[pbs.git] / src / web / auth.py

#!/usr/bin/python3

import logging
import tornado.web

from . import base

# Setup logging
log = logging.getLogger("pakfire.buildservice.web.auth")

class LoginHandler(base.KerberosAuthMixin, base.BaseHandler):
	def get(self):
		username = self.get_authenticated_user()
		if not username:
			# Ask to authenticate
			self.authenticate_redirect()
			return

		# Strip the realm
		username, delim, realm = username.partition("@")

		with self.db.transaction():
			# Otherwise fetch the authenticated user
			user = self.backend.users.get_by_name(username)
			if not user:
				raise tornado.web.HTTPError(500, "Could not find user %s" % username)

			# Create a new session
			session = self.backend.sessions.create(user,
				self.current_address, user_agent=self.user_agent)

		# Send the session cookie to the browser
		self.set_cookie("session_id", session.session_id, expires=session.valid_until)

		# If there is "next" given, we redirect the user accordingly
		next = self.get_argument("next", None)

		# Redirect the user
		self.redirect(next or "/")


class LogoutHandler(base.BaseHandler):
	@tornado.web.authenticated
	def get(self):
		# Destroy the user's session.
		with self.db.transaction():
			# Destroy the session
			self.session.destroy()

		# Remove the session cookie
		self.clear_cookie("session_id")

		# Redirect the user to the front page.
		self.redirect("/")
Commit	Line	Data
abac2d48	1	#!/usr/bin/python3
9137135a	2
abac2d48	3	import logging
9137135a MT	4	import tornado.web
9137135a MT	5
0919f216	6	from . import base
9137135a	7
abac2d48	8	# Setup logging
f062b044	9	log = logging.getLogger("pakfire.buildservice.web.auth")
abac2d48	10
f062b044	11	class LoginHandler(base.KerberosAuthMixin, base.BaseHandler):
394eb35a	12	def get(self):
abac2d48 MT	13	username = self.get_authenticated_user()
	14	if not username:
	15	# Ask to authenticate
	16	self.authenticate_redirect()
	17	return
9137135a	18
abac2d48 MT	19	# Strip the realm
abac2d48 MT	20	username, delim, realm = username.partition("@")
9137135a	21
d2738057	22	with self.db.transaction():
abac2d48	23	# Otherwise fetch the authenticated user
7dcbc388	24	user = self.backend.users.get_by_name(username)
7636359c	25	if not user:
abac2d48	26	raise tornado.web.HTTPError(500, "Could not find user %s" % username)
7636359c	27
abac2d48 MT	28	# Create a new session
abac2d48 MT	29	session = self.backend.sessions.create(user,
d2738057	30	self.current_address, user_agent=self.user_agent)
9137135a	31
abac2d48 MT	32	# Send the session cookie to the browser
abac2d48 MT	33	self.set_cookie("session_id", session.session_id, expires=session.valid_until)
9137135a	34
7636359c MT	35	# If there is "next" given, we redirect the user accordingly
	36	next = self.get_argument("next", None)
	37
	38	# Redirect the user
	39	self.redirect(next or "/")
9137135a MT	40
9137135a MT	41
0919f216	42	class LogoutHandler(base.BaseHandler):
9137135a MT	43	@tornado.web.authenticated
9137135a MT	44	def get(self):
d2738057 MT	45	# Destroy the user's session.
d2738057 MT	46	with self.db.transaction():
70987fab MT	47	# Destroy the session
70987fab MT	48	self.session.destroy()
d2738057	49
70987fab MT	50	# Remove the session cookie
70987fab MT	51	self.clear_cookie("session_id")
f6e6ff79	52
fa5fa7db MT	53	# Redirect the user to the front page.
fa5fa7db MT	54	self.redirect("/")