source: TI12-security/trunk/NDGSecurity/python/ndg_security_server/ndg/security/server/utils/pylons_ext.py @ 7077

Subversion URL: http://proj.badc.rl.ac.uk/svn/ndg/TI12-security/trunk/NDGSecurity/python/ndg_security_server/ndg/security/server/utils/pylons_ext.py@7077
Revision 7077, 3.2 KB checked in by pjkersha, 9 years ago (diff)
  • Property svn:keywords set to Id
Line 
1"""NDG Security server package Pylons extensions module
2
3NERC DataGrid Project
4"""
5__author__ = "P J Kershaw"
6__date__ = "18/05/10"
7__copyright__ = "(C) 2010 Science and Technology Facilities Council"
8__license__ = "BSD - see LICENSE file in top-level directory"
9__contact__ = "Philip.Kershaw@stfc.ac.uk"
10__revision__ = '$Id$'
11import logging
12log = logging.getLogger(__name__)
13
14import httplib
15
16from pylons import request
17from pylons.controllers.util import abort, redirect
18
19
20class AuthenticationDecorators(object):
21    """Login and logout decorators for Pylons controllers
22   
23    e.g.
24   
25    class MyController(BaseController):
26        @PylonsExtensions.login
27        def action1(self):
28            return render('/loggedin.mako')
29           
30        @PylonsExtensions.logout
31        def action2(self):
32            '''Logout decorator redirects the caller to the referrer.  The
33            content of this method is not invoked
34            '''
35    """
36    USER_ENVIRON_KEYNAME = 'REMOTE_USER'
37    AUTHKIT_CFG_ENVIRON_KEYNAME = 'authkit.config'
38    AUTHKIT_CFG_COOKIE_SIGNOUTPATH_ENVIRON_KEYNAME = 'cookie.signoutpath'
39   
40    @classmethod
41    def login(cls, action):
42        '''Decorator to invoke login
43       
44        @param action: decorated controller action method
45        @type action: instancemethod
46        @return: wrapper function wrapping the input controller action and
47        invoking login
48        @rtype: function
49        '''
50        def loginWrapper(obj):
51            '''Wrapper to the input action invokes login middleware if no
52            username key is set in environ
53           
54            @param obj: controller object
55            @type obj: BaseController
56            @return: controller action response
57            @rtype: list/iterator/string
58            '''
59            if cls.USER_ENVIRON_KEYNAME not in request.environ:
60                abort(httplib.UNAUTHORIZED)
61               
62            return action(obj)
63   
64        return loginWrapper
65   
66    @classmethod
67    def logout(cls, action):
68        '''Decorator to logout user
69       
70        @param action: decorated controller action method
71        @type action: instancemethod
72        @return: wrapper function wrapping the input controller action and
73        invoking logout
74        @rtype: function
75        '''
76       
77        def logoutWrapper(obj):
78            '''Wrapper to input action invokes logout middleware.  This is
79            based on AuthKit
80           
81            @param obj: controller object
82            @type obj: BaseController
83            @return: controller action response
84            @rtype: list/iterator/string
85            '''
86            authKitConfig = request.environ.get(cls.AUTHKIT_CFG_ENVIRON_KEYNAME,
87                                                {})
88            signoutPath = authKitConfig.get(
89                            cls.AUTHKIT_CFG_COOKIE_SIGNOUTPATH_ENVIRON_KEYNAME)
90            if signoutPath is not None:
91                redirect(signoutPath)
92            else:
93                log.error("No AuthKit environ[%r][%r] key found.  Unable to "
94                          "complete logout", cls.AUTHKIT_CFG_ENVIRON_KEYNAME,
95                          cls.AUTHKIT_CFG_COOKIE_SIGNOUTPATH_ENVIRON_KEYNAME)
96       
97        return logoutWrapper
Note: See TracBrowser for help on using the repository browser.