import logginglog = logging.getLogger(__name__)from functools import wrapsfr

1. import logging
2. log = logging.getLogger(__name__)
3.  
4. from functools import wraps
5. from flask import session, request, g
6.  
7. from flaskext.principal import Principal as RealPrincipal, identity_loaded, Identity, AnonymousIdentity
8.  
9. __all__ = ['Principal']
10.  
11. class UserIdentity(Identity):
12. def __init__(self, user, auth_type=''):
13. super(UserIdentity, self).__init__(user.id, auth_type=auth_type)
14. self.user = user
15.  
16. @property
17. def id(self):
18. return self.name
19.  
20. def wrap_identity(f):
21. @wraps(f)
22. def decorate(*args, **kwargs):
23. result = f(*args, **kwargs)
24. user, auth_type = result or (None, None)
25. if user is not None:
26. return UserIdentity(user, auth_type)
27. return decorate
28.  
29. class Principal(RealPrincipal):
30. def __init__(self, app=None):
31. super(Principal, self).__init__(use_sessions=False)
32. if app is not None:
33. self.init_app(app)
34.  
35. self.get_user_by_id = lambda id: None
36. self.get_user_by_login = lambda login, password: None
37.  
38. def init_app(self, app):
39. self._init_app(app)
40.  
41. self.lowercase_login = app.config.get('AUTHENTIFIER_LOWERCASE_LOGIN', False)
42. loaders = app.config.get('AUTHENTIFIER_AUTH_TYPES', ['form', 'http-basic', 'session'])
43.  
44. if 'form' in loaders:
45. self.login_paths = app.config['AUTHENTIFIER_LOGIN_PATHS']
46. self.identity_loader(self.authenticate_form)
47.  
48. if 'http-basic' in loaders:
49. self.identity_loader(self.authenticate_http_basic)
50.  
51. if 'session' in loaders:
52. self.identity_loader(self.authenticate_session)
53. self.identity_saver(self.remember_session)
54.  
55. app.before_request(lambda: self.ensure_user(g.identity))
56. identity_loaded.connect_via(app)(lambda app, identity: self.ensure_user(identity))
57.  
58. # Decorators
59. def user_by_id(self, f):
60. self.get_user_by_id = f
61. return f
62.  
63. def user_by_login(self, f):
64. self.get_user_by_login = f
65. return f
66.  
67. # Public API
68. def logout(self):
69. self.set_identity(AnonymousIdentity())
70.  
71. def login(self, user):
72. self.set_identity(UserIdentity(user, 'manual'))
73.  
74. # Helpers for events
75. @wrap_identity
76. def authenticate_form(self):
77. if request.path in self.login_paths and request.method == 'POST':
78. login, password = request.form.get('login', u''), request.form.get('password', u'')
79.  
80. if self.lowercase_login:
81. login = login.lower()
82.  
83. if login:
84. return (self.get_user_by_login(login, password), 'form')
85.  
86. @wrap_identity
87. def authenticate_http_basic(self):
88. a = request.authorization
89. if a and a['username']:
90. return (self.get_user_by_login(a['username'], a['password']), 'http-basic')
91.  
92. @wrap_identity
93. def authenticate_session(self):
94. uid = session.get('uid')
95. if uid:
96. return (self.get_user_by_id(uid), 'session')
97.  
98. def remember_session(self, identity):
99. if not isinstance(identity, AnonymousIdentity):
100. session['uid'] = identity.id
101. elif 'uid' in session:
102. del session['uid']
103. session.modified = True
104.  
105. def ensure_user(self, identity):
106. g.user = getattr(identity, 'user', None)