RESPONSE.setStatus('Forbidden') 62 return "SORRY, NOT ALLOWED!" 60 raise Unauthorized 63 61 64 def _token_allowed(self, user=None, password=None): 65 # here we should check the login 66 return True 62 def getLoginToken(self, user='anonymous', password=None): 63 """returns authentication token or error code""" 64 # set CORS headers 65 origin = self.REQUEST.getHeader("Origin", None) 66 if origin is not None: 67 self.REQUEST.RESPONSE.setHeader("Access-Control-Allow-Origin", origin) 68 else: 69 self.REQUEST.RESPONSE.setHeader("Access-Control-Allow-Origin", "*") 70 71 self.REQUEST.RESPONSE.setHeader("Access-Control-Allow-Credentials", "true") 72 if self._user_allowed(user=user, password=password): 73 token = self._generate_token(user) 74 logging.debug("token for user %s: %s"%(user, token)) 75 self.REQUEST.RESPONSE.setHeader("Content-Type", "text/plain") 76 return token 77 else: 78 self.REQUEST.RESPONSE.setStatus('Unauthorized') 79 return "Please Authenticate!" 80 81 82 def _user_allowed(self, user=None, password=None): 83 # check the login 84 if user == 'anonymous': 85 # everybody can be anonymous 86 return user 87 88 # get logged in user 89 authuser = getSecurityManager().getUser() 90 authname = authuser.getUserName() 91 logging.debug("token_allowed: user=%s authuser=%s username=%s"%(user, repr(authuser), repr(authname))) 92 if authname == user: 93 # user is logged in 94 return authname 95 96 if password: 97 logging.debug("trying password") 98 # TODO: should we care about aquisition? 99 authuser = self.acl_users.authenticate(user, password, None) 100 return authuser 101 102 return None 67 103 68 104 def _generate_token(self, user_id):
Note: See TracChangeset
for help on using the changeset viewer.