| | 1 | #!/usr/bin/python3 |
| | 2 | |
| | 3 | import logging |
| | 4 | import tornado.web |
| | 5 | |
| | 6 | from . import base |
| | 7 | |
| | 8 | # Setup logging |
| | 9 | log = logging.getLogger("pakfire.buildservice.web.auth") |
| | 10 | |
| | 11 | class LoginHandler(base.KerberosAuthMixin, base.BaseHandler): |
| | 12 | def get(self): |
| | 13 | username = self.get_authenticated_user() |
| | 14 | if not username: |
| | 15 | # Ask to authenticate |
| | 16 | self.authenticate_redirect() |
| | 17 | return |
| | 18 | |
| | 19 | # Strip the realm |
| | 20 | username, delim, realm = username.partition("@") |
| | 21 | |
| | 22 | with self.db.transaction(): |
| | 23 | # Otherwise fetch the authenticated user |
| | 24 | user = self.backend.users.get_by_name(username) |
| | 25 | if not user: |
| | 26 | raise tornado.web.HTTPError(500, "Could not find user %s" % username) |
| | 27 | |
| | 28 | # Create a new session |
| | 29 | session = self.backend.sessions.create(user, |
| | 30 | self.current_address, user_agent=self.user_agent) |
| | 31 | |
| | 32 | # Send the session cookie to the browser |
| | 33 | self.set_cookie("session_id", session.session_id, expires=session.valid_until) |
| | 34 | |
| | 35 | # If there is "next" given, we redirect the user accordingly |
| | 36 | next = self.get_argument("next", None) |
| | 37 | |
| | 38 | # Redirect the user |
| | 39 | self.redirect(next or "/") |
| | 40 | |
| | 41 | |
| | 42 | class LogoutHandler(base.BaseHandler): |
| | 43 | @tornado.web.authenticated |
| | 44 | def get(self): |
| | 45 | # Destroy the user's session. |
| | 46 | with self.db.transaction(): |
| | 47 | # Destroy the session |
| | 48 | self.session.destroy() |
| | 49 | |
| | 50 | # Remove the session cookie |
| | 51 | self.clear_cookie("session_id") |
| | 52 | |
| | 53 | # Redirect the user to the front page. |
| | 54 | self.redirect("/") |
projects / pbs.git / blame_incremental