added basic auth middleware into the stack, so if no authentication is provided,...

author Scott Torborg <scott@crookedmedia.com>

Mon, 9 Nov 2009 00:42:03 +0000 (16:42 -0800)

committer Scott Torborg <scott@crookedmedia.com>

Mon, 9 Nov 2009 00:42:03 +0000 (16:42 -0800)
author Scott Torborg <scott@crookedmedia.com>
Mon, 9 Nov 2009 00:42:03 +0000 (16:42 -0800)
committer Scott Torborg <scott@crookedmedia.com>
Mon, 9 Nov 2009 00:42:03 +0000 (16:42 -0800)
diff --git a/bluechips/config/middleware.py b/bluechips/config/middleware.py

index c30f8e748607ebe49c762906322c1438ad21b4ba..9ce8dc94f678cee5a2680017e45cb83d65dd20ee 100644 (file)
--- a/bluechips/config/middleware.py
+++ b/bluechips/config/middleware.py
@@ -3,6 +3,7 @@ from beaker.middleware import CacheMiddleware, SessionMiddleware
  from paste.cascade import Cascade
  from paste.registry import RegistryManager
  from paste.urlparser import StaticURLParser
+from paste.auth.basic import AuthBasicHandler
  from paste.deploy.converters import asbool
  from pylons import config
  from pylons.middleware import ErrorHandler, StatusCodeRedirect
@@ -13,7 +14,8 @@ import authkit.authorize
  
  from bluechips.config.environment import load_environment
  
-from bluechips.lib.permissions import BlueChipUser, DummyAuthenticate
+from bluechips.lib.permissions import (BlueChipUser, DummyAuthenticate,
+                                       authenticate)
  
  def make_app(global_conf, full_stack=True, **app_conf):
      """Create a Pylons WSGI application and return it
@@ -66,4 +68,5 @@ def make_app(global_conf, full_stack=True, **app_conf):
      # server is handling this static content, remove the following 3 lines)
      static_app = StaticURLParser(config['pylons.paths']['static_files'])
      app = Cascade([static_app, app])
+    app = AuthBasicHandler(app, 'BlueChips', authenticate)
      return app
diff --git a/bluechips/lib/permissions.py b/bluechips/lib/permissions.py

index 4a30fdc3e0c66b59ab27bc7b866aa1b6eb276ca4..75429eae20d9024dd973a3a5598fa7d1caab40f7 100644 (file)
--- a/bluechips/lib/permissions.py
+++ b/bluechips/lib/permissions.py
@@ -33,4 +33,11 @@ class DummyAuthenticate(AddDictToEnviron):
              newenv['REMOTE_USER'] = app_conf['fake_username']
          super(DummyAuthenticate, self).__init__(app, newenv)
  
-__all__ = ['BlueChipUser', 'DummyAuthenticate']
+
+def authenticate(environ, username, password):
+    user = meta.Session.query(model.User).\
+            filter_by(username=unicode(username),
+                      password=unicode(password)).first()
+    return (user is not None)
+
+__all__ = ['BlueChipUser', 'DummyAuthenticate', 'authenticate']
diff --git a/bluechips/model/__init__.py b/bluechips/model/__init__.py

index 8efaec6ae9abcdcfaeea8cfcab585797c0cfbaac..bb3b2d9caa4689b390e1a5a05891f4afaf9e83f7 100644 (file)
--- a/bluechips/model/__init__.py
+++ b/bluechips/model/__init__.py
@@ -28,7 +28,8 @@ users = sa.Table('users', meta.metadata,
                   sa.Column('username', sa.types.Unicode(32), nullable=False),
                   sa.Column('name', sa.types.Unicode(64)),
                   sa.Column('resident', sa.types.Boolean, default=True),
-                 sa.Column('email', sa.types.Unicode(64))
+                 sa.Column('email', sa.types.Unicode(64)),
+                 sa.Column('password', sa.types.Unicode(64)),
                   )
  
  expenditures = sa.Table('expenditures', meta.metadata,
author	Scott Torborg <scott@crookedmedia.com>
	Mon, 9 Nov 2009 00:42:03 +0000 (16:42 -0800)
committer	Scott Torborg <scott@crookedmedia.com>
	Mon, 9 Nov 2009 00:42:03 +0000 (16:42 -0800)
bluechips/config/middleware.py		patch \| blob \| history
bluechips/lib/permissions.py		patch \| blob \| history
bluechips/model/__init__.py		patch \| blob \| history