Correction?
[cyril.git] / Apps / roundup / auf_roa.py
CommitLineData
849ecd4a
CR
1import hashlib, simplejson, urllib
2
3from roundup.cgi.actions import LoginAction
4from roundup.i18n import _
5
6class AufRoaLoginAction(LoginAction):
7 auf_roa_url = 'http://authentification.auf.org/auth/user/'
8 auf_email_suffix = "@auf.org"
9
aebdb7f4
CR
10 def verifyLocalPassword(self, password):
11 rc = False
849ecd4a 12
aebdb7f4
CR
13 stored = self.db.user.get(self.client.userid, 'password')
14 if password == stored:
15 rc = True
16
17 return rc
18
19 def local_login (self, password):
20 rc = True
21
22 try:
23 self.client.userid = self.db.user.lookup(self.client.user)
24 except KeyError:
25 self.client.error_message.append(_('Unknown user "%s"')%self.client.user)
26 rc = False
27 if not self.verifyLocalPassword(password):
28 self.client.error_message.append(_('Invalid password'))
29 rc = False
30
31 return rc
32
33
34 def roa_login (self, email, password):
35 rc = None
849ecd4a
CR
36
37 url = "%s?filter_email=%s&filter_password=%s&format=json" \
aebdb7f4 38 % (self.auf_roa_url, email, password)
849ecd4a 39
849ecd4a
CR
40 try:
41 ud = urllib.urlopen (url)
42 list = simplejson.load (ud)
43 ud.close ()
aebdb7f4 44 rc = list[0]
849ecd4a 45 except:
aebdb7f4
CR
46 rc = None
47
48 return rc
49
50
51 def verifyLogin(self, username, password):
52 if username.endswith (self.auf_email_suffix):
53 username = username.replace (self.auf_email_suffix, "")
54
55 email = "%s%s" % (username, self.auf_email_suffix)
56 md5pass = hashlib.md5 (password).hexdigest ()
57
58
59 roa = False
60 if not self.local_login(password):
61 roa = self.roa_login(email, md5pass)
62 if not roa:
63 self.client.make_user_anonymous ()
64 return
849ecd4a 65
773ad630
CR
66 try:
67 self.client.userid = self.db.user.lookup(self.client.user)
68 except:
aebdb7f4
CR
69 if roa:
70 props = {'realname': "%s %s" % (roa['first_name'], roa['last_name']),
71 'username': roa['email'],
72 'address': roa['email']}
73 self.journaltag = 'admin'
74 cl = self.db.user
75 props['roles'] = self.db.config.NEW_WEB_USER_ROLES
76 self.userid = cl.create (**props)
77 self.db.commit ()
78 self.client.userid = self.db.user.lookup(self.client.user)
79 else:
80 self.client.make_user_anonymous()
81 self.client.error_message.append(_("No account created without ROA"))
849ecd4a 82
878367f0
CR
83def init(instance):
84 instance.registerAction('login', AufRoaLoginAction)
849ecd4a 85