burmatovan/openuds
1
0
Fork 0
forked from shaba/openuds
Code Issues Pull Requests Projects Releases Wiki Activity

Changed Authenticator so the can support "logout"

Browse Source
This commit is contained in:
Adolfo Gómez 2012-07-23 14:57:20 +00:00
parent e5e734b4b8
commit cf1ca260cb
9 changed files with 104 additions and 9 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
server/.settings/org.eclipse.core.resources.prefs
View File

@ -21,6 +21,7 @@ encoding//src/uds/auths/InternalDB/Authenticator.py=utf-8
encoding//src/uds/auths/InternalDB/__init__.py=utf-8
encoding//src/uds/auths/RegexLdap/Authenticator.py=utf-8
encoding//src/uds/auths/RegexLdap/__init__.py=utf-8
encoding//src/uds/auths/SAML-enterprise/SAML.py=utf-8
encoding//src/uds/auths/SAML/SAML.py=utf-8
encoding//src/uds/auths/SAML/__init__.py=utf-8
encoding//src/uds/auths/Sample/SampleAuth.py=utf-8
@ -148,6 +149,7 @@ encoding//src/uds/web/errors.py=utf-8
encoding//src/uds/web/forms/LoginForm.py=utf-8
encoding//src/uds/web/transformers.py=utf-8
encoding//src/uds/web/views.py=utf-8
encoding//src/uds/xmlrpc/__init__.py=utf-8
encoding//src/uds/xmlrpc/actor/Actor.py=utf-8
encoding//src/uds/xmlrpc/auths/AdminAuth.py=utf-8
encoding//src/uds/xmlrpc/auths/Authenticators.py=utf-8

35
server/src/uds/core/auths/BaseAuthenticator.py
View File

@ -211,6 +211,13 @@ class Authenticator(Module):
'''
from auth import authInfoUrl
return authInfoUrl(self.dbAuthenticator())
@classmethod
def isCustom(cls):
'''
Helper to query if a class is custom (implements getHtml method)
'''
return cls.getHtml != Authenticator.getHtml
def searchUsers(self, pattern):
'''
@ -288,6 +295,34 @@ class Authenticator(Module):
'''
return False
def logout(self, username):
'''
Invoked whenever an user logs out.
Notice that authenticators that provides getHtml method are considered "custom", and
these authenticators will never be used to allow an user to access administration interface
(they will be filtered out)
By default, this method does nothing.
Args:
username: Name of the user that logged out
Returns:
None if nothing has to be done by UDS. An URL (absolute or relative), if it has to redirect
the user to somewhere.
:note: This method will be invoked also for administration log out (it it's done), but return
result will be passed to administration interface, that will invoke the URL but nothing
will be shown to the user.
Also, notice that this method will only be invoked "implicity", this means that will be
invoked if user requests "log out", but maybe it will never be invoked.
'''
return None
def getForAuth(self, username):
'''
Process the username for this authenticator and returns it.

1
server/src/uds/core/auths/auth.py
View File

@ -208,6 +208,7 @@ def webLogout(request, exit_url = None):
Helper function to clear user related data from session. If this method is not used, the session we be cleaned anyway
by django in regular basis.
'''
# Invoke esit for authenticator
request.session.clear()
if exit_url is None:
exit_url = GlobalConfig.LOGIN_URL.get()

5
server/src/uds/models.py
View File

@ -686,6 +686,11 @@ class User(models.Model):
self.last_access = getSqlDatetime()
self.save()
def logout(self):
'''
Invoked to log out this user
'''
return self.getManager().logout(self.name)
def __unicode__(self):
return "User {0} from auth {1}".format(self.name, self.manager.name)

2
server/src/uds/urls.py
View File

@ -58,7 +58,7 @@ urlpatterns = patterns('uds',
# Custom authentication callback
(r'^auth/(?P<idAuth>.+)', 'web.views.authCallback'),
(r'^authJava/(?P<idAuth>.+)/(?P<hasJava>.*)$', 'web.views.authJava'),
(r'^authinfo/?P<authName>.+)', 'web.views.authInfo'),
(r'^authinfo/(?P<authName>.+)', 'web.views.authInfo'),
)

4
server/src/uds/web/forms/LoginForm.py
View File

@ -33,11 +33,9 @@
from django.utils.translation import ugettext_lazy as _
from django import forms
from django.conf import settings
from django.forms.forms import NON_FIELD_ERRORS
from django.forms.util import ErrorDict
from uds.models import Authenticator
from uds.core.auths import Authenticator as Auth
import logging
logger = logging.getLogger(__name__)
@ -72,7 +70,7 @@ class LoginForm(BaseForm):
if a.getType() is None:
continue
choices.append( (a.id, a.name) )
if a.getType().getHtml != Auth.getHtml:
if a.getType().isCustom():
nonStandard.append(str(a.id))
else:
standard.append(str(a.id))

3
server/src/uds/web/views.py
View File

@ -121,8 +121,9 @@ def customAuth(request, idAuth):
res = 'error'
return HttpResponse(res, content_type = 'text/html')
@webLoginRequired
def logout(request):
return webLogout(request)
return webLogout(request, request.user.logout())
@webLoginRequired
def index(request):

34
server/src/uds/xmlrpc/__init__.py
View File

@ -0,0 +1,34 @@
# -*- coding: utf-8 -*-
#
# Copyright (c) 2012 Virtual Cable S.L.
# All rights reserved.
#
# Redistribution and use in source and binary forms, with or without modification,
# are permitted provided that the following conditions are met:
#
# * Redistributions of source code must retain the above copyright notice,
# this list of conditions and the following disclaimer.
# * Redistributions in binary form must reproduce the above copyright notice,
# this list of conditions and the following disclaimer in the documentation
# and/or other materials provided with the distribution.
# * Neither the name of Virtual Cable S.L. nor the names of its contributors
# may be used to endorse or promote products derived from this software
# without specific prior written permission.
#
# THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
# AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
# IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
# DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE
# FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
# DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
# SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER
# CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
# OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
# OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
'''
XMLRCP processing part
This package contains all xmlrpc related stuff
@author: Adolfo Gómez, dkmaster at dkmon dot com
'''

27
server/src/uds/xmlrpc/auths/AdminAuth.py
View File

@ -64,6 +64,23 @@ class Credentials(object):
def __str__(self):
return "authId: {0}, isAdmin: {1}, user: {2}, locale: {3}, key: {4}".format(self.idAuth, self.isAdmin, self.user, self.locale, self.key)
def logout(self):
'''
Logout administration user
'''
logger.info('Logged out admin user {0}'.format(self))
if self.idAuth == ADMIN_AUTH: # Root administrator does nothing on logout
return ''
try:
a = Authenticator.objects.get(pk=self.idAuth).getInstance()
return a.logout(self.user)
except Exception:
logger.exception('Exception at logout (managed)')
return ''
def makeCredentials(idAuth, username, locale, isAdmin):
session = SessionStore()
@ -120,8 +137,10 @@ def getAdminAuths(locale):
Returns the authenticators
'''
activate(locale)
auths = Authenticator.all()
res = [ { 'id' : str(a.id), 'name' : a.name } for a in auths ]
res = []
for a in Authenticator.all():
if a.getType().isCustom() is False:
res.append( { 'id' : str(a.id), 'name' : a.name } )
return res + [ {'id' : ADMIN_AUTH, 'name' : _('Administration') }]
@ -153,9 +172,9 @@ def logout(credentials):
'''
Logs out and administration user
'''
ret = credentials.logout() or ''
invalidateCredentials(credentials)
logger.info('Logged out admin user {0}'.format(credentials))
return True
return ret
def registerAdminAuthFunctions(dispatcher):
dispatcher.register_function(login, 'login')