1.1 --- a/examples/Common/Login/__init__.py Sun May 30 15:30:41 2004 +0000
1.2 +++ b/examples/Common/Login/__init__.py Sun May 30 15:32:29 2004 +0000
1.3 @@ -9,41 +9,73 @@
1.4
1.5 "A resource providing a login screen."
1.6
1.7 - def __init__(self, authenticator, use_redirect=1):
1.8 + def __init__(self, authenticator, anonymous_parameter_name=None, anonymous_username="anonymous", use_redirect=1):
1.9
1.10 """
1.11 - Initialise the resource with an 'authenticator'. If the optional 'use_redirect'
1.12 - flag is set to 0, a confirmation screen is given instead of redirecting the user
1.13 - back to the original application.
1.14 + Initialise the resource with an 'authenticator'.
1.15 +
1.16 + If the optional 'anonymous_parameter_name' is set, clients providing a parameter
1.17 + of that name in the URL will not be authenticated, but then such clients will not
1.18 + get a user identity associated with them. The optional 'anonymous_username' is the
1.19 + username appearing as the identity of anonymous users.
1.20 +
1.21 + If the optional 'use_redirect' flag is set to 0, a confirmation screen is given
1.22 + instead of redirecting the user back to the original application.
1.23 """
1.24
1.25 self.authenticator = authenticator
1.26 + self.anonymous_parameter_name = anonymous_parameter_name
1.27 + self.anonymous_username = anonymous_username
1.28 self.use_redirect = use_redirect
1.29
1.30 def respond(self, trans):
1.31
1.32 - fields = trans.get_fields_from_body()
1.33 - redirect = ""
1.34 + fields_path = trans.get_fields_from_path()
1.35 + fields_body = trans.get_fields_from_body()
1.36 +
1.37 + # NOTE: Handle missing redirects better.
1.38 +
1.39 + if fields_body.has_key("redirect"):
1.40 + redirects = fields_body["redirect"]
1.41 + redirect = redirects[0]
1.42 + elif fields_path.has_key("redirect"):
1.43 + redirects = fields_path["redirect"]
1.44 + redirect = redirects[0]
1.45 + else:
1.46 + redirect = ""
1.47
1.48 - if fields.has_key("redirect"):
1.49 - redirects = fields["redirect"]
1.50 - redirect = redirects[0]
1.51 + # Check for the anonymous parameter, if appropriate.
1.52 +
1.53 + if self.anonymous_parameter_name is not None and fields_path.has_key(self.anonymous_parameter_name):
1.54 +
1.55 + # Make a special cookie token.
1.56 +
1.57 + self.authenticator.set_token(trans, self.anonymous_username)
1.58 + self._redirect(trans, redirect)
1.59 + return
1.60 +
1.61 + # Otherwise, check for a submitted login form.
1.62 +
1.63 + elif fields_body.has_key("login"):
1.64 if self.authenticator.authenticate(trans):
1.65 - if self.use_redirect:
1.66 - trans.set_header_value("Location", redirect)
1.67 - trans.set_response_code(307)
1.68 - return
1.69 - else:
1.70 - self._show_success(trans, redirect)
1.71 - return
1.72 - else:
1.73 - fields = trans.get_fields_from_path()
1.74 - if fields.has_key("redirect"):
1.75 - redirects = fields["redirect"]
1.76 - redirect = redirects[0]
1.77 + self._redirect(trans, redirect)
1.78 +
1.79 + # Otherwise, show the login form.
1.80
1.81 self._show_login(trans, redirect)
1.82
1.83 + def _redirect(self, trans, redirect):
1.84 +
1.85 + "Redirect the client using 'trans' and the given 'redirect' URL."
1.86 +
1.87 + if self.use_redirect:
1.88 + trans.set_header_value("Location", redirect)
1.89 + trans.set_response_code(307)
1.90 +
1.91 + # Show the success page anyway.
1.92 +
1.93 + self._show_success(trans, redirect)
1.94 +
1.95 def _show_login(self, trans, redirect):
1.96
1.97 # When authentication fails or is yet to take place, show the login
1.98 @@ -129,13 +161,18 @@
1.99
1.100 # Make a special cookie token.
1.101
1.102 - trans.set_cookie_value(
1.103 - self.cookie_name,
1.104 - get_token(username, self.secret_key)
1.105 - )
1.106 -
1.107 + self.set_token(trans, username)
1.108 return 1
1.109
1.110 return 0
1.111
1.112 + def set_token(self, trans, username):
1.113 +
1.114 + "Set an authentication in the 'trans' with the given 'username'."
1.115 +
1.116 + trans.set_cookie_value(
1.117 + self.cookie_name,
1.118 + get_token(username, self.secret_key)
1.119 + )
1.120 +
1.121 # vim: tabstop=4 expandtab shiftwidth=4