I think you should implement .remember see https://bitbucket.org/mrtopf/repoze.who.plugins.openid/src/a5fc9e877f3b/repoze/who/plugins/openid/identification.py for inspiration
On Apr 26, 9:40 pm, Ryan Parrish <[email protected]> wrote: > I'm developing a TG 2.1 app whose data backend (the Model if you will) > is a separate RESTful web service that requires basic authentication > with every request made to it, the TG app basically serves as a proxy > for normal users to access this WS. > > What I have written so far is proof of concept for the controllers > hitting the web service with hard coded credentials, and an > IAuthenticator plugin that hits a URL at the web service that will > return the users UID or a HTTP 401 depending on if the passed > credentials are accepted. What I'm stumped at now is how to hold onto > the passed credentials for the duration of the session so that future > requests made to the web service can reuse the already known good > credentials. I have written an IMetadataProvider that (i think) > should save the user and password, and I see them in the stdout when I > do a print statement within the code, however they are no longer there > when the request finally makes its way to the post_login controller. > > Below is what I have thus far, any pointers on what I'm doing wrong > would be greatly appreciated. > > from zope.interface import implements > > from repoze.who.interfaces import IMetadataProvider > from repoze.who.interfaces import IAuthenticator > > import urllib2, json > > class RestAuthPlugin(object): > > implements(IAuthenticator) > > def __init__(self, auth_url): > self.auth_url = auth_url > > # IAuthenticatorPlugin > def authenticate(self, environ, identity): > try: > login = identity['login'] > password = identity['password'] > except KeyError: > environ['repoze.who.logger'].error('key error') > return None > > try: > password_mgr = urllib2.HTTPPasswordMgrWithDefaultRealm() > password_mgr.add_password(None, self.auth_url, login, > password) > handler = urllib2.HTTPBasicAuthHandler(password_mgr) > opener = urllib2.build_opener(handler) > opener.addheaders = [('Content-Type', 'application/json; > charset=utf-8')] > except: > environ['repoze.who.logger'].error('Could not build > urllib2 opener') > return None > > try: > result = opener.open(self.auth_url) > details = json.load(result) > except urllib2.HTTPError: > environ['repoze.who.logger'].warn('failed to auth') > return None > #print details > # details is JSON data {'uid':123, 'user_name':'example_user', > 'groups':['users']} > > environ['repoze.who.logger'].info('Returned UID: %s' % > (details['uid'],)) > #print environ > try: > int(details['uid']) > if details['user_name'] != login: > raise AssertionError > > return details['user_name'] > except: > environ['repoze.who.logger'].error('Failed to double check > credentials') > return None > #print environ > environ['repoze.who.logger'].error('failsafe') > return None #failsafe > > def __repr__(self): > return '<%s %s>' % (self.__class__.__name__, > id(self)) #pragma NO COVERAGE > > class RestMetadataProvider(object): > implements(IMetadataProvider) > > def add_metadata(self, environ, identity): > userid = identity.get('repoze.who.userid') > if userid: > post_val = environ.get('webob._parsed_post_vars') > if post_val: > try: > login = post_val[0]['login'] > passwd = post_val[0]['password'] > identity['user_cred'] = (login, passwd) > except: > print "didn't find credentials" > pass > return identity -- You received this message because you are subscribed to the Google Groups "TurboGears" group. To post to this group, send email to [email protected]. To unsubscribe from this group, send email to [email protected]. For more options, visit this group at http://groups.google.com/group/turbogears?hl=en.
