]>
Commit | Line | Data |
---|---|---|
1 | #!/usr/bin/python3 | |
2 | ||
3 | import logging | |
4 | import tornado.web | |
5 | ||
6 | from . import base | |
7 | ||
8 | # Setup logging | |
9 | log = logging.getLogger("pakfire.buildservice.web.auth") | |
10 | ||
11 | class LoginHandler(base.KerberosAuthMixin, base.BaseHandler): | |
12 | def get(self): | |
13 | username = self.get_authenticated_user() | |
14 | if not username: | |
15 | # Ask to authenticate | |
16 | self.authenticate_redirect() | |
17 | return | |
18 | ||
19 | # Strip the realm | |
20 | username, delim, realm = username.partition("@") | |
21 | ||
22 | with self.db.transaction(): | |
23 | # Otherwise fetch the authenticated user | |
24 | user = self.backend.users.get_by_name(username) | |
25 | if not user: | |
26 | raise tornado.web.HTTPError(500, "Could not find user %s" % username) | |
27 | ||
28 | # Create a new session | |
29 | session = self.backend.sessions.create(user, | |
30 | self.current_address, user_agent=self.user_agent) | |
31 | ||
32 | # Send the session cookie to the browser | |
33 | self.set_cookie("session_id", session.session_id, expires=session.valid_until) | |
34 | ||
35 | # If there is "next" given, we redirect the user accordingly | |
36 | next = self.get_argument("next", None) | |
37 | ||
38 | # Redirect the user | |
39 | self.redirect(next or "/") | |
40 | ||
41 | ||
42 | class LogoutHandler(base.BaseHandler): | |
43 | @tornado.web.authenticated | |
44 | def get(self): | |
45 | # Destroy the user's session. | |
46 | with self.db.transaction(): | |
47 | # Destroy the session | |
48 | self.session.destroy() | |
49 | ||
50 | # Remove the session cookie | |
51 | self.clear_cookie("session_id") | |
52 | ||
53 | # Redirect the user to the front page. | |
54 | self.redirect("/") |