[CMF-checkins] CVS: Products/CMFCore - CookieCrumbler.py:1.29

Casey Duncan casey at zope.com
Wed Jul 14 15:41:32 EDT 2004 

Update of /cvs-repository/Products/CMFCore
In directory cvs.zope.org:/tmp/cvs-serv4312/CMFCore

Modified Files:
	CookieCrumbler.py 
Log Message:
Add support to log the cookie auth userid to the access log


=== Products/CMFCore/CookieCrumbler.py 1.28 => 1.29 ===
--- Products/CMFCore/CookieCrumbler.py:1.28	Wed Jul 14 14:09:57 2004
+++ Products/CMFCore/CookieCrumbler.py	Wed Jul 14 15:41:32 2004
@@ -78,6 +78,8 @@
                     'label':'Use cookie paths to limit scope'},
                    {'id':'cache_header_value', 'type': 'string', 'mode':'w',
                     'label':'Cache-Control header value'},
+                   {'id':'log_username', 'type':'boolean', 'mode': 'w',
+                    'label':'Log cookie auth username to access log'}
                    )
 
     auth_cookie = '__ac'
@@ -89,6 +91,7 @@
     logout_page = 'logged_out'
     local_cookie_path = 0
     cache_header_value = 'private'
+    log_username = 1
 
     security.declarePrivate('delRequestVar')
     def delRequestVar(self, req, name):
@@ -125,6 +128,23 @@
     security.declarePrivate('defaultExpireAuthCookie')
     def defaultExpireAuthCookie( self, resp, cookie_name ):
         resp.expireCookie( cookie_name, path=self.getCookiePath())
+    
+    def _setAuthHeader(self, ac, request, response):
+        """Set the auth headers for both the Zope and Medusa http request
+        objects.
+        """
+        request._auth = 'Basic %s' % ac
+        response._auth = 1
+        if self.log_username:
+            # Set the authorization header in the medusa http request
+            # so that the username can be logged to the Z2.log
+            try:
+                # Put the full-arm latex glove on now...
+                medusa_headers = response.stdout._request._header_cache
+            except AttributeError:
+                pass
+            else:
+                medusa_headers['authorization'] = request._auth
 
     security.declarePrivate('modifyRequest')
     def modifyRequest(self, req, resp):
@@ -157,8 +177,7 @@
                 name = req[self.name_cookie]
                 pw = req[self.pw_cookie]
                 ac = encodestring('%s:%s' % (name, pw)).rstrip()
-                req._auth = 'Basic %s' % ac
-                resp._auth = 1
+                self._setAuthHeader(ac, req, resp)
                 if req.get(self.persist_cookie, 0):
                     # Persist the user name (but not the pw or session)
                     expires = (DateTime() + 365).toZone('GMT').rfc822()
@@ -187,8 +206,7 @@
                         pass
                     else:
                         attempt = ATTEMPT_RESUME
-                        req._auth = 'Basic %s' % ac
-                        resp._auth = 1
+                        self._setAuthHeader(ac, req, resp)
                         self.delRequestVar(req, self.auth_cookie)
                         method = self.getCookieMethod(
                             'twiddleAuthCookie', None)

More information about the CMF-checkins mailing list