Hello,
I'm trying to make cookie auth working with authkit but cannot
find a healthy solution. So far here's the code which i'm trying
to use for getting a users object into the environ:
#!/usr/bin/env python
from notmm.controllers.wsgi import WSGIController
from notmm.controllers.auth import LoginController
from notmm.utils.http import httpserver
from notmm.utils.configparse import loadconf
sample_app = WSGIController()
settings = sample_app.settings
global_conf = loadconf('auth.conf')
auth_conf = global_conf['authkit']
auth_app = LoginController(sample_app, auth_conf, settings=settings)
if __name__ == '__main__':
httpserver.daemonize(auth_app, ('localhost', 8000))
And here's the login view to handle authentication:
def authenticate_user(request, username, password, tokens='',
user_data=time.ctime,
authfunc='paste.auth_tkt.set_user'):
"""Authenticate the user into the site and update the last_modified
timestamp if authentication and authorization granted user access."""
try:
user_setter_func = request.environ[authfunc]
if valid_password(request.environ, username, password):
user_setter_func(username, tokens=tokens, user_data=user_data())
#trigger function here to update the last_modified timestamp
log.debug('User %s has been authenticated and authorized access!!'
% username)
raise NotAuthenticatedError
except (KeyError, Exception):
raise NotAuthenticatedError
return None
controller:
class AuthCookieController(SessionController):
"""
Authentication controller to delegate authorization to generic
user-defined backends.
"""
request_class = HTTPRequest
response_class = HTTPResponse
def __init__(self, wsgi_app, auth_conf=None, **kwargs):
super(AuthCookieController, self).__init__(**kwargs)
#put a pointer on the previous wsgi app in the stack
self.wsgi_app = wsgi_app
self.auth_conf_wrapper = auth_middleware(wsgi_app,
app_conf=auth_conf,
cookie_secret='secret string',
#handle_httpexception=False,
valid=self.authenticate,
#enforce=self.auth_conf['enforce']
)
def application(self, environ, start_response, exc_info=None):
# apply the response middleware wrapper to
# the WSGI stack and return a callable obj
return self.auth_conf_wrapper(environ, start_response)
def authenticate(self, username, password):
"""
Authenticate with the provided ``username`` and ``password``.
Developers are expected to override this method in custom
authentication subclasses.
"""
if username == password:
return username
else:
return None
LoginController = AuthCookieController
the traceback:
> /home/steiner/src/notmm/trunk/examples/auth/views/login.py(33)authenticate_user()
-> if valid_password(request.environ, username, password):
(Pdb) bt
/home/steiner/src/notmm/trunk/examples/auth/redirect.py(15)<module>()
-> httpserver.daemonize(auth_app, ('localhost', 8000))
/home/steiner/src/notmm/trunk/lib/notmm/utils/http/httpserver.py(157)daemonize()
-> server.serve()
/home/steiner/src/notmm/trunk/lib/notmm/utils/http/httpserver.py(115)serve()
-> self.server.serve_forever()
/usr/local/lib/python2.7/SocketServer.py(238)serve_forever()
-> self._handle_request_noblock()
/usr/local/lib/python2.7/SocketServer.py(295)_handle_request_noblock()
-> self.process_request(request, client_address)
/usr/local/lib/python2.7/SocketServer.py(321)process_request()
-> self.finish_request(request, client_address)
/usr/local/lib/python2.7/SocketServer.py(334)finish_request()
-> self.RequestHandlerClass(request, client_address, self)
/usr/local/lib/python2.7/SocketServer.py(649)__init__()
-> self.handle()
/usr/local/lib/python2.7/wsgiref/simple_server.py(124)handle()
-> handler.run(self.server.get_app())
/usr/local/lib/python2.7/wsgiref/handlers.py(85)run()
-> self.result = application(self.environ, self.start_response)
/home/steiner/src/notmm/trunk/extras/libauthkit/authkit/authenticate/base.py(314)__call__()
-> return self.app(environ, start_response)
/home/steiner/src/notmm/trunk/extras/libauthkit/authkit/authenticate/cookie.py(480)__call__()
-> return self.app(environ, cookie_setting_start_response)
/home/steiner/src/notmm/trunk/extras/libauthkit/authkit/authenticate/multi.py(87)__call__()
-> app_iter = app(environ, start_response)
/home/steiner/src/notmm/trunk/extras/libauthkit/authkit/authenticate/multi.py(55)app()
-> return self.default(environ, find)
/home/steiner/src/notmm/trunk/extras/libauthkit/authkit/authenticate/base.py(304)__call__()
-> return self.app(environ, start_response)
/home/steiner/src/notmm/trunk/examples/auth/views/login.py(96)login()
-> authenticate_user(request, username, password)
> /home/steiner/src/notmm/trunk/examples/auth/views/login.py(33)authenticate_user()
-> if valid_password(request.environ, username, password):
/home/steiner/src/notmm/trunk/extras/libauthkit/authkit/authenticate/base.py(97)valid_password()
-> raise no_authkit_users_in_environ
And heres the config i use:
[authkit]
authkit.setup.enable = true
authkit.setup.method = redirect,cookie
authkit.setup.handle_exceptions = false
#authkit.authenticate.callback = authkit.authenticate.cookie2:middleware
#authkit.digest.authenticate.user.data = visitor:open_sesame
#authkit.digest.realm = 'Test realm'
# authentication options
authkit.redirect.url = /session_login/
#authkit.user.type = mainapp.accounts.model:UserManager
as you can see authkit middleware doesnt set up a proper users
object, which make authentication fail. Is there thus an alternative method
to set up the middleware to handle form authentication in authkit?
Regards,
Etienne
_______________________________________________
Web-SIG mailing list
Web-SIG@python.org
Web SIG: http://www.python.org/sigs/web-sig
Unsubscribe:
https://mail.python.org/mailman/options/web-sig/archive%40mail-archive.com
