Correction?
[cyril.git] / Apps / roundup / auf_roa.py
1 import hashlib, simplejson, urllib
2
3 from roundup.cgi.actions import LoginAction
4 from roundup.i18n import _
5
6 class AufRoaLoginAction(LoginAction):
7 auf_roa_url = 'http://authentification.auf.org/auth/user/'
8 auf_email_suffix = "@auf.org"
9
10 def verifyLocalPassword(self, password):
11 rc = False
12
13 stored = self.db.user.get(self.client.userid, 'password')
14 if password == stored:
15 rc = True
16
17 return rc
18
19 def local_login (self, password):
20 rc = True
21
22 try:
23 self.client.userid = self.db.user.lookup(self.client.user)
24 except KeyError:
25 self.client.error_message.append(_('Unknown user "%s"')%self.client.user)
26 rc = False
27 if not self.verifyLocalPassword(password):
28 self.client.error_message.append(_('Invalid password'))
29 rc = False
30
31 return rc
32
33
34 def roa_login (self, email, password):
35 rc = None
36
37 url = "%s?filter_email=%s&filter_password=%s&format=json" \
38 % (self.auf_roa_url, email, password)
39
40 try:
41 ud = urllib.urlopen (url)
42 list = simplejson.load (ud)
43 ud.close ()
44 rc = list[0]
45 except:
46 rc = None
47
48 return rc
49
50
51 def verifyLogin(self, username, password):
52 if username.endswith (self.auf_email_suffix):
53 username = username.replace (self.auf_email_suffix, "")
54
55 email = "%s%s" % (username, self.auf_email_suffix)
56 md5pass = hashlib.md5 (password).hexdigest ()
57
58
59 roa = False
60 if not self.local_login(password):
61 roa = self.roa_login(email, md5pass)
62 if not roa:
63 self.client.make_user_anonymous ()
64 return
65
66 try:
67 self.client.userid = self.db.user.lookup(self.client.user)
68 except:
69 if roa:
70 props = {'realname': "%s %s" % (roa['first_name'], roa['last_name']),
71 'username': roa['email'],
72 'address': roa['email']}
73 self.journaltag = 'admin'
74 cl = self.db.user
75 props['roles'] = self.db.config.NEW_WEB_USER_ROLES
76 self.userid = cl.create (**props)
77 self.db.commit ()
78 self.client.userid = self.db.user.lookup(self.client.user)
79 else:
80 self.client.make_user_anonymous()
81 self.client.error_message.append(_("No account created without ROA"))
82
83 def init(instance):
84 instance.registerAction('login', AufRoaLoginAction)
85