Short description
I'd like to have an HTTP authentication that can be invoked by the user with a web link and then, of course, the user should be authenticated on every page, regardless of the web server configuration (hence using a cookie).
As an example of what I'm saying, see Trac authentication method at http://trac.edgewall.org/
I made a patch to moin-1.5.8.
To use this new feature you shoud add a simple configuration to your web server (see example in the new file http_login.py in the patch) and then set this lines in your wikiconfig.py:
auth = [http, moin_cookie]
show_login = 1
login_action = 'http_login'Here is the patch:
diff -Naur moin-1.5.8.orig/MoinMoin/action/http_login.py moin-1.5.8/MoinMoin/action/http_login.py
--- moin-1.5.8.orig/MoinMoin/action/http_login.py 1970-01-01 01:00:00.000000000 +0100
+++ moin-1.5.8/MoinMoin/action/http_login.py 2007-11-22 15:06:09.000000000 +0100
@@ -0,0 +1,49 @@
+# -*- coding: iso-8859-1 -*-
+"""
+ MoinMoin - "http_login" action
+
+ This action provides a redirection
+ to the HTTP authentication trigger
+ (i.e. "<calling_page>/login?action=http_login")
+ and a redirection back to the calling page
+ after the HTTP authentication completed successfully
+
+ NB - the HTTP authentication trigger works only
+ if you have your web server properly configured !!
+
+ i.e. for Apache:
+
+ <LocationMatch "/[^/]+/login">
+ ....your auth method here...
+ AuthType Basic | Digest
+ ...etc...
+ </LocationMatch>
+
+ @copyright: 2007 by Gianluca Cangini <gianluca.cangini@telecomitalia.it>
+ @license: GNU GPL, see COPYING for details.
+"""
+
+from MoinMoin import user
+from MoinMoin.Page import Page
+
+def execute(pagename, request):
+ return HttpLoginHandler(pagename, request).handle()
+
+class HttpLoginHandler:
+ def __init__(self, pagename, request):
+ self.request = request
+ self._ = request.getText
+ self.page = Page(request, pagename)
+
+ def handle(self):
+ _ = self._
+ request = self.request
+
+ if request.user.valid:
+ # user successfully authenticated via HTTP
+ request.http_redirect(request.http_referer)
+
+ else:
+ # force a redirect to the HTTP authentication trigger
+ request.http_redirect(request.http_referer + "/login?action=http_login")
+
diff -Naur moin-1.5.8.orig/MoinMoin/auth.py moin-1.5.8/MoinMoin/auth.py
--- moin-1.5.8.orig/MoinMoin/auth.py 2007-11-22 10:50:34.000000000 +0100
+++ moin-1.5.8/MoinMoin/auth.py 2007-11-22 11:12:58.000000000 +0100
@@ -132,6 +132,12 @@
login = kw.get('login')
logout = kw.get('logout')
user_obj = kw.get('user_obj')
+
+ # adds/refreshes cookie if a previous authentication method got a valid user
+ if user_obj and user_obj.valid:
+ setCookie(request, user_obj)
+ return user_obj, True
+
#request.log("auth.moin_cookie: name=%s login=%r logout=%r user_obj=%r" % (username, login, logout, user_obj))
if login:
u = user.User(request, name=username, password=password,
diff -Naur moin-1.5.8.orig/MoinMoin/multiconfig.py moin-1.5.8/MoinMoin/multiconfig.py
--- moin-1.5.8.orig/MoinMoin/multiconfig.py 2007-11-22 10:50:34.000000000 +0100
+++ moin-1.5.8/MoinMoin/multiconfig.py 2007-11-22 11:16:50.000000000 +0100
@@ -342,6 +342,7 @@
show_hosts = 1
show_interwiki = 0
show_login = 1
+ login_action = 'login' # so the wiki adminstrator can set a different login action (e.g. 'http_login')
show_names = True
show_section_numbers = 0
show_timings = 0
diff -Naur moin-1.5.8.orig/MoinMoin/theme/__init__.py moin-1.5.8/MoinMoin/theme/__init__.py
--- moin-1.5.8.orig/MoinMoin/theme/__init__.py 2007-11-22 10:50:34.000000000 +0100
+++ moin-1.5.8/MoinMoin/theme/__init__.py 2007-11-22 11:18:16.000000000 +0100
@@ -233,7 +233,7 @@
querystr={'action': 'logout', 'logout': 'logout'}, id="logout"))
else:
userlinks.append(d['page'].link_to(request, text=_("Login", formatted=False),
- querystr={'action': 'login'}, id="login"))
+ querystr={'action': request.cfg.login_action}, id="login"))
userlinks = [u'<li>%s</li>' % link for link in userlinks]
html = u'<ul id="username">%s</ul>' % ''.join(userlinks)moin-1.5.8_http_and_cookie_auth.patch
I'm pretty sure this can be implemented using the new auth system and possibly the already existing http auth. Please open a new feature request explaining in more detail what the auth method you want is.