Short description

I'd like to have an HTTP authentication that can be invoked by the user with a web link and then, of course, the user should be authenticated on every page, regardless of the web server configuration (hence using a cookie).

As an example of what I'm saying, see Trac authentication method at http://trac.edgewall.org/


I made a patch to moin-1.5.8.

To use this new feature you shoud add a simple configuration to your web server (see example in the new file http_login.py in the patch) and then set this lines in your wikiconfig.py:

    auth = [http, moin_cookie]
    show_login = 1
    login_action = 'http_login'

Here is the patch:

diff -Naur moin-1.5.8.orig/MoinMoin/action/http_login.py moin-1.5.8/MoinMoin/action/http_login.py
--- moin-1.5.8.orig/MoinMoin/action/http_login.py       1970-01-01 01:00:00.000000000 +0100
+++ moin-1.5.8/MoinMoin/action/http_login.py    2007-11-22 15:06:09.000000000 +0100
@@ -0,0 +1,49 @@
+# -*- coding: iso-8859-1 -*-
+"""
+    MoinMoin - "http_login" action
+
+    This action provides a redirection 
+    to the HTTP authentication trigger
+    (i.e. "<calling_page>/login?action=http_login")
+    and a redirection back to the calling page
+    after the HTTP authentication completed successfully
+
+    NB - the HTTP authentication trigger works only
+    if you have your web server properly configured !!
+
+    i.e. for Apache:
+
+    <LocationMatch "/[^/]+/login">
+        ....your auth method here...
+        AuthType Basic | Digest
+        ...etc...
+    </LocationMatch>
+
+    @copyright: 2007 by Gianluca Cangini <gianluca.cangini@telecomitalia.it>
+    @license: GNU GPL, see COPYING for details.
+"""
+
+from MoinMoin import user
+from MoinMoin.Page import Page
+
+def execute(pagename, request):
+    return HttpLoginHandler(pagename, request).handle()
+
+class HttpLoginHandler:
+    def __init__(self, pagename, request):
+        self.request = request
+        self._ = request.getText
+        self.page = Page(request, pagename)
+
+    def handle(self):
+        _ = self._
+        request = self.request
+
+        if request.user.valid: 
+            # user successfully authenticated via HTTP
+            request.http_redirect(request.http_referer)
+        
+        else: 
+            # force a redirect to the HTTP authentication trigger
+            request.http_redirect(request.http_referer + "/login?action=http_login")
+
diff -Naur moin-1.5.8.orig/MoinMoin/auth.py moin-1.5.8/MoinMoin/auth.py
--- moin-1.5.8.orig/MoinMoin/auth.py    2007-11-22 10:50:34.000000000 +0100
+++ moin-1.5.8/MoinMoin/auth.py 2007-11-22 11:12:58.000000000 +0100
@@ -132,6 +132,12 @@
     login = kw.get('login')
     logout = kw.get('logout')
     user_obj = kw.get('user_obj')
+    
+    # adds/refreshes cookie if a previous authentication method got a valid user
+    if user_obj and user_obj.valid:
+        setCookie(request, user_obj)
+        return user_obj, True
+
     #request.log("auth.moin_cookie: name=%s login=%r logout=%r user_obj=%r" % (username, login, logout, user_obj))
     if login:
         u = user.User(request, name=username, password=password,
diff -Naur moin-1.5.8.orig/MoinMoin/multiconfig.py moin-1.5.8/MoinMoin/multiconfig.py
--- moin-1.5.8.orig/MoinMoin/multiconfig.py     2007-11-22 10:50:34.000000000 +0100
+++ moin-1.5.8/MoinMoin/multiconfig.py  2007-11-22 11:16:50.000000000 +0100
@@ -342,6 +342,7 @@
     show_hosts = 1
     show_interwiki = 0
     show_login = 1
+    login_action = 'login' # so the wiki adminstrator can set a different login action (e.g. 'http_login')
     show_names = True
     show_section_numbers = 0
     show_timings = 0
diff -Naur moin-1.5.8.orig/MoinMoin/theme/__init__.py moin-1.5.8/MoinMoin/theme/__init__.py
--- moin-1.5.8.orig/MoinMoin/theme/__init__.py  2007-11-22 10:50:34.000000000 +0100
+++ moin-1.5.8/MoinMoin/theme/__init__.py       2007-11-22 11:18:16.000000000 +0100
@@ -233,7 +233,7 @@
                                                    querystr={'action': 'logout', 'logout': 'logout'}, id="logout"))
             else:
                 userlinks.append(d['page'].link_to(request, text=_("Login", formatted=False),
-                                                   querystr={'action': 'login'}, id="login"))
+                                                   querystr={'action': request.cfg.login_action}, id="login"))
 
         userlinks = [u'<li>%s</li>' % link for link in userlinks]
         html = u'<ul id="username">%s</ul>' % ''.join(userlinks)

moin-1.5.8_http_and_cookie_auth.patch


I'm pretty sure this can be implemented using the new auth system and possibly the already existing http auth. Please open a new feature request explaining in more detail what the auth method you want is.


MoinMoin: AuthMarket/HttpAndCookieAuth (last edited 2008-03-17 23:47:46 by JohannesBerg)