235 """open and return a connection to the source""" |
235 """open and return a connection to the source""" |
236 if self._conn is None: |
236 if self._conn is None: |
237 self._connect() |
237 self._connect() |
238 return ConnectionWrapper(self._conn) |
238 return ConnectionWrapper(self._conn) |
239 |
239 |
240 def authenticate(self, session, login, password): |
240 def authenticate(self, session, login, password=None, **kwargs): |
241 """return CWUser eid for the given login/password if this account is |
241 """return CWUser eid for the given login/password if this account is |
242 defined in this source, else raise `AuthenticationError` |
242 defined in this source, else raise `AuthenticationError` |
243 |
243 |
244 two queries are needed since passwords are stored crypted, so we have |
244 two queries are needed since passwords are stored crypted, so we have |
245 to fetch the salt first |
245 to fetch the salt first |
246 """ |
246 """ |
247 assert login, 'no login!' |
247 if password is None: |
|
248 raise AuthenticationError() |
248 searchfilter = [filter_format('(%s=%s)', (self.user_login_attr, login))] |
249 searchfilter = [filter_format('(%s=%s)', (self.user_login_attr, login))] |
249 searchfilter.extend([filter_format('(%s=%s)', ('objectClass', o)) |
250 searchfilter.extend([filter_format('(%s=%s)', ('objectClass', o)) |
250 for o in self.user_classes]) |
251 for o in self.user_classes]) |
251 searchstr = '(&%s)' % ''.join(searchfilter) |
252 searchstr = '(&%s)' % ''.join(searchfilter) |
252 # first search the user |
253 # first search the user |