Short description
This patch allows users to authenticate on wiki trough php session cookie of Vanilla Forum http://getvanilla.com/ and is basicly extension of current php_session module
1 myconfig=dict(host = '127.0.0.1',
2 user = 'dbuser',
3 passwd = 'somedbpassword',
4 dbname = 'dbname',
5 table_prefix = 'LUM_'
6 )
7 from MoinMoin.auth.php_session import PHPSessionAuth
8 auth = [PHPSessionAuth(apps=['vanilla'], s_path="/var/lib/php5", s_prefix="sess_", autocreate=True, appconfig=myconfig )]
auth has the following parameters:
1 auth = [PHPSessionAuth(apps=['vanilla'], s_path="/var/lib/php5", s_prefix="sess_", autocreate=True, appconfig=myconfig )]
apps is a list of enabled application (could be "egw" for eGroupware or "vanilla" for Vanilla Forum)
s_path is the path of the PHP session files
s_prefix is the prefix of the PHP session files
autocreate is parameter that ask should user preference be created automatically
appconfig is dictionary with configuration data passed to authenticator
Patch follows:
1 --- php_session.py 2008-08-31 21:00:51.000000000 +0200
2 +++ /usr/lib64/python2.5/site-packages/MoinMoin/auth/php_session.py 2008-11-19 00:28:10.000000000 +0100
3 @@ -15,25 +15,71 @@
4 import urllib
5 from MoinMoin import user
6 from MoinMoin.auth import _PHPsessionParser, BaseAuth
7 +from MoinMoin import log
8 +logging = log.getLogger(__name__)
9
10 class PHPSessionAuth(BaseAuth):
11 """ PHP session cookie authentication """
12
13 name = 'php_session'
14
15 - def __init__(self, apps=['egw'], s_path="/tmp", s_prefix="sess_", autocreate=False):
16 + def __init__(self, apps=['egw','vanilla'], s_path="/tmp", s_prefix="sess_", autocreate=False, appconfig=None):
17 """ @param apps: A list of the enabled applications. See above for
18 possible keys.
19 @param s_path: The path where the PHP sessions are stored.
20 @param s_prefix: The prefix of the session files.
21 + @param appconfig: configuration for connecting to mysql if used with vanilla forum
22 + example would be appconfig=dict(host='127.0.0.1',user='mysql',passwd='root', dbname='somedb',table_prefix='LUM_', role='Member')
23 """
24 BaseAuth.__init__(self)
25 self.s_path = s_path
26 self.s_prefix = s_prefix
27 self.apps = apps
28 self.autocreate = autocreate
29 + self.appconfig = appconfig
30
31 def request(self, request, user_obj, **kw):
32 + def handle_vanilla_forum(session):
33 + """ just get LussumoUserID and SessionPostBackKey so we can get into db and see what to do next with it """
34 + if self.appconfig is None:
35 + logging.exception("Please configure this authentication agent (mysql config missing)")
36 + return None, None, None
37 + import MySQLdb # only needed if used with vanilla auth method
38 + #logging.debug(self.appconfig) ## WATCH OUT THIS ONE!!! will leave password for mysql in log if enabled and not supervised
39 + try:
40 + m = MySQLdb.connect(host=self.appconfig['host'], user=self.appconfig['user'],
41 + passwd=self.appconfig['passwd'], db=self.appconfig['dbname'])
42 + except:
43 + logging.exception("authorization failed due to exception when connecting to DB, traceback follows...")
44 + # now lets party :)
45 + query = """SELECT
46 + LUM_User.FirstName as FirstName,
47 + LUM_User.LastName as LastName,
48 + LUM_User.Email as UserEmail,
49 + LUM_User.Name as UserName,
50 + LUM_Role.Name as RoleName,
51 + LUM_Role.Permissions as RolePermissions -- will look what to do with it ...
52 + FROM
53 + LUM_User, LUM_Role
54 + WHERE
55 + LUM_User.RoleID=LUM_Role.RoleID AND
56 + LUM_User.UserID=%s ;"""
57 + if self.appconfig['table_prefix'] != 'LUM_': # no need for regexp if will not gonna use it...
58 + import re # it is nice to have it tho :)
59 + rpl = re.compile('LUM_')
60 + query = rpl.sub(self.appconfig['table_prefix'],query) % session['LussumoUserID']
61 + else:
62 + query = query % session['LussumoUserID']
63 + logging.debug("query=%s" % query)
64 + c = m.cursor(MySQLdb.cursors.DictCursor)
65 + c.execute(query)
66 + row = c.fetchone()
67 + dec = lambda x: x and x.decode("iso-8859-1")
68 + FullName = "%s%s" % (row['FirstName'], row['LastName'])
69 + logging.debug("Username=%s UserEmail=%s FirstName+LastName=%s" % ( row['UserName'], row['UserEmail'], FullName ) )
70 + return dec(row['UserName']), dec(row['UserEmail']), dec(FullName)
71 +
72 +
73 def handle_egroupware(session):
74 """ Extracts name, fullname and email from the session. """
75 username = session['egw_session']['session_lid'].split("@", 1)[0]
76 @@ -59,8 +105,15 @@
77 if "egw" in self.apps and session.get('egw_session', None):
78 username, email, name = handle_egroupware(session)
79 break
80 + elif "vanilla" in self.apps and session.get('LussumoUserID', None) and session.get('SessionPostBackKey', None):
81 + logging.info("calling handle_vanilla_forum")
82 + username, email, name = handle_vanilla_forum(session)
83 + if username is None:
84 + logging.info ("no user from this session data, possible breakin maybe?!?!?")
85 + return user_obj, True
86 + break
87 else:
88 - return user_obj, True
89 + return None, True
90
91 u = user.User(request, name=username, auth_username=username,
92 auth_method=self.name)
*