# -*- coding: iso8859-1 -*- # # Copyright (C) 2003, 2004 Edgewall Software # Copyright (C) 2003, 2004 Jonas Borgström # # Trac is free software; you can redistribute it and/or # modify it under the terms of the GNU General Public License as # published by the Free Software Foundation; either version 2 of the # License, or (at your option) any later version. # # Trac is distributed in the hope that it will be useful, # but WITHOUT ANY WARRANTY; without even the implied warranty of # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU # General Public License for more details. # # You should have received a copy of the GNU General Public License # along with this program; if not, write to the Free Software # Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. # # Author: Jonas Borgström import time import util class Authenticator: def __init__(self, db, req): self.db = db self.authname = 'anonymous' if req.incookie.has_key('trac_auth'): cursor = db.cursor () cookie = req.incookie['trac_auth'].value cursor.execute ("SELECT name FROM auth_cookie " "WHERE cookie='%s' AND ipnr='%s'" % (cookie, req.remote_addr)) if cursor.rowcount >= 1: self.authname = cursor.fetchone()[0] def login(self, req): cursor = self.db.cursor () cookie = util.hex_entropy() cursor.execute ("INSERT INTO auth_cookie (cookie, name, ipnr, time)" + "VALUES ('%s', '%s', '%s', %d)" % (cookie, req.remote_user, req.remote_addr, int(time.time()))); self.db.commit () self.authname = req.remote_user req.outcookie['trac_auth'] = cookie req.outcookie['trac_auth']['path'] = req.cgi_location def logout(self): cursor = self.db.cursor () cursor.execute ("DELETE FROM auth_cookie WHERE name='%s'" % self.authname) self.db.commit ()