1 # copyright 2003-2012 LOGILAB S.A. (Paris, FRANCE), all rights reserved. |
|
2 # contact http://www.logilab.fr/ -- mailto:contact@logilab.fr |
|
3 # |
|
4 # This file is part of CubicWeb. |
|
5 # |
|
6 # CubicWeb is free software: you can redistribute it and/or modify it under the |
|
7 # terms of the GNU Lesser General Public License as published by the Free |
|
8 # Software Foundation, either version 2.1 of the License, or (at your option) |
|
9 # any later version. |
|
10 # |
|
11 # CubicWeb is distributed in the hope that it will be useful, but WITHOUT |
|
12 # ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS |
|
13 # FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public License for more |
|
14 # details. |
|
15 # |
|
16 # You should have received a copy of the GNU Lesser General Public License along |
|
17 # with CubicWeb. If not, see <http://www.gnu.org/licenses/>. |
|
18 |
|
19 from cubicweb.web import Redirect |
|
20 from cubicweb.web.application import CubicWebPublisher |
|
21 |
|
22 # proof of concept : monkey patch handle method so that if we are in an |
|
23 # anonymous session and __fblogin is found is req.form, the user with the |
|
24 # given login is created if necessary and then a session is opened for that |
|
25 # user |
|
26 # NOTE: this require "cookie" authentication mode |
|
27 def auto_login_handle_request(self, req, path): |
|
28 if (not req.cnx or req.cnx.anonymous_connection) and req.form.get('__fblogin'): |
|
29 login = password = req.form.pop('__fblogin') |
|
30 self.repo.register_user(login, password) |
|
31 req.form['__login'] = login |
|
32 req.form['__password'] = password |
|
33 if req.cnx: |
|
34 req.cnx.close() |
|
35 req.cnx = None |
|
36 try: |
|
37 session = self.session_handler.get_session(req) |
|
38 req.set_session(session) |
|
39 except Redirect: |
|
40 pass |
|
41 assert req.user.login == login |
|
42 return orig_handle(self, req, path) |
|
43 |
|
44 orig_handle = CubicWebPublisher.main_handle_request |
|
45 CubicWebPublisher.main_handle_request = auto_login_handle_request |
|