1 # -*- coding: iso-8859-1 -*-
3 MoinMoin - FusionForge session cookie authentication
5 @copyright: 2005 MoinMoin:AlexanderSchremmer (Thanks to Spreadshirt)
6 @copyright: 2011 Roland Mas
7 @license: GNU GPL, see COPYING for details.
16 from MoinMoin import user
17 from MoinMoin.auth import _PHPsessionParser, BaseAuth
19 class FusionForgeLink():
20 def get_config(self, varname, secname='core'):
21 return subprocess.Popen(["/usr/share/gforge/bin/forge_get_config", varname, secname], stdout = subprocess.PIPE).communicate()[0].rstrip('\n')
23 def __init__(self, cookies=['session_ser'], autocreate=True):
24 self.database_host = self.get_config('database_host')
25 self.database_name = self.get_config('database_name')
26 self.database_user = self.get_config('database_user')
27 self.database_port = self.get_config('database_port')
28 self.database_password = self.get_config('database_password')
30 if (self.database_host != ''):
31 self.conn = psycopg2.connect(database=self.database_name,
32 user=self.database_user,
33 port=self.database_port,
34 password=self.database_password,
35 host=self.database_host)
37 self.conn = psycopg2.connect(database=self.database_name,
38 user=self.database_user,
39 port=self.database_port,
40 password=self.database_password)
42 def get_connection(self):
45 def get_projects(self):
46 cur = self.conn.cursor()
47 cur.execute("SELECT g.unix_group_name from groups g, group_plugin gp, plugins p where g.group_id = gp.group_id and gp.plugin_id = p.plugin_id and p.plugin_name = 'moinmoin'")
50 projects.append(record[0])
53 class FusionForgeSessionAuth(BaseAuth):
54 """ FusionForge session cookie authentication """
56 name = 'fusionforge_session'
58 def __init__(self, cookies=['session_ser'], autocreate=True):
59 """ @param cookie: Names of the cookies to parse.
61 BaseAuth.__init__(self)
62 self.cookies = cookies
63 self.autocreate = autocreate
65 self.fflink = FusionForgeLink()
66 self.conn = self.fflink.get_connection()
67 self.session_key = self.fflink.get_config('session_key')
69 def get_super_users(self):
70 cur = self.conn.cursor()
71 cur.execute("SELECT distinct(u.user_name) from users u, pfo_user_role pur, pfo_role pr, pfo_role_setting prs WHERE u.user_id = pur.user_id AND pur.role_id = pr.role_id AND pr.role_id = prs.role_id AND prs.section_name='forge_admin'")
74 admins.append(record[0])
77 def request(self, request, user_obj, **kw):
78 cookies = kw.get('cookie')
79 if cookies is None or cookies == {}:
80 return user_obj, False
82 for cookiename in cookies:
83 if cookiename not in self.cookies:
85 cookievalue = urllib.unquote(cookies[cookiename]).decode('iso-8859-1')
87 m = re.search('(.*)-\*-(.*)', cookievalue)
90 (sserial, shash) = m.group(1, 2)
92 sdata = base64.b64decode(sserial)
93 if hashlib.md5(sdata + self.session_key).hexdigest() != shash:
96 m = re.search('(.*)-\*-(.*)-\*-(.*)-\*-(.*)', sdata)
99 (user_id, time, ip, user_agent) = m.group(1, 2, 3, 4)
101 cur = self.conn.cursor()
102 cur.execute("SELECT user_name, realname FROM users WHERE user_id=%s", [user_id])
103 (loginname, realname) = cur.fetchone()
106 # MoinMoin doesn't enforce unicity of realnames
107 u = user.User(request, name=loginname, auth_username=loginname,
108 auth_method=self.name)
110 if u and self.autocreate:
111 u.create_or_update(True)
113 return u, True # True to get other methods called, too
114 return user_obj, False # continue with next method in auth list