diff options
| author | Rodney Ewing <ewing.rj@gmail.com> | 2013-05-27 08:25:22 -0700 |
|---|---|---|
| committer | Rodney Ewing <ewing.rj@gmail.com> | 2013-05-27 08:25:22 -0700 |
| commit | bcd10ad6633d90b5feae4f5dec8cf5d5754d51b5 (patch) | |
| tree | 23dce33e5deaf33340f25d816ec309e39560d305 /mediagoblin/plugins | |
| parent | f339b76a4ee04571bd0a94d20a5d53d7f3d8d235 (diff) | |
| parent | 1d321f1c7158f3bd263d64ae703311e8d8e2a22a (diff) | |
| download | mediagoblin-bcd10ad6633d90b5feae4f5dec8cf5d5754d51b5.tar.lz mediagoblin-bcd10ad6633d90b5feae4f5dec8cf5d5754d51b5.tar.xz mediagoblin-bcd10ad6633d90b5feae4f5dec8cf5d5754d51b5.zip | |
Merge branch 'pre-auth' into basic_auth
Conflicts:
mediagoblin/auth/tools.py
mediagoblin/auth/views.py
mediagoblin/db/migrations.py
mediagoblin/plugins/basic_auth/lib.py
mediagoblin/plugins/httpapiauth/__init__.py
mediagoblin/plugins/piwigo/views.py
Diffstat (limited to 'mediagoblin/plugins')
| -rw-r--r-- | mediagoblin/plugins/httpapiauth/__init__.py | 8 | ||||
| -rw-r--r-- | mediagoblin/plugins/piwigo/views.py | 11 |
2 files changed, 6 insertions, 13 deletions
diff --git a/mediagoblin/plugins/httpapiauth/__init__.py b/mediagoblin/plugins/httpapiauth/__init__.py index 09c99080..2b2d593c 100644 --- a/mediagoblin/plugins/httpapiauth/__init__.py +++ b/mediagoblin/plugins/httpapiauth/__init__.py @@ -18,8 +18,8 @@ import logging from werkzeug.exceptions import Unauthorized +from mediagoblin.auth.tools import check_login_simple from mediagoblin.plugins.api.tools import Auth -from mediagoblin.auth import check_login _log = logging.getLogger(__name__) @@ -40,10 +40,10 @@ class HTTPAuth(Auth): if not request.authorization: return False - user = request.db.User.query.filter_by( - username=unicode(request.authorization['username'])).first() + user = check_login_simple(unicode(request.authorization['username']), + request.authorization['password']) - if check_login(user, request.authorization['password']): + if user: request.user = user return True else: diff --git a/mediagoblin/plugins/piwigo/views.py b/mediagoblin/plugins/piwigo/views.py index 705cdd49..ca723189 100644 --- a/mediagoblin/plugins/piwigo/views.py +++ b/mediagoblin/plugins/piwigo/views.py @@ -23,6 +23,7 @@ from werkzeug.exceptions import MethodNotAllowed, BadRequest, NotImplemented from werkzeug.wrappers import BaseResponse from mediagoblin.meddleware.csrf import csrf_exempt +from mediagoblin.auth.tools import check_login_simple from mediagoblin.media_types import sniff_media from mediagoblin.submit.lib import check_file_field, prepare_queue_task, \ run_process_media, new_upload_entry @@ -32,8 +33,6 @@ from mediagoblin.db.models import Collection from .tools import CmdTable, response_xml, check_form, \ PWGSession, PwgNamedArray, PwgError -from mediagoblin.plugins.basic_auth.lib import fake_login_attempt -from mediagoblin.auth import check_login from .forms import AddSimpleForm, AddForm @@ -44,15 +43,9 @@ _log = logging.getLogger(__name__) def pwg_login(request): username = request.form.get("username") password = request.form.get("password") - user = request.db.User.query.filter_by(username=username).first() + user = check_login_simple(username, password) if not user: - _log.info("User %r not found", username) - fake_login_attempt() return PwgError(999, 'Invalid username/password') - if not check_login(user, password): - _log.warn("Wrong password for %r", username) - return PwgError(999, 'Invalid username/password') - _log.info("Logging %r in", username) request.session["user_id"] = user.id request.session.save() return True |