1 # GNU MediaGoblin -- federated, autonomous media hosting
2 # Copyright (C) 2011, 2012 MediaGoblin contributors. See AUTHORS.
4 # This program is free software: you can redistribute it and/or modify
5 # it under the terms of the GNU Affero General Public License as published by
6 # the Free Software Foundation, either version 3 of the License, or
7 # (at your option) any later version.
9 # This program is distributed in the hope that it will be useful,
10 # but WITHOUT ANY WARRANTY; without even the implied warranty of
11 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
12 # GNU Affero General Public License for more details.
14 # You should have received a copy of the GNU Affero General Public License
15 # along with this program. If not, see <http://www.gnu.org/licenses/>.
18 from mediagoblin
.plugins
.basic_auth
import forms
as auth_forms
19 from mediagoblin
.plugins
.basic_auth
import lib
as auth_lib
20 from mediagoblin
.db
.models
import User
21 from mediagoblin
.tools
import pluginapi
22 from sqlalchemy
import or_
26 config
= pluginapi
.get_config('mediagoblin.pluginapi.basic_auth')
29 def check_login(user
, password
):
31 result
= auth_lib
.bcrypt_check_password(password
, user
.pw_hash
)
38 if 'username' in form
.data
:
39 username
= form
.username
.data
40 user
= User
.query
.filter(
42 User
.username
== username
,
43 User
.email
== username
,
48 def create_user(registration_form
):
49 user
= get_user(registration_form
)
50 if not user
and 'password' in registration_form
:
52 user
.username
= registration_form
.username
.data
53 user
.email
= registration_form
.email
.data
54 user
.pw_hash
= auth_lib
.bcrypt_gen_password_hash(
55 registration_form
.password
.data
)
56 user
.verification_key
= unicode(uuid
.uuid4())
61 def get_login_form(request
):
62 return auth_forms
.LoginForm(request
.form
)
65 def get_registration_form(request
):
66 return auth_forms
.RegistrationForm(request
.form
)
69 def gen_password_hash(raw_pass
, extra_salt
):
70 return auth_lib
.bcrypt_gen_password_hash(raw_pass
, extra_salt
)
73 def check_password(raw_pass
, stored_hash
, extra_salt
):
74 return auth_lib
.bcrypt_check_password(raw_pass
, stored_hash
, extra_salt
)
81 def append_to_global_context(context
):
82 context
['pass_auth'] = True
86 def add_to_form_context(context
):
87 context
['pass_auth_link'] = True
92 'setup': setup_plugin
,
93 'authentication': auth
,
94 'auth_check_login': check_login
,
95 'auth_get_user': get_user
,
96 'auth_create_user': create_user
,
97 'auth_get_login_form': get_login_form
,
98 'auth_get_registration_form': get_registration_form
,
99 'auth_gen_password_hash': gen_password_hash
,
100 'auth_check_password': check_password
,
101 'auth_fake_login_attempt': auth_lib
.fake_login_attempt
,
102 'template_global_context': append_to_global_context
,
103 ('mediagoblin.plugins.openid.register',
104 'mediagoblin/auth/register.html'): add_to_form_context
,
105 ('mediagoblin.plugins.openid.login',
106 'mediagoblin/auth/login.html'): add_to_form_context
,