source: mauRepo/dj_security_middleware/trunk/dj_security_middleware/__init__.py @ 8797

Subversion URL: http://proj.badc.rl.ac.uk/svn/ndg/mauRepo/dj_security_middleware/trunk/dj_security_middleware/__init__.py@8797
Revision 8797, 2.4 KB checked in by mnagni, 6 years ago (diff)

Incomplete - # 22802: [CEDA Site Python Port] Login - no message is displayed when the user enters the wrong password
 http://team.ceda.ac.uk/trac/ceda/ticket/22802

  • Property svn:mime-type set to text/plain
Line 
1__version__ = '0.0.12'
2
3from django.conf import settings
4from paste.auth.auth_tkt import AuthTicket
5import logging
6import socket
7import urlparse
8
9# Get an instance of a logger
10LOGGER = logging.getLogger(__name__)
11
12def auth_tkt_name():
13    return getattr(settings, 'AUTH_TKT_NAME', 'auth_tkt')
14
15def cookie_domain():
16    return getattr(settings, 'COOKIE_DOMAIN', '.rl.ac.uk')
17
18def reset_password():
19    return getattr(settings, 'CC_RESET_PASSWORD', [])
20
21def redirect_field_name():
22    return getattr(settings, 'REDIRECT_FIELD_NAME', 'r')
23
24def token_field_name():
25    return getattr(settings, 'TOKEN_FIELD_NAME', 't')
26
27def security_filter():
28    return getattr(settings, 'DJ_SECURITY_FILTER', [])
29
30def shared_secret():
31    return getattr(settings, 'SECURITY_SHAREDSECRET', 'sharedsecret')
32
33def _calculate_remote_ip(url_path):   
34    remote_url = urlparse.urlparse(url_path)
35    LOGGER.debug("calculating remote_ip for %s" % (str(remote_url)))
36    port = 80
37    host = None
38    if remote_url.netloc:
39        host = remote_url.netloc
40    elif remote_url.path:
41        host = remote_url.path
42       
43    if not host:
44        return None
45   
46    if ':' in host:
47        host, port = host.split(':')
48    addrinfo = socket.getaddrinfo(host, int(port))
49    LOGGER.debug("%s has remote_ip %s" % (url_path, addrinfo[0][-1][0]))
50    for remote_url in addrinfo:
51        if not remote_url[-1][0].startswith('127'):
52            return remote_url[-1][0]
53    return None
54
55def _get_host_ip():
56    if getattr(settings, 'DJ_MIDDLEWARE_IP', None):
57        return settings.DJ_MIDDLEWARE_IP
58       
59    return _calculate_remote_ip(socket.getfqdn())
60
61def generate_auth_cookie(user, response, remote_ip = _get_host_ip()):
62    token = AuthTicket(
63            getattr(settings, 'SHARED_SECRET', 'sharedsecret'),
64            user.accountid,
65            remote_ip,
66            user_data = '{"userkey": "%s", "accountid": "%s"}'
67            % (user.userkey, getattr("user", "accountid", "NotAssigned")))               
68    LOGGER.info("Created authTicket for %s from %s" % (user.accountid, remote_ip))
69    idomain = getattr(settings, 'COOKIE_DOMAIN', None)
70    response.set_cookie(auth_tkt_name(),
71                        token.cookie_value(),
72                        domain = idomain)
73    LOGGER.debug("Set authTicket in response for %s from %s to domain %s"
74                 % (user.accountid, remote_ip, idomain))
75    return response
Note: See TracBrowser for help on using the repository browser.