X-Git-Url: http://git.cascardo.info/?p=cascardo%2Fipsilon.git;a=blobdiff_plain;f=ipsilon%2Flogin%2Fauthpam.py;h=1eb697b7d8fcfeed3431d9f004a34f11507ec46d;hp=ce60f39a37ffccda6fc766b1d304802c6aaf1303;hb=1d7df9dbac43b63424ee07ebfb86c6a106dcb43c;hpb=26af9d1958608fb0237e2d1dd8b1b15d8cb862b7 diff --git a/ipsilon/login/authpam.py b/ipsilon/login/authpam.py index ce60f39..1eb697b 100755 --- a/ipsilon/login/authpam.py +++ b/ipsilon/login/authpam.py @@ -38,36 +38,58 @@ class Pam(LoginPageBase): return None def GET(self, *args, **kwargs): - return self._template('login/pam.html', title='Login', - action='%s/login/pam' % self.basepath, - service_name=self.lm.service_name, - username_text=self.lm.username_text, - password_text=self.lm.password_text) + context = self.create_tmpl_context() + # pylint: disable=star-args + return self._template('login/pam.html', **context) def POST(self, *args, **kwargs): - username = None - password = None + username = kwargs.get("login_name") + password = kwargs.get("login_password") user = None - for key, value in kwargs.iteritems(): - if key == 'login_name': - username = value - elif key == 'login_password': - password = value - if username is not None and password is not None: - user = self._authenticate(username, password) - else: - cherrypy.log.error("Error: Username or password is missing") + error = None - if user: - return self.lm.auth_successful(user) + if username and password: + user = self._authenticate(username, password) + if user: + return self.lm.auth_successful(user) + else: + error = "Authentication failed" + cherrypy.log.error(error) else: - return self.lm.auth_failed() + error = "Username or password is missing" + cherrypy.log.error("Error: " + error) + + context = self.create_tmpl_context( + username=username, + error=error, + error_password=not password, + error_username=not username + ) + # pylint: disable=star-args + return self._template('login/pam.html', **context) def root(self, *args, **kwargs): op = getattr(self, cherrypy.request.method, self.GET) if callable(op): return op(*args, **kwargs) + def create_tmpl_context(self, **kwargs): + next_url = None + if self.lm.next_login is not None: + next_url = self.lm.next_login.path + + context = { + "title": 'Login', + "action": '%s/login/pam' % self.basepath, + "service_name": self.lm.service_name, + "username_text": self.lm.username_text, + "password_text": self.lm.password_text, + "description": self.lm.help_text, + "next_url": next_url, + } + context.update(kwargs) + return context + class LoginManager(LoginManagerBase): @@ -85,6 +107,11 @@ for authentication. """ 'string', 'remote' ], + 'help text': [ + """ The text shown to guide the user at login time. """, + 'string', + 'Insert your Username and Password and then submit.' + ], 'username text': [ """ The text shown to ask for the username in the form. """, 'string', @@ -101,6 +128,10 @@ for authentication. """ def service_name(self): return self.get_config_value('service name') + @property + def help_text(self): + return self.get_config_value('help text') + @property def username_text(self): return self.get_config_value('username text') @@ -112,3 +143,24 @@ for authentication. """ def get_tree(self, site): self.page = Pam(site, self) return self.page + + +class Installer(object): + + def __init__(self): + self.name = 'pam' + self.ptype = 'login' + + def install_args(self, group): + group.add_argument('--pam', choices=['yes', 'no'], default='no', + help='Configure PAM authentication') + group.add_argument('--pam-service', action='store', default='remote', + help='PAM service name to use for authentication') + + def configure(self, opts): + if opts['pam'] != 'yes': + return + + if opts['pam_service'] != 'remote': + #TODO: add service_name in the database + return