/src/authorization/tutorial/security.py
Python | 55 lines | 49 code | 6 blank | 0 comment | 3 complexity | 97146ee0a8aed662e801d9fa8b0f6164 MD5 | raw file
1from webob.exc import HTTPFound 2 3from repoze.bfg.view import bfg_view 4from repoze.bfg.exceptions import Forbidden 5 6from repoze.bfg.security import remember 7from repoze.bfg.security import forget 8 9USERS = {'editor':'editor', 10 'viewer':'viewer'} 11GROUPS = {'editor':['group:editors']} 12 13def groupfinder(userid, request): 14 if userid in USERS: 15 return GROUPS.get(userid, []) 16 17class LoginView(object): 18 def __init__(self, request): 19 self.request = request 20 21 @bfg_view(renderer='login.mak', context=Forbidden) 22 @bfg_view(name='login', renderer='login.mak') 23 def login(self): 24 login_url = self.request.application_url + '/login' 25 referrer = self.request.url 26 if referrer == login_url: 27 referrer = '/' # never use the login form itself as came_from 28 came_from = self.request.params.get('came_from', referrer) 29 message = '' 30 login = '' 31 password = '' 32 if 'form.submitted' in self.request.params: 33 login = self.request.params['login'] 34 password = self.request.params['password'] 35 if USERS.get(login) == password: 36 headers = remember(self.request, login) 37 return HTTPFound(location=came_from, headers=headers) 38 message = 'Failed login' 39 40 return dict( 41 message = message, 42 url = login_url, 43 came_from = came_from, 44 login = login, 45 password = password, 46 ) 47 48 @bfg_view(name='logout', permission='view') 49 def logout(self): 50 headers = forget(self.request) 51 return HTTPFound( 52 location=self.request.application_url, 53 headers=headers 54 ) 55