django-cas-server/cas_server/auth.py

# ⁻*- coding: utf-8 -*-
# This program is distributed in the hope that it will be useful, but WITHOUT
# ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
# FOR A PARTICULAR PURPOSE. See the GNU General Public License version 3 for
# more details.
#
# You should have received a copy of the GNU General Public License version 3
# along with this program; if not, write to the Free Software Foundation, Inc., 51
# Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
#
# (c) 2015 Valentin Samir
"""Some authentication classes for the CAS"""
from django.conf import settings
from django.contrib.auth.models import User
try:
    import MySQLdb
    import MySQLdb.cursors
    import crypt
except ImportError:
    MySQLdb = None

class DummyAuthUser(object):
    """A Dummy authentication class"""
    def __init__(self, username):
        self.username = username

    def test_password(self, password):
        """test `password` agains the user"""
        return False

    def attributs(self):
        """return a dict of user attributes"""
        return {}


class TestAuthUser(DummyAuthUser):
    """A test authentication class with one user test having
    alose test as password and some attributes"""
    def __init__(self, username):
        super(TestAuthUser, self).__init__(username)

    def test_password(self, password):
        """test `password` agains the user"""
        return self.username == "test" and password == "test"

    def attributs(self):
        """return a dict of user attributes"""
        return {'nom':'Nymous', 'prenom':'Ano', 'email':'anonymous@example.net'}


class MysqlAuthUser(DummyAuthUser):
    """A mysql auth class: authentication user agains a mysql database"""
    user = None
    def __init__(self, username):
        mysql_config = {
            "user": settings.CAS_SQL_USERNAME,
            "passwd": settings.CAS_SQL_PASSWORD,
            "db": settings.CAS_SQL_DBNAME,
            "host": settings.CAS_SQL_HOST,
            "charset":settings.CAS_SQL_DBCHARSET,
            "cursorclass":MySQLdb.cursors.DictCursor
        }
        if not MySQLdb:
            raise RuntimeError("Please install MySQLdb before using the MysqlAuthUser backend")
        conn = MySQLdb.connect(**mysql_config)
        curs = conn.cursor()
        if curs.execute(settings.CAS_SQL_USER_QUERY, (username,)) == 1:
            self.user = curs.fetchone()
        super(MysqlAuthUser, self).__init__(self.user['username'])

    def test_password(self, password):
        """test `password` agains the user"""
        if not self.user:
            return False
        else:
            if settings.CAS_SQL_PASSWORD_CHECK == "plain":
                return password == self.user["password"]
            elif settings.CAS_SQL_PASSWORD_CHECK == "crypt":
                if self.user["password"].startswith('$'):
                    salt = '$'.join(self.user["password"].split('$', 3)[:-1])
                    return crypt.crypt(password, salt) == self.user["password"]
                else:
                    return crypt.crypt(
                        password,
                        self.user["password"][:2]
                    ) == self.user["password"]

    def attributs(self):
        """return a dict of user attributes"""
        if not self.user:
            return {}
        else:
            return self.user

class DjangoAuthUser(DummyAuthUser):
    """A django auth class: authenticate user agains django internal users"""
    user = None
    def __init__(self, username):
        try:
            self.user = User.objects.get(username=username)
        except User.DoesNotExist:
            pass
        super(DjangoAuthUser, self).__init__(username)


    def test_password(self, password):
        """test `password` agains the user"""
        if not self.user:
            return False
        else:
            return self.user.check_password(password)

    def attributs(self):
        """return a dict of user attributes"""
        if not self.user:
            return {}
        else:
            attr = {}
            for field in self.user._meta.fields:
                attr[field.attname] = getattr(self.user, field.attname)
            return attr
Some login backends 2015-05-17 21:24:41 +00:00			`# ⁻- coding: utf-8 --`
copyright notice 2015-05-27 20:10:06 +00:00			`# This program is distributed in the hope that it will be useful, but WITHOUT`
			`# ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS`
			`# FOR A PARTICULAR PURPOSE. See the GNU General Public License version 3 for`
			`# more details.`
			`#`
			`# You should have received a copy of the GNU General Public License version 3`
			`# along with this program; if not, write to the Free Software Foundation, Inc., 51`
			`# Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.`
			`#`
			`# (c) 2015 Valentin Samir`
Some refactoring 2015-05-27 19:56:39 +00:00			`"""Some authentication classes for the CAS"""`
Some login backends 2015-05-17 21:24:41 +00:00			`from django.conf import settings`
			`from django.contrib.auth.models import User`
			`try:`
			`import MySQLdb`
			`import MySQLdb.cursors`
			`import crypt`
			`except ImportError:`
			`MySQLdb = None`
Some refactoring 2015-05-27 19:56:39 +00:00
Some login backends 2015-05-17 21:24:41 +00:00			`class DummyAuthUser(object):`
Some refactoring 2015-05-27 19:56:39 +00:00			`"""A Dummy authentication class"""`
Some login backends 2015-05-17 21:24:41 +00:00			`def __init__(self, username):`
			`self.username = username`

			`def test_password(self, password):`
Some refactoring 2015-05-27 19:56:39 +00:00			"""test `password` agains the user"""
Some login backends 2015-05-17 21:24:41 +00:00			`return False`

			`def attributs(self):`
Some refactoring 2015-05-27 19:56:39 +00:00			`"""return a dict of user attributes"""`
Some login backends 2015-05-17 21:24:41 +00:00			`return {}`


			`class TestAuthUser(DummyAuthUser):`
Some refactoring 2015-05-27 19:56:39 +00:00			`"""A test authentication class with one user test having`
			`alose test as password and some attributes"""`
Some login backends 2015-05-17 21:24:41 +00:00			`def __init__(self, username):`
Some refactoring 2015-05-27 19:56:39 +00:00			`super(TestAuthUser, self).__init__(username)`
Some login backends 2015-05-17 21:24:41 +00:00
			`def test_password(self, password):`
Some refactoring 2015-05-27 19:56:39 +00:00			"""test `password` agains the user"""
Some login backends 2015-05-17 21:24:41 +00:00			`return self.username == "test" and password == "test"`

			`def attributs(self):`
Some refactoring 2015-05-27 19:56:39 +00:00			`"""return a dict of user attributes"""`
Some login backends 2015-05-17 21:24:41 +00:00			`return {'nom':'Nymous', 'prenom':'Ano', 'email':'anonymous@example.net'}`


			`class MysqlAuthUser(DummyAuthUser):`
Some refactoring 2015-05-27 19:56:39 +00:00			`"""A mysql auth class: authentication user agains a mysql database"""`
Some login backends 2015-05-17 21:24:41 +00:00			`user = None`
			`def __init__(self, username):`
			`mysql_config = {`
Some refactoring 2015-05-27 19:56:39 +00:00			`"user": settings.CAS_SQL_USERNAME,`
			`"passwd": settings.CAS_SQL_PASSWORD,`
			`"db": settings.CAS_SQL_DBNAME,`
			`"host": settings.CAS_SQL_HOST,`
			`"charset":settings.CAS_SQL_DBCHARSET,`
			`"cursorclass":MySQLdb.cursors.DictCursor`
Some login backends 2015-05-17 21:24:41 +00:00			`}`
			`if not MySQLdb:`
			`raise RuntimeError("Please install MySQLdb before using the MysqlAuthUser backend")`
			`conn = MySQLdb.connect(**mysql_config)`
			`curs = conn.cursor()`
			`if curs.execute(settings.CAS_SQL_USER_QUERY, (username,)) == 1:`
			`self.user = curs.fetchone()`
MysqlAuthUser use return username for case 2015-06-09 14:42:28 +00:00			`super(MysqlAuthUser, self).__init__(self.user['username'])`
Some login backends 2015-05-17 21:24:41 +00:00
			`def test_password(self, password):`
Some refactoring 2015-05-27 19:56:39 +00:00			"""test `password` agains the user"""
Some login backends 2015-05-17 21:24:41 +00:00			`if not self.user:`
			`return False`
			`else:`
			`if settings.CAS_SQL_PASSWORD_CHECK == "plain":`
			`return password == self.user["password"]`
			`elif settings.CAS_SQL_PASSWORD_CHECK == "crypt":`
			`if self.user["password"].startswith('$'):`
			`salt = '$'.join(self.user["password"].split('$', 3)[:-1])`
			`return crypt.crypt(password, salt) == self.user["password"]`
			`else:`
some cosmetics 2015-05-27 20:18:01 +00:00			`return crypt.crypt(`
			`password,`
			`self.user["password"][:2]`
			`) == self.user["password"]`
Some login backends 2015-05-17 21:24:41 +00:00
			`def attributs(self):`
Some refactoring 2015-05-27 19:56:39 +00:00			`"""return a dict of user attributes"""`
Some login backends 2015-05-17 21:24:41 +00:00			`if not self.user:`
			`return {}`
			`else:`
			`return self.user`

			`class DjangoAuthUser(DummyAuthUser):`
Some refactoring 2015-05-27 19:56:39 +00:00			`"""A django auth class: authenticate user agains django internal users"""`
Some login backends 2015-05-17 21:24:41 +00:00			`user = None`
			`def __init__(self, username):`
			`try:`
			`self.user = User.objects.get(username=username)`
			`except User.DoesNotExist:`
			`pass`
			`super(DjangoAuthUser, self).__init__(username)`


			`def test_password(self, password):`
Some refactoring 2015-05-27 19:56:39 +00:00			"""test `password` agains the user"""
Some login backends 2015-05-17 21:24:41 +00:00			`if not self.user:`
			`return False`
			`else:`
			`return self.user.check_password(password)`

			`def attributs(self):`
Some refactoring 2015-05-27 19:56:39 +00:00			`"""return a dict of user attributes"""`
Some login backends 2015-05-17 21:24:41 +00:00			`if not self.user:`
			`return {}`
			`else:`
			`attr = {}`
			`for field in self.user._meta.fields:`
Some refactoring 2015-05-27 19:56:39 +00:00			`attr[field.attname] = getattr(self.user, field.attname)`
Some login backends 2015-05-17 21:24:41 +00:00			`return attr`