add a check for authentication plugin on startup and respond according to no_auth config option. allows instance to be run w/o authentication

2013-05-14 16:14:19 -07:00
parent b56b6b1e77
commit 744f1c83b9
9 changed files with 70 additions and 19 deletions
--- a/mediagoblin/auth/tools.py
+++ b/mediagoblin/auth/tools.py
@@ -14,10 +14,16 @@
 # You should have received a copy of the GNU Affero General Public License
 # along with this program.  If not, see <http://www.gnu.org/licenses/>.

+import logging
+import sys
 import wtforms

+from mediagoblin import mg_globals
 from mediagoblin.tools.mail import normalize_email
 from mediagoblin.tools.translate import lazy_pass_to_ugettext as _
+from mediagoblin.tools.pluginapi import hook_handle
+
+_log = logging.getLogger(__name__)


 def normalize_user_or_email_field(allow_email=True, allow_user=True):
@@ -48,3 +54,19 @@ def normalize_user_or_email_field(allow_email=True, allow_user=True):
        if field.data is None:  # should not happen, but be cautious anyway
            raise wtforms.ValidationError(message)
    return _normalize_field
+
+
+def check_auth_enabled():
+    no_auth = mg_globals.app_config['no_auth']
+    auth_plugin = True if hook_handle('auth') is not None else False
+
+    if no_auth == 'false' and not auth_plugin:
+        print 'No authentication plugin is enabled and no_auth = false in ' \
+              'config! \n..Exiting'
+        sys.exit()
+
+    if no_auth == 'true' and not auth_plugin:
+        _log.warning('No authentication is enabled')
+        return False
+    else:
+        return True
--- a/mediagoblin/auth/views.py
+++ b/mediagoblin/auth/views.py
@@ -44,8 +44,9 @@ def register(request):
    Note that usernames will always be lowercased. Email domains are lowercased while
    the first part remains case-sensitive.
    """
-    # Redirects to indexpage if registrations are disabled
-    if not mg_globals.app_config["allow_registration"]:
+    # Redirects to indexpage if registrations are disabled or no authentication
+    # is enabled
+    if not mg_globals.app_config["allow_registration"] or not mg_globals.app.auth:
        messages.add_message(
            request,
            messages.WARNING,
@@ -88,6 +89,14 @@ def login(request):

    If you provide the POST with 'next', it'll redirect to that view.
    """
+    # Redirects to index page if no authentication is enabled
+    if not mg_globals.app.auth:
+        messages.add_message(
+            request,
+            messages.WARNING,
+            _('Sorry, authentication is disabled on this instance.'))
+        return redirect(request, 'index')
+
    login_form = auth.get_login_form(request)

    login_failed = False