/src/authorization/tutorial/security.py

https://bitbucket.org/blaflamme/pylonswiking · Python · 55 lines · 46 code · 9 blank · 0 comment · 4 complexity · 97146ee0a8aed662e801d9fa8b0f6164 MD5 · raw file

  1. from webob.exc import HTTPFound
  2. from repoze.bfg.view import bfg_view
  3. from repoze.bfg.exceptions import Forbidden
  4. from repoze.bfg.security import remember
  5. from repoze.bfg.security import forget
  6. USERS = {'editor':'editor',
  7. 'viewer':'viewer'}
  8. GROUPS = {'editor':['group:editors']}
  9. def groupfinder(userid, request):
  10. if userid in USERS:
  11. return GROUPS.get(userid, [])
  12. class LoginView(object):
  13. def __init__(self, request):
  14. self.request = request
  15. @bfg_view(renderer='login.mak', context=Forbidden)
  16. @bfg_view(name='login', renderer='login.mak')
  17. def login(self):
  18. login_url = self.request.application_url + '/login'
  19. referrer = self.request.url
  20. if referrer == login_url:
  21. referrer = '/' # never use the login form itself as came_from
  22. came_from = self.request.params.get('came_from', referrer)
  23. message = ''
  24. login = ''
  25. password = ''
  26. if 'form.submitted' in self.request.params:
  27. login = self.request.params['login']
  28. password = self.request.params['password']
  29. if USERS.get(login) == password:
  30. headers = remember(self.request, login)
  31. return HTTPFound(location=came_from, headers=headers)
  32. message = 'Failed login'
  33. return dict(
  34. message = message,
  35. url = login_url,
  36. came_from = came_from,
  37. login = login,
  38. password = password,
  39. )
  40. @bfg_view(name='logout', permission='view')
  41. def logout(self):
  42. headers = forget(self.request)
  43. return HTTPFound(
  44. location=self.request.application_url,
  45. headers=headers
  46. )