fixed Issue 1569:Add auth.register_bare, thanks Alan
This commit is contained in:
mdipierro
2
VERSION
2
VERSION
@@ -1 +1 @@
|
||||
Version 2.6.0-development+timestamp.2013.08.08.14.19.43
|
||||
Version 2.6.0-development+timestamp.2013.08.09.03.37.59
|
||||
|
||||
@@ -1759,7 +1759,8 @@ class Auth(object):
|
||||
description=str(description % vars),
|
||||
origin=origin, user_id=user_id)
|
||||
|
||||
def get_or_create_user(self, keys, update_fields=['email'], login=True):
|
||||
def get_or_create_user(self, keys, update_fields=['email'],
|
||||
login=True, get=True):
|
||||
"""
|
||||
Used for alternate login methods:
|
||||
If the user exists already then password is updated.
|
||||
@@ -1789,6 +1790,9 @@ class Auth(object):
|
||||
and ('registration_id' not in keys or user.registration_id != str(keys['registration_id'])):
|
||||
user = None # THINK MORE ABOUT THIS? DO WE TRUST OPENID PROVIDER?
|
||||
if user:
|
||||
if not get:
|
||||
# added for register_bare to avoid overwriting users
|
||||
return None
|
||||
update_keys = dict(registration_id=keys['registration_id'])
|
||||
for key in update_fields:
|
||||
if key in keys:
|
||||
@@ -1877,10 +1881,7 @@ class Auth(object):
|
||||
self.user = user
|
||||
self.update_groups()
|
||||
|
||||
def login_bare(self, username, password):
|
||||
"""
|
||||
logins user as specified by usernname (or email) and password
|
||||
"""
|
||||
def _get_login_settings(self):
|
||||
table_user = self.table_user()
|
||||
if self.settings.login_userfield:
|
||||
userfield = self.settings.login_userfield
|
||||
@@ -1889,20 +1890,58 @@ class Auth(object):
|
||||
else:
|
||||
userfield = 'email'
|
||||
passfield = self.settings.password_field
|
||||
user = self.db(table_user[userfield] == username).select().first()
|
||||
if user and user.get(passfield, False):
|
||||
password = table_user[passfield].validate(password)[0]
|
||||
if not user.registration_key and password == user[passfield]:
|
||||
return Storage({"table_user": table_user,
|
||||
"userfield": userfield,
|
||||
"passfield": passfield})
|
||||
|
||||
def login_bare(self, username, password):
|
||||
"""
|
||||
logins user as specified by username (or email) and password
|
||||
"""
|
||||
settings = self._get_login_settings()
|
||||
user = self.db(settings.table_user[settings.userfield] == \
|
||||
username).select().first()
|
||||
if user and user.get(settings.passfield, False):
|
||||
password = settings.table_user[
|
||||
settings.passfield].validate(password)[0]
|
||||
if not user.registration_key and password == \
|
||||
user[settings.passfield]:
|
||||
self.login_user(user)
|
||||
return user
|
||||
else:
|
||||
# user not in database try other login methods
|
||||
for login_method in self.settings.login_methods:
|
||||
if login_method != self and login_method(username, password):
|
||||
if login_method != self and \
|
||||
login_method(username, password):
|
||||
self.user = username
|
||||
return username
|
||||
return False
|
||||
|
||||
def register_bare(self, **fields):
|
||||
"""
|
||||
registers a user as specified by username (or email)
|
||||
and a raw password.
|
||||
"""
|
||||
settings = self._get_login_settings()
|
||||
if not fields.get(settings.passfield):
|
||||
raise ValueError("register_bare: " +
|
||||
"password not provided or invalid")
|
||||
elif not fields.get(settings.userfield):
|
||||
raise ValueError("register_bare: " +
|
||||
"userfield not provided or invalid")
|
||||
fields[settings.passfield
|
||||
] = settings.table_user[settings.passfield].validate(
|
||||
fields[settings.passfield])[0]
|
||||
user = self.get_or_create_user(fields, login=False,
|
||||
get=False,
|
||||
update_fields=self.settings.update_fields)
|
||||
if not user:
|
||||
# get or create did not create a user (it ignores
|
||||
# duplicate records)
|
||||
return False
|
||||
return user
|
||||
|
||||
|
||||
def cas_login(
|
||||
self,
|
||||
next=DEFAULT,
|
||||
|
||||
Reference in New Issue
Block a user