diff options
author | Kali Kaneko <kali@leap.se> | 2017-07-25 11:40:11 -0400 |
---|---|---|
committer | Kali Kaneko <kali@leap.se> | 2017-07-25 11:40:29 -0400 |
commit | 91e4481c450eb7eb928debc1cb7fa59bdb63dd7b (patch) | |
tree | 8fd7e6e77b6df669c33d96b7edad6db3cbe14dfe /service/pixelated/resources/auth.py | |
parent | e4f755309d4cf5cfb6b0bcc62ed73d6070956ab5 (diff) |
[pkg] packaging and path changes
- move all the pixelated python package under src/
- move the pixelated_www package under the leap namespace
- allow to set globally the static folder
- add hours and minutes to the timestamp in package version, to allow
for several releases a day.
Diffstat (limited to 'service/pixelated/resources/auth.py')
-rw-r--r-- | service/pixelated/resources/auth.py | 117 |
1 files changed, 0 insertions, 117 deletions
diff --git a/service/pixelated/resources/auth.py b/service/pixelated/resources/auth.py deleted file mode 100644 index adac985f..00000000 --- a/service/pixelated/resources/auth.py +++ /dev/null @@ -1,117 +0,0 @@ -# -# Copyright (c) 2016 ThoughtWorks, Inc. -# -# Pixelated is free software: you can redistribute it and/or modify -# it under the terms of the GNU Affero General Public License as published by -# the Free Software Foundation, either version 3 of the License, or -# (at your option) any later version. -# -# Pixelated is distributed in the hope that it will be useful, -# but WITHOUT ANY WARRANTY; without even the implied warranty of -# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -# GNU Affero General Public License for more details. -# -# You should have received a copy of the GNU Affero General Public License -# along with Pixelated. If not, see <http://www.gnu.org/licenses/>. - -import re - -from pixelated.resources import IPixelatedSession -from twisted.cred import error -from twisted.cred import portal, checkers -from twisted.cred.checkers import ANONYMOUS -from twisted.cred.credentials import ICredentials -from twisted.internet import defer -from twisted.logger import Logger -from twisted.web import util -from twisted.web._auth.wrapper import UnauthorizedResource -from twisted.web.error import UnsupportedMethod -from twisted.web.resource import IResource, ErrorPage -from zope.interface import implements, implementer, Attribute - - -log = Logger() - - -class ISessionCredential(ICredentials): - - request = Attribute('the current request') - - -@implementer(ISessionCredential) -class SessionCredential(object): - def __init__(self, request): - self.request = request - - -@implementer(checkers.ICredentialsChecker) -class SessionChecker(object): - credentialInterfaces = (ISessionCredential,) - - def __init__(self, services_factory): - self._services_factory = services_factory - - def requestAvatarId(self, credentials): - session = self.get_session(credentials.request) - if session.is_logged_in() and self._services_factory.has_session(session.user_uuid): - return defer.succeed(session.user_uuid) - return defer.succeed(ANONYMOUS) - - def get_session(self, request): - return IPixelatedSession(request.getSession()) - - -class PixelatedRealm(object): - implements(portal.IRealm) - - def requestAvatar(self, avatarId, mind, *interfaces): - if IResource in interfaces: - return IResource, avatarId, lambda: None - raise NotImplementedError() - - -@implementer(IResource) -class PixelatedAuthSessionWrapper(object): - - isLeaf = False - - def __init__(self, portal, root_resource, anonymous_resource, credentialFactories): - self._portal = portal - self._credentialFactories = credentialFactories - self._root_resource = root_resource - self._anonymous_resource = anonymous_resource - - def render(self, request): - raise UnsupportedMethod(()) - - def getChildWithDefault(self, path, request): - request.postpath.insert(0, request.prepath.pop()) - return self._authorizedResource(request) - - def _authorizedResource(self, request): - creds = SessionCredential(request) - return util.DeferredResource(self._login(creds, request)) - - def _login(self, credentials, request): - pattern = re.compile("^/sandbox/") - - def loginSucceeded(args): - interface, avatar, logout = args - if avatar == checkers.ANONYMOUS and not pattern.match(request.path): - return self._anonymous_resource - else: - return self._root_resource - - def loginFailed(result): - if result.check(error.Unauthorized, error.LoginFailed): - return UnauthorizedResource(self._credentialFactories) - else: - log.err( - result, - "HTTPAuthSessionWrapper.getChildWithDefault encountered " - "unexpected error") - return ErrorPage(500, None, None) - - d = self._portal.login(credentials, None, IResource) - d.addCallbacks(loginSucceeded, loginFailed) - return d |