[Zope-CVS] CVS: Products/PluggableAuthService/plugins - CookieAuthHelper.py:1.10 SessionAuthHelper.py:1.4

[Jens Vagelpohl]

Update of /cvs-repository/Products/PluggableAuthService/plugins
In directory cvs.zope.org:/tmp/cvs-serv2643/plugins

Modified Files:
	CookieAuthHelper.py SessionAuthHelper.py 
Log Message:
- Enabled the usage of the CookieAuthHelper login screen functionality
  without actually using the CookieAuthHelper to maintain the
  credentials store in its own auth cookie by ensuring that only
  active updateCredentials plugins are informed about a successful
  login so they can store the credentials.


=== Products/PluggableAuthService/plugins/CookieAuthHelper.py 1.9 => 1.10 ===
--- Products/PluggableAuthService/plugins/CookieAuthHelper.py:1.9	Tue Nov 16 13:17:23 2004
+++ Products/PluggableAuthService/plugins/CookieAuthHelper.py	Sat Nov 20 13:44:13 2004
@@ -207,7 +207,17 @@
         login = request.get('__ac_name', '')
         password = request.get('__ac_password', '')
 
-        self.updateCredentials(request, response, login, password)
+        # In order to use the CookieAuthHelper for its nice login page
+        # facility but store and manage credentials somewhere else we need
+        # to make sure that upon login only plugins activated as
+        # IUpdateCredentialPlugins get their updateCredentials method
+        # called. If the method is called on the CookieAuthHelper it will
+        # simply set its own auth cookie, to the exclusion of any other
+        # plugins that might want to store the credentials.
+        pas_instance = self._getPAS()
+
+        if pas_instance is not None:
+            pas_instance.updateCredentials(request, response, login, password)
 
         came_from = request.form['came_from']
 


=== Products/PluggableAuthService/plugins/SessionAuthHelper.py 1.3 => 1.4 ===
--- Products/PluggableAuthService/plugins/SessionAuthHelper.py:1.3	Thu Aug 12 11:15:54 2004
+++ Products/PluggableAuthService/plugins/SessionAuthHelper.py	Sat Nov 20 13:44:13 2004
@@ -95,10 +95,8 @@
     security.declarePrivate('updateCredentials')
     def updateCredentials(self, request, response, login, new_password):
         """ Respond to change of credentials. """
-        name = request.SESSION.get('__ac_name', '')
-
-        if name:
-            request.SESSION.set('__ac_password', new_password)
+        request.SESSION.set('__ac_name', login)
+        request.SESSION.set('__ac_password', new_password)
         
     security.declarePrivate('resetCredentials')
     def resetCredentials(self, request, response):