[Grok-dev] grok 1.2 and session based auth.
Shrek Zhou
zgwmike at gmail.com
Wed Nov 3 21:49:12 EDT 2010
To Christian,
I can not found groupfolder.zcml in that folder under *
.buildout/eggs/zope.pluggableauth-1.0.3-py2.6.egg/zope/pluggableauth/plugins/
*
i think you have to include zope.pluggableauth and this zcml-snippet:
<include package="zope.pluggableauth.plugins" file="groupfolder.zcml" />
Maybe you can report if it works for you.
Christian
On Thu, Nov 4, 2010 at 9:30 AM, Shrek Zhou <zgwmike at gmail.com> wrote:
> Hi, Jerrfey,
> I did that before I sent the mail. and I noticed that,
> in .buildout/eggs/zope.app.publication-3.12.0-py2.6.egg/zope/app/publication/zopepublication.py(89),
> the following func is called, which just get IAuthentication Utility from
> global site manager.
>
> def beforeTraversal(self, request):
> notify(StartRequestEvent(request))
> # Try to authenticate against the root authentication utility.
> auth = zope.component.getGlobalSiteManager().getUtility(
> zope.authentication.interfaces.IAuthentication)
> principal = auth.authenticate(request)
> if principal is None:
> principal = auth.unauthenticatedPrincipal()
> if principal is None:
> # Get the fallback unauthenticated principal
> principal = zope.component.getUtility(
> IFallbackUnauthenticatedPrincipal)
>
> request.setPrincipal(principal)
> newInteraction(request)
> transaction.begin()
> ps:
>
> *And code snippet of app.py*
> class Bada(grok.Application, grok.Container):
> grok.implements(IBada)
> grok.local_utility(auth.UserAuthenticatorPlugin,
> provides=IAuthenticatorPlugin,
> name='users')
> grok.local_utility(PluggableAuthentication,provides=IAuthentication,
> setup=auth.setup_authentication,
> )
> *And code snippet of auth.py*
> def setup_authentication(pau):
> pau.credentialsPlugins=['credentials']
> pau.authenticatorPlugins=['users']
>
> class Account(grok.Model):
> def __init__(self,name,password,real_name,role):
> self.name=name
> self.real_name=real_name
> self.role=role
> self.setPassword(password)
> def setPassword(self,password):
> passwordManager=getUtility(IPasswordManager,'SHA1')
> self.password=passwordManager.encodePassword(password)
> def checkPassword(self,password):
> passwordManager=getUtility(IPasswordManager,'SHA1')
> return passwordManager.checkPassword(self.password,password)
> class UserFolder(grok.Container):
> pass
> class
> MySessionCredentialsPlugin(grok.GlobalUtility,SessionCredentialsPlugin):
> grok.provides(ICredentialsPlugin)
> grok.name("credentials")
>
> loginpagename="login"
> loginfield='login'
> passwordfield='password'
>
> class PrincipalInfo(object):
> grok.implements(IPrincipalInfo)
> def __init__(self,id,title,description):
> self.id=id
> self.title=title
> self.description=description
> self.credentialsPlugin=None
> self.authenticatorPlugin=None
> class UserAuthenticatorPlugin(grok.LocalUtility):
> grok.implements(IAuthenticatorPlugin)
> grok.name('users')
>
> def __init__(self):
> self.user_folder=UserFolder()
> def authenticateCredentials(self,credentials):
> if not isinstance(credentials,dict):
> return None
> if not ('login' in credentials and 'password' in credentials):
> return None
> account=self.getAccount(credentials['login'])
> if account is None:
> return None
> if not account.checkPassword(credentials['password']):
> return None
> return PrincipalInfo(id=account.name,
> title=account.real_name,
> description=account.real_name
> )
> def principalInfo(self,id):
> account=self.getAccount(id)
> if account is None:
> return None
> return PrincialInfo(id=account.name,
> title=account.real_name,
> description=account.real_name
> )
> def getAccount(self,login):
> return login in self.user_folder and self.user_folder[login] or
> None
> def addUser(self,username,password,real_name,role,**kwargw):
> import pdb;pdb.set_trace()
> if username not in self.user_folder:
> user=Account(username,password,real_name,role)
> self.user_folder[username]=user
> role_manager=IPrincipalRoleManager(grok.getSite())
> permission_manager=IPrincipalPermissionManager(grok.getSite())
> #TODO: do role or permission assigning here.
> permission_manager.grantPermissionToPrincipal('zope.View',
> user.name)
>
> class ILoginForm(Interface):
> login=schema.BytesLine(title=_(u'Username'),required=True)
> camefrom=schema.BytesLine(title=u'',required=False)
> password=schema.Password(title=_(u'Password'),required=True)
>
> class Login(megrok.layout.Form):
> grok.context(Interface)
> grok.require('zope.Public')
> label='Login'
> prefix=''
> form_fields=grok.Fields(ILoginForm)
>
> def setUpWidgets(self,ignore_request=False):
> super(Login,self).setUpWidgets(ignore_request)
> self.widgets['camefrom'].type='hidden'
> self.widgets['login'].cssClass='title'
> self.widgets['password'].cssClass='title'
>
> @grok.action('Login')
> def handle_login(self,**data):
> import pdb;pdb.set_trace()
>
> self.redirect(self.request.form.get('camefrom',self.url(grok.getSite())))
>
> class IAddUserForm(Interface):
> login=schema.BytesLine(title=_(u"Username"),required=True)
> password=schema.Password(title=_(u'Password'),required=True)
> confirm_password=schema.Password(title=_(u"Confirm password"),
> required=True)
> real_name=schema.TextLine(title=_(u'Real name'),required=True)
> role=schema.Choice(title=_(u'User role'),
> values=[_(u'Bada Member'),_(u'Bada Master
> Account')],
> required=True)
>
> class AddUserForm(megrok.layout.Form):
> grok.context(Interface)
> grok.require('zope.Public')
> label=_('Register')
> form_fields=grok.Fields(IAddUserForm)
> @grok.action(_(u'Register'))
> def handle_add(self,**data):
> users=getUtility(IAuthenticatorPlugin,'users')
>
> users.addUser(data['login'],data['password'],data['real_name'],data['role'])
> self.redirect(self.url(grok.getSite()))
>
> On Thu, Nov 4, 2010 at 1:49 AM, Jeffrey D Peterson <bgpete at gmail.com>wrote:
>
>> There is a bug, it’s been documented.
>>
>>
>>
>> You need to include zope.pluggableauth in your setup.py in
>> install_requires and rerun buildout. This will work around the bug.
>>
>>
>>
>> Hopefully that’s the issue, otherwise, we’ll have to look closer.
>>
>>
>>
>> --
>>
>> Jeffrey Peterson
>>
>> bgpete3 at gmail.com
>>
>>
>>
>> *From:* grok-dev-bounces at zope.org [mailto:grok-dev-bounces at zope.org] *On
>> Behalf Of *Shrek Zhou
>> *Sent:* Wednesday, November 03, 2010 12:01 PM
>> *To:* grok-dev at zope.org
>> *Subject:* [Grok-dev] grok 1.2 and session based auth.
>>
>>
>>
>> hi, grokkers,
>>
>>
>>
>> *My problem:*
>>
>> I can not use PluggableAuthenticationPlugin from zope.pluggableauth to do
>> a session based auth.
>>
>>
>>
>> *Steps I took:*
>>
>> 1. added the following lines to my gork.Application:
>>
>>
>>
>> grok.local_utility(auth.UserAuthenticatorPlugin,
>>
>> provides=IAuthenticatorPlugin,
>>
>> name='users')
>>
>> grok.local_utility(PluggableAuthentication,provides=IAuthentication,
>>
>> setup=auth.setup_authentication,
>>
>> )
>>
>>
>>
>> 2. created corresponding authenticatorPlugin and credentialsPlugin, and
>> add them to pau through setup_authentication.
>>
>>
>>
>> *Results*:
>>
>> The authentication utility is not called at all. only
>> princialRegistry(from zope.principalregistry which is a globalsite utility
>> that implements IAuthentication.) works.
>>
>>
>>
>> Expected:
>>
>> The local authentication utility should work and substitute the global
>> one.
>>
>>
>>
>> *How can I fix the above problem??*
>>
>>
>>
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mail.zope.org/pipermail/grok-dev/attachments/20101104/b33f1dfc/attachment.html
More information about the Grok-dev
mailing list