[Checkins]
SVN: z3c.authentication/trunk/src/z3c/authentication/cookie/
Implemented auto login field for login form.
Roger Ineichen
roger at projekt01.ch
Fri Nov 3 12:18:52 EST 2006
Log message for revision 71044:
Implemented auto login field for login form.
Now the auto login concept will only work if we
select the auto login field on a initial login.
Changed:
U z3c.authentication/trunk/src/z3c/authentication/cookie/interfaces.py
U z3c.authentication/trunk/src/z3c/authentication/cookie/plugin.py
U z3c.authentication/trunk/src/z3c/authentication/cookie/testing.py
-=-
Modified: z3c.authentication/trunk/src/z3c/authentication/cookie/interfaces.py
===================================================================
--- z3c.authentication/trunk/src/z3c/authentication/cookie/interfaces.py 2006-11-03 17:15:59 UTC (rev 71043)
+++ z3c.authentication/trunk/src/z3c/authentication/cookie/interfaces.py 2006-11-03 17:18:51 UTC (rev 71044)
@@ -39,7 +39,12 @@
min=0,
)
+ autologin = zope.schema.Bool(
+ title=u'Autologin',
+ description=u"Auto login via cookie if set to true.",
+ default=False)
+
class ICookieCredentialsPlugin(interfaces.ICredentialsPlugin,
session.IBrowserFormChallenger):
"""A cookie credential plugin."""
Modified: z3c.authentication/trunk/src/z3c/authentication/cookie/plugin.py
===================================================================
--- z3c.authentication/trunk/src/z3c/authentication/cookie/plugin.py 2006-11-03 17:15:59 UTC (rev 71043)
+++ z3c.authentication/trunk/src/z3c/authentication/cookie/plugin.py 2006-11-03 17:18:51 UTC (rev 71044)
@@ -30,7 +30,6 @@
from z3c.authentication.cookie import interfaces
-# TODO; rename to CookieSessionCredential
class CookieCredentials(persistent.Persistent, Contained):
"""Credentials class for use with sessions.
@@ -91,16 +90,35 @@
We must explicitly provide credentials once so the plugin can store
them in a session:
- >>> request = TestRequest(login='scott', password='tiger')
+ >>> request = TestRequest(login='scott', password='tiger', autologin='on')
>>> plugin.extractCredentials(request)
{'login': 'scott', 'password': 'tiger'}
+ Check if we get the initial login session flag:
+
+ >>> session = ISession(request)
+ >>> sessionData = session[interfaces.SESSION_KEY]
+ >>> sessionData.get('initialLogin', False)
+ True
+
Subsequent requests now have access to the credentials even if they're
not explicitly in the request:
>>> plugin.extractCredentials(TestRequest())
{'login': 'scott', 'password': 'tiger'}
+ See if the initial login session is still there:
+
+ >>> sessionData.get('initialLogin', False)
+ True
+
+ The initial login session didn't get set because we didn't use the
+ autologin field. Let's try use the autologin field and check the session.
+
+ >>> request = TestRequest(login='scott', password='tiger', autologin='on')
+ >>> sessionData.get('initialLogin', False)
+ True
+
We can always provide new credentials explicitly in the request:
>>> plugin.extractCredentials(TestRequest(
@@ -111,7 +129,7 @@
>>> plugin.extractCredentials(TestRequest())
{'login': 'harry', 'password': 'hirsch'}
-
+
We can also change the fields from which the credentials are extracted:
>>> plugin.loginfield = "my_new_login_field"
@@ -119,7 +137,8 @@
Now we build a request that uses the new fields:
- >>> request = TestRequest(my_new_login_field='luke', my_new_password_field='the_force')
+ >>> request = TestRequest(my_new_login_field='luke',
+ ... my_new_password_field='the_force')
The plugin now extracts the credentials information from these new fields:
@@ -133,12 +152,18 @@
>>> print plugin.extractCredentials(TestRequest())
None
+ After a logout the initial login session flag must be disabled:
+
+ >>> sessionData.get('initialLogin', False)
+ False
+
"""
zope.interface.implements(interfaces.ICookieCredentialsPlugin)
loginpagename = 'loginForm.html'
loginfield = 'login'
passwordfield = 'password'
+ autologinfield = 'autologin'
def extractCredentials(self, request):
"""Extracts credentials from a session if they exist."""
@@ -148,19 +173,50 @@
sessionData = session.get(interfaces.SESSION_KEY)
login = request.get(self.loginfield, None)
password = request.get(self.passwordfield, None)
+ autologin = request.get(self.autologinfield, None)
credentials = None
+ initialLogin = False
if login and password:
credentials = CookieCredentials(login, password)
+ # first or relogin login
+ if autologin:
+ credentials.autologin = True
+ else:
+ credentials.autologin = False
+ initialLogin = True
elif not sessionData:
+ # go away if no available session and no login try
return None
+ # not first access on portal
sessionData = session[interfaces.SESSION_KEY]
if credentials:
+ # first login or relogin
sessionData['credentials'] = credentials
else:
+ # already logged in or not
credentials = sessionData.get('credentials', None)
if not credentials:
+ # not already logged in
return None
+
+ if initialLogin:
+ # set a marker for the initial login in the session
+ sessionData['initialLogin'] = True
+ # and do login
+ return self.__doLogin(credentials)
+
+ # all below this is a ongoing login or a autologin
+ initialLoginSession = sessionData.get('initialLogin', False)
+ if credentials.autologin == False and not initialLoginSession:
+ # do not login if autologin is disabled and first login session
+ # is not set.
+ return None
+
+ # ongoing login or active autologin
+ return self.__doLogin(credentials)
+
+ def __doLogin(self, credentials):
return {'login': credentials.getLogin(),
'password': credentials.getPassword()}
@@ -171,5 +227,6 @@
sessionData = ISession(request)[interfaces.SESSION_KEY]
sessionData['credentials'] = None
+ sessionData['initialLogin'] = False
transaction.commit()
return True
Modified: z3c.authentication/trunk/src/z3c/authentication/cookie/testing.py
===================================================================
--- z3c.authentication/trunk/src/z3c/authentication/cookie/testing.py 2006-11-03 17:15:59 UTC (rev 71043)
+++ z3c.authentication/trunk/src/z3c/authentication/cookie/testing.py 2006-11-03 17:18:51 UTC (rev 71044)
@@ -146,7 +146,8 @@
defaultSDC = PersistentSessionDataContainer()
ztapi.provideUtility(ISessionDataContainer, defaultSDC, '')
cookieSDC = CookieCredentialSessionDataContainer()
- ztapi.provideUtility(ISessionDataContainer, cookieSDC, interfaces.SESSION_KEY)
+ ztapi.provideUtility(ISessionDataContainer, cookieSDC,
+ interfaces.SESSION_KEY)
def FunctionalDocFileSuite(path, **kw):
More information about the Checkins
mailing list