[Moin-user] Performing custom authentication against a database table
Alex Willmer
alex at moreati.org.uk
Wed Apr 18 12:20:33 EDT 2007
I'm trying to have MoinMoin authenticate users authenticate users against a
table in postgresql. So far I've written a dbtable() function (based on the
distributed LDAP()) and added to wikiconfig.py as:
auth = [dbtable, moin_cookie]
However the custom authentication is not working, moinmoin reports the username
as not found, although moin_cookie auth continues to work.
I have a couple of questions:
1. Where does request.log() log to?
2. Is there anything glaringly wrong with my code? Am I right to return user_obj
rather than the created User object?
Regards & thanks.
Alex Willmer
def unpack_kw(kw):
"""Return name, password, login, user_obj from kw dictionary."""
return (kw.get('name'), kw.get('password'),
kw.get('login'), kw.get('logout'), kw.get('user_obj'))
def dbtable(request, **kw):
"""Get authentication from form, authenticate via table in database
User profile must be handled e.g. by cookie
"""
username, password, login, logout, user_obj = unpack_kw(kw)
cfg = request.cfg
dbmod = cfg.auth_dbtable_module
dbdsn = cfg.auth_dbtable_dsn
tabname = cfg.auth_dbtable_tablename
usercol = cfg.auth_dbtable_usercolumn
passcol = cfg.auth_dbtable_passcolumn
verbose = cfg.auth_dbtable_verbose
if verbose: request.log('auth_dbtable: name=%s login=%s logout=%s' %
(username, login, logout))
if not login and not logout: return user_obj, True
import md5
import sha
import sys
import traceback
import psycopg2 as dbapi2 # TODO AW Honour auth_dbtable_module
from MoinMoin import auth, user
try:
algos = {'md5':md5, 'sha1':sha}
if verbose: request.log('auth_dbtable: Connecting to database')
conn = dbapi2.connection(dsn=dsn)
curs = conn.cursor()
q = """SELECT %s FROM %s WHERE %s = %%(username)s""" % \
(passcol, tabname, usercol)
if verbose: request.log('auth_dbtable: Querying table %s' % (tabname))
curs.execute(q, {'username': username})
shib = curs.fetchone()[0]
curs.close()
conn.close()
if verbose: request.log('auth_dbtable: Testing user %s' % (username))
pwalgo, pwsalt, pwhash = shib.split('$')
hashfunc = algos[pwalgo]
challenge = hashfunc.new(pwsalt+password).hexdigest()
if challenge == pwhash:
if verbose:
request.log('auth_dbtable: Logged in user %s' % (username))
u = user.User(request, auth_username=username, password=password,
name=username,
auth_method='dbtable',
auth_attribs=('name', 'auth_username', 'password',))
u.create_or_update(True)
else:
if verbose:
request.log('auth_dbtable: User %s login failed' % (username))
u = None
except:
info = sys.exc_info()
request.log("auth_dbtable: caught an exception, traceback follows:")
request.log(''.join(traceback.format_exception(*info)))
return (user_obj, True)
More information about the Moin-user
mailing list