Back to index

moin  1.9.0~rc2
php_session.py
Go to the documentation of this file.
00001 # -*- coding: iso-8859-1 -*-
00002 """
00003     MoinMoin - PHP session cookie authentication
00004 
00005     Currently supported systems:
00006 
00007         * eGroupware 1.2 ("egw")
00008          * You need to configure eGroupware in the "header setup" to use
00009            "php sessions plus restore"
00010 
00011     @copyright: 2005 MoinMoin:AlexanderSchremmer (Thanks to Spreadshirt)
00012     @license: GNU GPL, see COPYING for details.
00013 """
00014 
00015 import urllib
00016 from MoinMoin import user
00017 from MoinMoin.auth import _PHPsessionParser, BaseAuth
00018 
00019 class PHPSessionAuth(BaseAuth):
00020     """ PHP session cookie authentication """
00021 
00022     name = 'php_session'
00023 
00024     def __init__(self, apps=['egw'], s_path="/tmp", s_prefix="sess_", autocreate=False):
00025         """ @param apps: A list of the enabled applications. See above for
00026             possible keys.
00027             @param s_path: The path where the PHP sessions are stored.
00028             @param s_prefix: The prefix of the session files.
00029         """
00030         BaseAuth.__init__(self)
00031         self.s_path = s_path
00032         self.s_prefix = s_prefix
00033         self.apps = apps
00034         self.autocreate = autocreate
00035 
00036     def request(self, request, user_obj, **kw):
00037         def handle_egroupware(session):
00038             """ Extracts name, fullname and email from the session. """
00039             username = session['egw_session']['session_lid'].split("@", 1)[0]
00040             known_accounts = session['egw_info_cache']['accounts']['cache']['account_data']
00041 
00042             # if the next line breaks, then the cache was not filled with the current
00043             # user information
00044             user_info = [value for key, value in known_accounts.items()
00045                          if value['account_lid'] == username][0]
00046             name = user_info.get('fullname', '')
00047             email = user_info.get('email', '')
00048 
00049             dec = lambda x: x and x.decode("iso-8859-1")
00050 
00051             return dec(username), dec(email), dec(name)
00052 
00053         cookie = kw.get('cookie')
00054         if not cookie is None:
00055             for cookiename in cookie:
00056                 cookievalue = urllib.unquote(cookie[cookiename].value).decode('iso-8859-1')
00057                 session = _PHPsessionParser.loadSession(cookievalue, path=self.s_path, prefix=self.s_prefix)
00058                 if session:
00059                     if "egw" in self.apps and session.get('egw_session', None):
00060                         username, email, name = handle_egroupware(session)
00061                         break
00062             else:
00063                 return user_obj, True
00064 
00065             u = user.User(request, name=username, auth_username=username,
00066                           auth_method=self.name)
00067 
00068             changed = False
00069             if name != u.aliasname:
00070                 u.aliasname = name
00071                 changed = True
00072             if email != u.email:
00073                 u.email = email
00074                 changed = True
00075 
00076             if u and self.autocreate:
00077                 u.create_or_update(changed)
00078             if u and u.valid:
00079                 return u, True # True to get other methods called, too
00080         return user_obj, True # continue with next method in auth list
00081