heckyel/mediagoblin
0
0
Fork 0
Code Issues Pull Requests Releases Activity

created a check_login_simple function

Browse Source 
cherry-picked from rodney757, fixed few conflicts due to
out of order cherry-picking. Thanks to rodney757 for making
my idea even better.
This commit is contained in:
Rodney Ewing
2013-05-25 07:59:03 -07:00
committed by Elrond
parent 02b6892c29
commit 75fc93686d
5 changed files with 34 additions and 33 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
mediagoblin/plugins/httpapiauth/__init__.py
View File

@@ -18,6 +18,7 @@ import logging
from werkzeug.exceptions import Unauthorized
from mediagoblin.auth.tools import check_login_simple
from mediagoblin.plugins.api.tools import Auth
_log = logging.getLogger(__name__)
@@ -39,10 +40,10 @@ class HTTPAuth(Auth):
if not request.authorization:
return False
user = request.db.User.query.filter_by(
username=unicode(request.authorization['username'])).first()
user = check_login_simple(unicode(request.authorization['username']),
request.authorization['password'])
if user.check_login(request.authorization['password']):
if user:
request.user = user
return True
else:

12
mediagoblin/plugins/piwigo/views.py
View File

@@ -23,7 +23,7 @@ from werkzeug.exceptions import MethodNotAllowed, BadRequest, NotImplemented
from werkzeug.wrappers import BaseResponse
from mediagoblin.meddleware.csrf import csrf_exempt
from mediagoblin.auth.lib import fake_login_attempt
from mediagoblin.auth.tools import check_login_simple
from mediagoblin.media_types import sniff_media
from mediagoblin.submit.lib import check_file_field, prepare_queue_task, \
run_process_media, new_upload_entry
@@ -43,15 +43,9 @@ _log = logging.getLogger(__name__)
def pwg_login(request):
username = request.form.get("username")
password = request.form.get("password")
user = request.db.User.query.filter_by(username=username).first()
user = check_login_simple(username, password)
if not user:
_log.info("User %r not found", username)
fake_login_attempt()
return PwgError(999, 'Invalid username/password')
if not user.check_login(password):
_log.warn("Wrong password for %r", username)
return PwgError(999, 'Invalid username/password')
_log.info("Logging %r in", username)
request.session["user_id"] = user.id
request.session.save()
return True
@@ -126,7 +120,7 @@ def pwg_images_addSimple(request):
dump = []
for f in form:
dump.append("%s=%r" % (f.name, f.data))
_log.info("addSimple: %r %s %r", request.form, " ".join(dump),
_log.info("addSimple: %r %s %r", request.form, " ".join(dump),
request.files)
if not check_file_field(request, 'image'):