Correction?
authorCyril Robert <Cyril Robert crobert@inverse.ca>
Fri, 19 Feb 2010 21:11:25 +0000 (16:11 -0500)
committerCyril Robert <Cyril Robert crobert@inverse.ca>
Fri, 19 Feb 2010 21:11:25 +0000 (16:11 -0500)
Apps/roundup/auf_roa.py

index b3a922d..6e6217e 100644 (file)
@@ -7,39 +7,78 @@ class AufRoaLoginAction(LoginAction):
     auf_roa_url = 'http://authentification.auf.org/auth/user/'
     auf_email_suffix = "@auf.org"
 
     auf_roa_url = 'http://authentification.auf.org/auth/user/'
     auf_email_suffix = "@auf.org"
 
-    def verifyLogin(self, username, password):
-        if username.endswith (self.auf_email_suffix):
-            username = username.replace (self.auf_email_suffix, "")
+    def verifyLocalPassword(self, password):
+        rc = False
 
 
-        email = "%s%s" % (username, self.auf_email_suffix)
-        md5pass = hashlib.md5 (password).hexdigest ()
+        stored = self.db.user.get(self.client.userid, 'password')
+        if password == stored:
+            rc = True
+
+        return rc
+
+    def local_login (self, password):
+        rc = True
+
+        try:
+            self.client.userid = self.db.user.lookup(self.client.user)
+        except KeyError:
+            self.client.error_message.append(_('Unknown user "%s"')%self.client.user)
+            rc = False
+        if not self.verifyLocalPassword(password):
+            self.client.error_message.append(_('Invalid password'))
+            rc = False
+
+        return rc
+
+
+    def roa_login (self, email, password):
+        rc = None
 
         url = "%s?filter_email=%s&filter_password=%s&format=json" \
 
         url = "%s?filter_email=%s&filter_password=%s&format=json" \
-                % (self.auf_roa_url, email, md5pass)
+                % (self.auf_roa_url, email, password)
 
 
-        user = None
         try:
             ud = urllib.urlopen (url)
             list = simplejson.load (ud)
             ud.close ()
         try:
             ud = urllib.urlopen (url)
             list = simplejson.load (ud)
             ud.close ()
-            user = list[0]
+            rc = list[0]
         except:
         except:
-            self.client.make_user_anonymous()
-            self.client.error_message.append(_("Compte invalide ou erreur ROA"))
-            return
+            rc = None
+
+        return rc
+
+
+    def verifyLogin(self, username, password):
+        if username.endswith (self.auf_email_suffix):
+            username = username.replace (self.auf_email_suffix, "")
+
+        email = "%s%s" % (username, self.auf_email_suffix)
+        md5pass = hashlib.md5 (password).hexdigest ()
+
+
+        roa = False
+        if not self.local_login(password):
+            roa = self.roa_login(email, md5pass)
+            if not roa:
+                self.client.make_user_anonymous ()
+                return
 
         try:
             self.client.userid = self.db.user.lookup(self.client.user)
         except:
 
         try:
             self.client.userid = self.db.user.lookup(self.client.user)
         except:
-            props = {'realname': "%s %s" % (user['first_name'], user['last_name']),
-                     'username': user['email'],
-                     'address': user['email']}
-            self.journaltag = 'admin'
-            cl = self.db.user
-            props['roles'] = self.db.config.NEW_WEB_USER_ROLES
-            self.userid = cl.create (**props)
-            self.db.commit ()
-            self.client.userid = self.db.user.lookup(self.client.user)
+            if roa:
+                props = {'realname': "%s %s" % (roa['first_name'], roa['last_name']),
+                     'username': roa['email'],
+                     'address': roa['email']}
+                self.journaltag = 'admin'
+                cl = self.db.user
+                props['roles'] = self.db.config.NEW_WEB_USER_ROLES
+                self.userid = cl.create (**props)
+                self.db.commit ()
+                self.client.userid = self.db.user.lookup(self.client.user)
+            else:
+                self.client.make_user_anonymous()
+                self.client.error_message.append(_("No account created without ROA")) 
 
 def init(instance):
     instance.registerAction('login', AufRoaLoginAction)
 
 def init(instance):
     instance.registerAction('login', AufRoaLoginAction)