[Zope-CVS] CVS: Products/PluggableAuthService/plugins -
CookieAuthHelper.py:1.10 SessionAuthHelper.py:1.4
Jens Vagelpohl
jens at dataflake.org
Sat Nov 20 13:44:44 EST 2004
Update of /cvs-repository/Products/PluggableAuthService/plugins
In directory cvs.zope.org:/tmp/cvs-serv2643/plugins
Modified Files:
CookieAuthHelper.py SessionAuthHelper.py
Log Message:
- Enabled the usage of the CookieAuthHelper login screen functionality
without actually using the CookieAuthHelper to maintain the
credentials store in its own auth cookie by ensuring that only
active updateCredentials plugins are informed about a successful
login so they can store the credentials.
=== Products/PluggableAuthService/plugins/CookieAuthHelper.py 1.9 => 1.10 ===
--- Products/PluggableAuthService/plugins/CookieAuthHelper.py:1.9 Tue Nov 16 13:17:23 2004
+++ Products/PluggableAuthService/plugins/CookieAuthHelper.py Sat Nov 20 13:44:13 2004
@@ -207,7 +207,17 @@
login = request.get('__ac_name', '')
password = request.get('__ac_password', '')
- self.updateCredentials(request, response, login, password)
+ # In order to use the CookieAuthHelper for its nice login page
+ # facility but store and manage credentials somewhere else we need
+ # to make sure that upon login only plugins activated as
+ # IUpdateCredentialPlugins get their updateCredentials method
+ # called. If the method is called on the CookieAuthHelper it will
+ # simply set its own auth cookie, to the exclusion of any other
+ # plugins that might want to store the credentials.
+ pas_instance = self._getPAS()
+
+ if pas_instance is not None:
+ pas_instance.updateCredentials(request, response, login, password)
came_from = request.form['came_from']
=== Products/PluggableAuthService/plugins/SessionAuthHelper.py 1.3 => 1.4 ===
--- Products/PluggableAuthService/plugins/SessionAuthHelper.py:1.3 Thu Aug 12 11:15:54 2004
+++ Products/PluggableAuthService/plugins/SessionAuthHelper.py Sat Nov 20 13:44:13 2004
@@ -95,10 +95,8 @@
security.declarePrivate('updateCredentials')
def updateCredentials(self, request, response, login, new_password):
""" Respond to change of credentials. """
- name = request.SESSION.get('__ac_name', '')
-
- if name:
- request.SESSION.set('__ac_password', new_password)
+ request.SESSION.set('__ac_name', login)
+ request.SESSION.set('__ac_password', new_password)
security.declarePrivate('resetCredentials')
def resetCredentials(self, request, response):
More information about the Zope-CVS
mailing list