2
from cherrypy.lib.filter.basefilter import BaseFilter
3
from multiauth.auth import SecureResource
5
def loginScreen(targetPage, message=None):
6
cherrypy.response.body = """
8
<head><title>Login</title></head>
10
<form action="%s" method="POST">
11
Username: <input type="text" name="ma_username" /><br />
12
Password: <input type="password" name="ma_password" /><br />
13
<input value="Login" type="submit" />
19
class MultiAuthFilter(BaseFilter):
20
def __init__(self, unauthorizedPath, backend, frontend=loginScreen,
21
username_arg='ma_username', password_arg='ma_password'):
22
self.backend = backend
23
self.frontend = frontend
24
self.unauthorizedPath = unauthorizedPath
25
self.username_arg = username_arg
26
self.password_arg = password_arg
29
if (cherrypy.request.paramMap.has_key(self.username_arg) \
30
and cherrypy.request.paramMap.has_key(self.password_arg)):
31
# the user is trying to login
32
username = cherrypy.request.paramMap.get(self.username_arg)
33
password = cherrypy.request.paramMap.get(self.password_arg)
34
authenticated, roles = self.backend.authenticate(username, password)
36
cherrypy.session['roles'] = roles + [username, 'loggedIn']
37
del cherrypy.request.paramMap[self.username_arg]
38
del cherrypy.request.paramMap[self.password_arg]
41
def beforeFinalize(self):
42
if isinstance(cherrypy.response.body, SecureResource):
43
rsrc = cherrypy.response.body
44
if not cherrypy.session.get('roles'):
45
self.frontend(cherrypy.request.path)
47
matches = [role for role in rsrc.roles if role in cherrypy.session['roles']]
49
raise cherrypy.HTTPRedirect(self.unauthorizedPath)
51
cherrypy.response.body = rsrc.callable(rsrc.instance,
53
**rsrc.callable_kwargs)
b'\\ No newline at end of file'