1 # -*- coding: iso-8859-1 -*-
3 MoinMoin - auth plugin doing a check against MySQL db
5 @copyright: 2008 Matthijs Kooijman
6 @license: GNU GPL, see COPYING for details.
11 from MoinMoin import user
12 from MoinMoin.auth import BaseAuth, ContinueLogin
14 class mysql_login(BaseAuth):
15 logout_possible = True
16 login_inputs = ['username', 'password']
18 def __init__(self, name='mysql', dbhost=None, dbuser=None, dbpass=None, dbname=None, dbport=None, verbose=False, hint=None):
20 Authenticate using credentials from a mysql database
22 The name parameter should be unique among all authentication methods.
24 The hint parameter is a snippet of HTML that is displayed below the login form.
26 self.verbose = verbose
35 def check_login(self, request, username, password):
36 """ Checks the given username password combination. Returns the
37 corresponding emailaddress, or False if authentication failed.
39 conn = self.connect(request)
45 cursor = conn.cursor ()
46 cursor.execute ("SELECT user_password,user_email FROM lex_users WHERE username=%s", username)
49 if (cursor.rowcount == 0):
54 row = cursor.fetchone()
57 if (md5.new(password).hexdigest() == row[0]):
62 def connect(self, request):
63 # This code was shamelessly stolen from
64 # django.db.backends.mysql.base.cursor
70 kwargs['user'] = self.dbuser
72 kwargs['db'] = self.dbname
74 kwargs['passwd'] = self.dbpass
75 if self.dbhost.startswith('/'):
76 kwargs['unix_socket'] = self.dbhost
78 kwargs['host'] = self.dbhost
80 kwargs['port'] = int(self.dbport)
85 conn = MySQLdb.connect (**kwargs)
90 request.log("mysql_login: authentication failed due to exception connecting to DB, traceback follows...")
91 request.log(''.join(traceback.format_exception(*info)))
96 def login(self, request, user_obj, **kw):
98 username = kw.get('username')
99 password = kw.get('password')
101 if self.verbose: request.log("mysql_login: Trying to log in, username=%r " % (username))
103 # simply continue if something else already logged in
105 if user_obj and user_obj.valid:
106 return ContinueLogin(user_obj)
108 # Deny empty username or passwords
109 if not username or not password:
110 return ContinueLogin(user_obj)
112 email = self.check_login(request, username, password)
116 if self.verbose: request.log("mysql_login: authentication failed for %s" % (username))
117 return ContinueLogin(user_obj)
119 if self.verbose: request.log("mysql_login: authenticated %s (email %s)" % (username, email))
121 u = user.User(request, auth_username=username, auth_method=self.name, auth_attribs=('password', 'email', ))
123 #u.remember_me = 0 # 0 enforces cookie_lifetime config param
124 u.create_or_update(True)
126 return ContinueLogin(u)
130 info = sys.exc_info()
131 request.log("mysql_login: authentication failed due to unexpected exception, traceback follows...")
132 request.log(''.join(traceback.format_exception(*info)))
133 return ContinueLogin(user_obj)
135 def login_hint(self, request):
136 """ Return a snippet of HTML that is displayed with the login form. """
139 # vim: set sw=4 expandtab sts=4:vim