Pidgin
Trac is being migrated to new services! Issues can be found in our new YouTrack instance and WIKI pages can be found on our website.

LocalTracChanges: acct_mgr_plugin_ssl_remember_me_rev_4111.patch

File acct_mgr_plugin_ssl_remember_me_rev_4111.patch, 9.1 KB (added by datallah, 15 years ago)

AccountManager? rev. 4111 patch to implement SSL login and admin screens and persistent sessions

  • acct_mgr/web_ui.py

     
    1313import os
    1414import random
    1515import string
     16
     17
     18
    1619
    1720from trac import perm, util
    1821from trac.core import *
    1922from trac.config import IntOption
    2023from trac.notification import NotificationSystem, NotifyEmail
    2124from trac.prefs import IPreferencePanelProvider
     25
    2226from trac.web import auth
    2327from trac.web.api import IAuthenticator
    2428from trac.web.main import IRequestHandler, IRequestFilter
     
    5357    if password != req.args.get('password_confirm'):
    5458        raise TracError('The passwords must match.')
    5559
     60
     61
     62
    5663    mgr.set_password(user, password)
    5764
    5865    db = env.get_db_cnx()
     
    157164                          'store does not support writing.')
    158165        return writable
    159166
     167
     168
     169
     170
     171
     172
     173
     174
     175
     176
     177
     178
     179
     180
     181
     182
     183
     184
     185
    160186    #IPreferencePanelProvider methods
    161187    def get_preference_panels(self, req):
    162188        if not self._write_check():
     
    179205
    180206    # IRequestFilter methods
    181207    def pre_process_request(self, req, handler):
     208
     209
     210
     211
     212
     213
     214
     215
     216
     217
     218
     219
     220
     221
     222
     223
     224
    182225        return handler
    183226
    184227    def post_process_request(self, req, template, data, content_type):
     
    377420            except TracError, e:
    378421                data['registration_error'] = e.message
    379422            else:
    380                 req.redirect(req.href.login())
     423                redirect_url = None
     424                referer = req.args.get('referer')
     425                if referer:
     426                    redirect_url = "%s?referer=%s" % (req.href.login(), referer)
     427                req.redirect(redirect_url or req.href.login())
    381428        data['reset_password_enabled'] = \
    382429            (self.env.is_component_enabled(AccountModule)
    383430             and NotificationSystem(self.env).smtp_enabled)
     
    422469    match_request = if_enabled(auth.LoginModule.match_request)
    423470
    424471    def process_request(self, req):
    425         if req.path_info.startswith('/login') and req.authname == 'anonymous':
     472        if req.path_info.startswith('/login') and :
    426473            data = {
    427474                'referer': self._referer(req),
    428475                'reset_password_enabled': AccountModule(self.env).reset_password_enabled
     
    432479            return 'login.html', data, None
    433480        return auth.LoginModule.process_request(self, req)
    434481
     482
     483
     484
     485
     486
     487
     488
     489
     490
     491
     492
     493
     494
     495
     496
     497
    435498    def _do_login(self, req):
    436499        if not req.remote_user:
    437500            req.redirect(self.env.abs_href())
    438         return auth.LoginModule._do_login(self, req)
     501        res = auth.LoginModule._do_login(self, req)
     502        if req.args.get('rememberme', '0') == '1':
     503            req.outcookie['trac_auth']['expires'] = 86400 * 30
     504            req.outcookie['trac_auth_session'] = '1'
     505            req.outcookie['trac_auth_session']['path'] = self.env.href()
     506        return res
    439507
     508
     509
     510
     511
     512
     513
     514
     515
     516
     517
     518
     519
     520
     521
     522
     523
     524
     525
    440526    def _remote_user(self, req):
    441527        user = req.args.get('user')
    442528        password = req.args.get('password')
     
    449535    def _redirect_back(self, req):
    450536        """Redirect the user back to the URL she came from."""
    451537        referer = self._referer(req)
    452         if referer and not referer.startswith(req.base_url):
    453             # don't redirect to external sites
    454             referer = None
     538        if referer:
     539            u = urlparse.urlparse(referer)
     540            r = urlparse.urlparse(req.base_url)
     541            if u[1] and u[1] != r[1]:
     542                # don't redirect to external sites
     543                referer = None
    455544        req.redirect(referer or self.env.abs_href())
    456545
    457546    def _referer(self, req):
     
    576665    def _send_email(self, req):
    577666        notifier = EmailVerificationNotification(self.env)
    578667        notifier.notify(req.authname, req.session['email_verification_token'])
     668

  • acct_mgr/templates/register.html

     
    2424      </div>
    2525
    2626      <form method="post" id="acctmgr_registerform" action="">
     27
    2728        <fieldset>
    2829          <legend>Required</legend>
    2930          <div>
     
    4344                     class="textwidget" size="20" />
    4445            </label>
    4546          </div>
    46         </fieldset>
    47         <fieldset>
    48           <legend>Optional</legend>
    4947          <div>
    5048            <label>Name:
    5149              <input type="text" name="name" class="textwidget" size="20" />

  • acct_mgr/templates/login.html

     
    2828        <input type="hidden" name="referer" value="${referer}" />
    2929        <div>
    3030          <label for="user">Username:</label>
    31           <input type="text" id="user" name="user" class="textwidget" size="20" />
     31          <input type="text" id="user" name="user" class="textwidget" size="20" />
    3232        </div>
    3333        <div>
    3434          <label for="password">Password:</label>
    3535          <input type="password" id="password" name="password" class="textwidget" size="20" />
    3636        </div>
     37
     38
     39
     40
    3741        <input type="submit" value="Login" />
    3842
    3943        <p py:if="reset_password_enabled">
All information, including names and email addresses, entered onto this website or sent to mailing lists affiliated with this website will be public. Do not post confidential information, especially passwords!