From 423ca8f9fb7636b336b24ba28bde5d61538bf5fc Mon Sep 17 00:00:00 2001 From: NavaL Date: Wed, 26 Oct 2016 15:55:29 +0200 Subject: authentication now returns Authentication leap session creation is only done post-interstitial and that logic is also extracted into its own class #795 --- service/pixelated/resources/login_resource.py | 61 ++++++++++++--------------- service/pixelated/resources/root_resource.py | 11 +++-- 2 files changed, 36 insertions(+), 36 deletions(-) (limited to 'service/pixelated/resources') diff --git a/service/pixelated/resources/login_resource.py b/service/pixelated/resources/login_resource.py index c0d9e874..d5555b90 100644 --- a/service/pixelated/resources/login_resource.py +++ b/service/pixelated/resources/login_resource.py @@ -17,20 +17,19 @@ import os from xml.sax import SAXParseException -from twisted.cred import credentials +from pixelated.authentication import Authenticator +from pixelated.config.leap import BootstrapUserServices +from pixelated.resources import BaseResource, UnAuthorizedResource, IPixelatedSession +from pixelated.resources import handle_error_deferred from twisted.internet import defer +from twisted.logger import Logger from twisted.python.filepath import FilePath from twisted.web import util from twisted.web.http import UNAUTHORIZED, OK -from twisted.web.resource import IResource, NoResource +from twisted.web.resource import NoResource from twisted.web.server import NOT_DONE_YET from twisted.web.static import File from twisted.web.template import Element, XMLFile, renderElement, renderer -from twisted.logger import Logger - -from pixelated.resources import handle_error_deferred -from pixelated.adapter.welcome_mail import add_welcome_mail -from pixelated.resources import BaseResource, UnAuthorizedResource, IPixelatedSession log = Logger() @@ -53,8 +52,8 @@ def _get_static_folder(): def parse_accept_language(all_headers): accepted_languages = ['pt-BR', 'en-US'] + languages = all_headers.get('accept-language', '').split(';')[0] for language in accepted_languages: - languages = all_headers['accept-language'].split(';')[0] if language in languages: return language return 'pt-BR' @@ -105,12 +104,15 @@ class LoginWebSite(Element): class LoginResource(BaseResource): BASE_URL = 'login' - def __init__(self, services_factory, portal=None, disclaimer_banner=None): + def __init__(self, services_factory, provider=None, disclaimer_banner=None, authenticator=None): BaseResource.__init__(self, services_factory) self._static_folder = _get_static_folder() self._startup_folder = _get_startup_folder() - self._portal = portal self._disclaimer_banner = disclaimer_banner + self._provider = provider + self._authenticator = authenticator or Authenticator(provider) + self._bootstrap_user_services = BootstrapUserServices(services_factory, provider) + self.putChild('startup-assets', File(self._startup_folder)) with open(os.path.join(self._startup_folder, 'Interstitial.html')) as f: self.interstitial = f.read() @@ -136,11 +138,11 @@ class LoginResource(BaseResource): if self.is_logged_in(request): return util.redirectTo("/", request) - def render_response(leap_session): + def render_response(user_auth): request.setResponseCode(OK) request.write(self.interstitial) request.finish() - self._setup_user_services(leap_session, request) + self._complete_bootstrap(user_auth, request) def render_error(error): log.info('Login Error for %s' % request.args['username'][0]) @@ -156,28 +158,21 @@ class LoginResource(BaseResource): @defer.inlineCallbacks def _handle_login(self, request): - self.creds = self._get_creds_from(request) - iface, leap_session, logout = yield self._portal.login(self.creds, None, IResource) - defer.returnValue(leap_session) - - def _get_creds_from(self, request): - username = request.args['username'][0].split('@')[0] + username = request.args['username'][0] password = request.args['password'][0] - return credentials.UsernamePassword(username, password) + user_auth = yield self._authenticator.authenticate(username, password) + defer.returnValue(user_auth) - @defer.inlineCallbacks - def _setup_user_services(self, leap_session, request): - user_id = leap_session.user_auth.uuid - if not self._services_factory.has_session(user_id): - yield self._services_factory.create_services_from(leap_session) - self._services_factory.map_email(self.creds.username, user_id) - - if leap_session.fresh_account: - language = parse_accept_language(request.getAllHeaders()) - yield add_welcome_mail(leap_session.mail_store, language) + def _complete_bootstrap(self, user_auth, request): + def log_error(error): + log.error('Login error during %s services setup: %s' % (user_auth.username, error.getErrorMessage())) - self._init_http_session(request, user_id) + def set_session_cookies(_): + session = IPixelatedSession(request.getSession()) + session.user_uuid = user_auth.uuid - def _init_http_session(self, request, user_id): - session = IPixelatedSession(request.getSession()) - session.user_uuid = user_id + language = parse_accept_language(request.getAllHeaders()) + password = request.args['password'][0] + d = self._bootstrap_user_services.setup(user_auth, password, language) + d.addCallback(set_session_cookies) + d.addErrback(log_error) diff --git a/service/pixelated/resources/root_resource.py b/service/pixelated/resources/root_resource.py index 504d156d..70d8a565 100644 --- a/service/pixelated/resources/root_resource.py +++ b/service/pixelated/resources/root_resource.py @@ -19,6 +19,7 @@ import os from string import Template from pixelated.resources import BaseResource, UnAuthorizedResource, UnavailableResource +from pixelated.resources import IPixelatedSession from pixelated.resources.attachments_resource import AttachmentsResource from pixelated.resources.sandbox_resource import SandboxResource from pixelated.resources.contacts_resource import ContactsResource @@ -34,6 +35,10 @@ from pixelated.resources.keys_resource import KeysResource from twisted.web.resource import NoResource from twisted.web.static import File +from twisted.logger import Logger + +log = Logger() + from pixelated.resources.users import UsersResource CSRF_TOKEN_LENGTH = 32 @@ -82,13 +87,13 @@ class RootResource(BaseResource): csrf_input = request.args.get('csrftoken', [None])[0] or json.loads(request.content.read()).get('csrftoken', [None])[0] return csrf_input and csrf_input == xsrf_token - def initialize(self, portal=None, disclaimer_banner=None): + def initialize(self, provider=None, disclaimer_banner=None, authenticator=None): self._child_resources.add('sandbox', SandboxResource(self._static_folder)) self._child_resources.add('assets', File(self._static_folder)) self._child_resources.add('keys', KeysResource(self._services_factory)) self._child_resources.add(AttachmentsResource.BASE_URL, AttachmentsResource(self._services_factory)) self._child_resources.add('contacts', ContactsResource(self._services_factory)) - self._child_resources.add('features', FeaturesResource(portal)) + self._child_resources.add('features', FeaturesResource(provider)) self._child_resources.add('tags', TagsResource(self._services_factory)) self._child_resources.add('mails', MailsResource(self._services_factory)) self._child_resources.add('mail', MailResource(self._services_factory)) @@ -96,7 +101,7 @@ class RootResource(BaseResource): self._child_resources.add('user-settings', UserSettingsResource(self._services_factory)) self._child_resources.add('users', UsersResource(self._services_factory)) self._child_resources.add(LoginResource.BASE_URL, - LoginResource(self._services_factory, portal, disclaimer_banner=disclaimer_banner)) + LoginResource(self._services_factory, provider, disclaimer_banner=disclaimer_banner, authenticator=authenticator)) self._child_resources.add(LogoutResource.BASE_URL, LogoutResource(self._services_factory)) self._mode = MODE_RUNNING -- cgit v1.2.3