--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/crypto.py Tue Feb 16 10:33:48 2010 +0100
@@ -0,0 +1,35 @@
+"""Simple cryptographic routines, based on python-crypto.
+
+:organization: Logilab
+:copyright: 2009-2010 LOGILAB S.A. (Paris, FRANCE), license is LGPL v2.
+:contact: http://www.logilab.fr/ -- mailto:contact@logilab.fr
+:license: GNU Lesser General Public License, v2.1 - http://www.gnu.org/licenses
+"""
+__docformat__ = "restructuredtext en"
+
+from pickle import dumps, loads
+from base64 import b64encode, b64decode
+
+from Crypto.Cipher import Blowfish
+
+
+_CYPHERERS = {}
+def _cypherer(seed):
+ try:
+ return _CYPHERERS[seed]
+ except KeyError:
+ _CYPHERERS[seed] = Blowfish.new(seed, Blowfish.MODE_ECB)
+ return _CYPHERERS[seed]
+
+
+def encrypt(data, seed):
+ string = dumps(data)
+ string = string + '*' * (8 - len(string) % 8)
+ string = b64encode(_cypherer(seed).encrypt(string))
+ return unicode(string)
+
+
+def decrypt(string, seed):
+ # pickle ignores trailing characters so we do not need to strip them off
+ string = _cypherer(seed).decrypt(b64decode(string))
+ return loads(string)
--- a/debian/control Tue Feb 16 09:27:15 2010 +0100
+++ b/debian/control Tue Feb 16 10:33:48 2010 +0100
@@ -63,7 +63,7 @@
Architecture: all
XB-Python-Version: ${python:Versions}
Depends: ${python:Depends}, cubicweb-common (= ${source:Version}), python-simplejson (>= 1.3), python-elementtree
-Recommends: python-docutils, python-vobject, fckeditor, python-fyzz, python-pysixt, fop
+Recommends: python-docutils, python-vobject, fckeditor, python-fyzz, python-pysixt, fop, python-imaging
Description: web interface library for the CubicWeb framework
CubicWeb is a semantic web application framework.
.
@@ -78,7 +78,7 @@
Architecture: all
XB-Python-Version: ${python:Versions}
Depends: ${python:Depends}, graphviz, gettext, python-logilab-mtconverter (>= 0.6.0), python-logilab-common (>= 0.47.0), python-yams (>= 0.27.0), python-rql (>= 0.24.0), python-lxml
-Recommends: python-simpletal (>= 4.0)
+Recommends: python-simpletal (>= 4.0), python-crypto
Conflicts: cubicweb-core
Replaces: cubicweb-core
Description: common library for the CubicWeb framework
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/web/captcha.py Tue Feb 16 10:33:48 2010 +0100
@@ -0,0 +1,85 @@
+"""Simple captcha library, based on PIL. Monkey patch functions in this module
+if you want something better...
+
+:organization: Logilab
+:copyright: 2009-2010 LOGILAB S.A. (Paris, FRANCE), license is LGPL v2.
+:contact: http://www.logilab.fr/ -- mailto:contact@logilab.fr
+:license: GNU Lesser General Public License, v2.1 - http://www.gnu.org/licenses
+"""
+__docformat__ = "restructuredtext en"
+
+from random import randint, choice
+from cStringIO import StringIO
+
+import Image, ImageFont, ImageDraw, ImageFilter
+
+
+from time import time
+
+from cubicweb import tags
+from cubicweb.view import StartupView
+from cubicweb.web import httpcache, formwidgets as fw, formfields as ff
+
+
+def pil_captcha(text, fontfile, fontsize):
+ """Generate a captcha image. Return a PIL image object.
+
+ adapted from http://code.activestate.com/recipes/440588/
+ """
+ # randomly select the foreground color
+ fgcolor = randint(0, 0xffff00)
+ # make the background color the opposite of fgcolor
+ bgcolor = fgcolor ^ 0xffffff
+ # create a font object
+ font = ImageFont.truetype(fontfile, fontsize)
+ # determine dimensions of the text
+ dim = font.getsize(text)
+ # create a new image slightly larger that the text
+ img = Image.new('RGB', (dim[0]+5, dim[1]+5), bgcolor)
+ draw = ImageDraw.Draw(img)
+ # draw 100 random colored boxes on the background
+ x, y = img.size
+ for num in range(100):
+ draw.rectangle((randint(0, x), randint(0, y),
+ randint(0, x), randint(0, y)),
+ fill=randint(0, 0xffffff))
+ # add the text to the image
+ draw.text((3, 3), text, font=font, fill=fgcolor)
+ img = img.filter(ImageFilter.EDGE_ENHANCE_MORE)
+ return img
+
+
+def captcha(fontfile, fontsize, size=5, format='JPEG'):
+ """Generate an arbitrary text, return it together with a buffer containing
+ the captcha image for the text
+ """
+ text = u''.join(choice('QWERTYUOPASDFGHJKLZXCVBNM') for i in range(size))
+ img = pil_captcha(text, fontfile, fontsize)
+ out = StringIO()
+ img.save(out, format)
+ out.seek(0)
+ return text, out
+
+
+class CaptchaView(StartupView):
+ __regid__ = 'captcha'
+
+ http_cache_manager = httpcache.NoHTTPCacheManager
+ binary = True
+ templatable = False
+ content_type = 'image/jpg'
+
+ def call(self):
+ text, data = captcha.captcha(self._cw.vreg.config['captcha-font-file'],
+ self._cw.vreg.config['captcha-font-size'])
+ self._cw.set_session_data('captcha', text)
+ self.w(data.read())
+
+
+class CaptchaWidget(fw.TextInput):
+ def render(self, form, field, renderer=None):
+ # t=int(time()*100) to make sure img is not cached
+ src = form._cw.build_url('view', vid='captcha', t=int(time()*100))
+ img = tags.img(src=src, alt=u'captcha')
+ img = u'<div class="captcha">%s</div>' % img
+ return img + super(CaptchaWidget, self).render(form, field, renderer)
Binary file web/data/porkys.ttf has changed
--- a/web/webconfig.py Tue Feb 16 09:27:15 2010 +0100
+++ b/web/webconfig.py Tue Feb 16 10:33:48 2010 +0100
@@ -176,6 +176,22 @@
'help': 'print the traceback on the error page when an error occured',
'group': 'web', 'inputlevel': 2,
}),
+
+ ('captcha-font-file',
+ {'type' : 'string',
+ 'default': join(CubicWebConfiguration.shared_dir(), 'data', 'porkys.ttf'),
+ 'help': 'True type font to use for captcha image generation (you \
+must have the python imaging library installed to use captcha)',
+ 'group': 'web', 'inputlevel': 2,
+ }),
+ ('captcha-font-size',
+ {'type' : 'int',
+ 'default': 25,
+ 'help': 'Font size to use for captcha image generation (you must \
+have the python imaging library installed to use captcha)',
+ 'group': 'web', 'inputlevel': 2,
+ }),
+
))
def fckeditor_installed(self):