1 """The TurboGears identity management package."""
2
3
4 __all__ = [
5 '_encrypt_password',
6 'create_default_provider',
7 'current',
8 'current_provider',
9 'encrypt_password',
10 'encrypt_pw_with_algorithm',
11 'get_identity_errors',
12 'get_failure_url',
13 'set_current_identity',
14 'set_current_provider',
15 'set_identity_errors',
16 'set_login_attempted',
17 'was_login_attempted',
18 ]
19
20
21 import logging
22 try:
23 from hashlib import md5, sha1
24 except ImportError:
25 from sha import new as sha1
26 from md5 import new as md5
27
28 import cherrypy
29 import pkg_resources
30 import turbogears
31
32 from turbogears.util import deprecated, request_available, load_class
33 from turbogears.identity.exceptions import *
34
35
36 log = logging.getLogger('turbogears.identity')
37
38
40 """Create default identity provider.
41
42 Creates an identity provider according to what is found in
43 the configuration file for the current TurboGears application
44
45 Returns an identity provider instance or
46 raises an IdentityConfigurationException.
47
48 """
49 provider_plugin = turbogears.config.get('identity.provider', 'sqlobject')
50 plugins = pkg_resources.iter_entry_points(
51 'turbogears.identity.provider', provider_plugin)
52
53 log.debug("Loading provider from plugin: %s", provider_plugin)
54
55 for entrypoint in plugins:
56 try:
57 provider_class = entrypoint.load()
58 except Exception:
59 raise IdentityConfigurationException(
60 "IdentityProvider plugin can't be loaded: %s\n%s"
61 % (provider_plugin, load_error))
62 break
63 else:
64 provider_class = load_class(provider_plugin)
65
66 if not provider_class:
67 raise IdentityConfigurationException(
68 "IdentityProvider plugin missing: %s" % provider_plugin)
69
70 return provider_class()
71
72
74 try:
75 return cherrypy.request.identity_login_attempted
76 except AttributeError:
77 return False
78
79
81 cherrypy.request.identity_login_attempted = flag
82
83
92
93
95 cherrypy.request.identityProvider = provider
96
97
99 """Hash the given password with the specified algorithm.
100
101 Valid values for algorithm are 'md5' and 'sha1' or 'custom'. If the
102 algorithm is 'custom', the config setting 'identity.custom_encryption'
103 needs to be set to a dotted-notation path to a callable that takes
104 an unencrypted password and gives back the password hash.
105
106 All other algorithms values will be essentially a no-op.
107
108 """
109 hashed_password = password
110
111 if isinstance(password, unicode):
112 password_8bit = password.encode('utf-8')
113 else:
114 password_8bit = password
115 if algorithm == 'md5':
116 hashed_password = md5(password_8bit).hexdigest()
117 elif algorithm == 'sha1':
118 hashed_password = sha1(password_8bit).hexdigest()
119 elif algorithm == 'custom':
120 custom_encryption_path = turbogears.config.get(
121 'identity.custom_encryption', None)
122 if custom_encryption_path:
123 custom_encryption = turbogears.util.load_class(
124 custom_encryption_path)
125 if custom_encryption:
126 hashed_password = custom_encryption(password_8bit)
127
128
129 if not isinstance(hashed_password, unicode):
130 hashed_password = hashed_password.decode('utf-8')
131 return hashed_password
132
133 _encrypt_password = deprecated(
134 "Use identity.encrypt_pw_with_algorithm instead."
135 )(encrypt_pw_with_algorithm)
136
137
140
141
143 """A wrapper class for the thread local data.
144
145 This allows developers to access the current user information via
146 turbogears.identity.current and get the identity for the current request.
147
148 """
149
164
176
181
182
203
204 current = IdentityWrapper()
205 current_provider = ProviderWrapper()
206