Drupal Authentication
If you have yourself an drupal website with users, there is no need to duplicate the efforts for user creation. You could uses your Drupal accounts details within MoinMoin by following this 3 steps manual:
1. Install the authenticator module
Copy/Paste the following code in your wikiconfig.py
import hashlib
import MySQLdb
from MoinMoin.auth import BaseAuth, ContinueLogin
from MoinMoin import user
from MoinMoin import log
logging = log.getLogger(__name__)
class DrupalAuth(BaseAuth):
""" handle login from moin login form """
def __init__(self, autocreate=True, dbhost='localhost', db='CHANGEME', dbuser='CHANGEME', dbpasswd='CHANGEME'):
BaseAuth.__init__(self)
self.autocreate = autocreate
self.dbhost = dbhost
self.db = db
self.dbuser = dbuser
self.dbpasswd = dbpasswd
login_inputs = ['username', 'password']
name = 'drupal'
logout_possible = True
def login(self, request, user_obj, **kw):
username = kw.get('username')
password = kw.get('password')
# simply continue if something else already logged in successfully
if user_obj and user_obj.valid:
return ContinueLogin(user_obj)
if not username and not password:
return ContinueLogin(user_obj)
_ = request.getText
logging.debug("%s: performing login action" % self.name)
if username and not password:
return ContinueLogin(user_obj, _('Missing password. Please enter user name and password.'))
storedpass = None
try:
db = MySQLdb.connect(host=self.dbhost, db=self.db, user=self.dbuser, passwd=self.dbpasswd)
c = db.cursor()
#
# If you like to limit to a subset of your drupal users, please do here so:
q = 'SELECT pass FROM users WHERE name = "%s" AND status=1' % username
result = c.execute(q)
if result == 0:
logging.debug("%s: could not authenticate user %r (not valid)" % (self.name, username))
return ContinueLogin(user_obj, _("Invalid username or password."))
storedpass = c.fetchone()[0]
except (MySQLdb.ProgrammingError, MySQLdb.OperationalError), e:
logging.error(e)
return ContinueLogin(user_obj, _("Authentication backend is having issues. Please try again later"))
m = hashlib.md5()
m.update(password)
if m.hexdigest() != storedpass:
logging.debug("%s: could not authenticate password (not valid)" % (self.name))
return ContinueLogin(user_obj, _("Invalid username or password."))
u = user.User(request, auth_username=username,
auth_method=self.name, auth_attribs=('name', 'password'))
logging.debug("u: %r" % u)
if u and self.autocreate:
logging.debug("autocreating user")
u.create_or_update()
if u.valid:
logging.debug("%s: successfully authenticated user %r (valid)" % (self.name, u.name))
return ContinueLogin(u)
else:
logging.debug("%s: could not authenticate user %r (not valid)" % (self.name, username))
return ContinueLogin(user_obj, _("Invalid username or password."))
def login_hint(self, request):
_ = request.getText
msg = ''
msg = _("""<b>Use your drupal account</b> Registered volunteers only. If you do not have an account a)
become a volunteer b) send your suggestions and/or changes to the
MailingLists""")
return msg
2. Activate the module
Somewhere within your wikiconfig.py you will find yourself a section called class Config(DefaultConfig): within this module, search for existance of the auth variable --it might not be here-- and replace/add it with the following config. Of course replace the TEMPLATE values.
auth = [DrupalAuth(autocreate=True, dbhost='localhost' db='DRUPAL_DATABASE_NAME', dbuser='DRUPAL_DATABASE_USER', dbpasswd='DRUPAL_DATABASE_USER')]
3. Test your config
- Reload/Restart your webserver configuration.
- Check whether your can login using your drupal credentials.
You can find extensive error messages if you enable debugging within your MoinMoin instance.
(4. Optional) fine tuning your setup
You can change the SQL statement if you like more fine grain control, like role specific access for example.
- You can change the login_hint message to actually reflect your setup (eg. where people need to go for in case of account issues).
You can choose to disable autocreate if you are really paranoid about your setup and likes to add the wiki accounts yourself.