--- /dev/null
+# -*- coding: iso-8859-1 -*-
+"""
+ MoinMoin - auth plugin doing a check against MySQL db
+
+ @copyright: 2008 Matthijs Kooijman
+ @license: GNU GPL, see COPYING for details.
+"""
+
+import MySQLdb
+import md5
+from MoinMoin import user
+from MoinMoin.auth import BaseAuth, ContinueLogin
+from MoinMoin import log
+logging = log.getLogger(__name__)
+
+class phpbb_login(BaseAuth):
+ logout_possible = True
+ login_inputs = ['username', 'password']
+
+ def __init__(self, name='phpbb', dbhost=None, dbuser=None, dbpass=None, dbname=None, dbport=None, hint=None):
+ """
+ Authenticate using credentials from a phpbb database
+
+ The name parameter should be unique among all authentication methods.
+
+ The hint parameter is a snippet of HTML that is displayed below the login form.
+ """
+ self.dbhost = dbhost
+ self.dbuser = dbuser
+ self.dbpass = dbpass
+ self.dbname = dbname
+ self.dbport = dbport
+ self.name = name
+ self.hint = hint
+
+ def check_login(self, request, username, password):
+ """ Checks the given username password combination. Returns the
+ corresponding emailaddress, or False if authentication failed.
+ """
+ conn = self.connect(request)
+
+ if not conn:
+ return False
+
+ # Get some data
+ cursor = conn.cursor ()
+ cursor.execute ("SELECT user_password,user_email FROM lex_users WHERE username=%s", username)
+
+ # No data? No login.
+ if (cursor.rowcount == 0):
+ conn.close()
+ return False
+
+ # Check password
+ row = cursor.fetchone()
+ conn.close()
+
+ if (md5.new(password).hexdigest() == row[0]):
+ return row[1]
+ else:
+ return False
+
+ def connect(self, request):
+ # This code was shamelessly stolen from
+ # django.db.backends.mysql.base.cursor
+ kwargs = {
+ 'charset': 'utf8',
+ 'use_unicode': False,
+ }
+ if self.dbuser:
+ kwargs['user'] = self.dbuser
+ if self.dbname:
+ kwargs['db'] = self.dbname
+ if self.dbpass:
+ kwargs['passwd'] = self.dbpass
+ if self.dbhost.startswith('/'):
+ kwargs['unix_socket'] = self.dbhost
+ elif self.dbhost:
+ kwargs['host'] = self.dbhost
+ if self.dbport:
+ kwargs['port'] = int(self.dbport)
+
+ # End stolen code
+
+ try:
+ conn = MySQLdb.connect (**kwargs)
+ except:
+ import sys
+ import traceback
+ info = sys.exc_info()
+ logging.error("phpbb_login: authentication failed due to exception connecting to DB, traceback follows...")
+ logging.error(''.join(traceback.format_exception(*info)))
+ return False
+
+ return conn
+
+ def login(self, request, user_obj, **kw):
+ try:
+ username = kw.get('username')
+ password = kw.get('password')
+
+ logging.debug("phpbb_login: Trying to log in, username=%r " % (username))
+
+ # simply continue if something else already logged in
+ # successfully
+ if user_obj and user_obj.valid:
+ return ContinueLogin(user_obj)
+
+ # Deny empty username or passwords
+ if not username or not password:
+ return ContinueLogin(user_obj)
+
+ email = self.check_login(request, username, password)
+
+ # Login incorrect
+ if (not email):
+ logging.debug("phpbb_login: authentication failed for %s" % (username))
+ return ContinueLogin(user_obj)
+
+ logging.debug("phpbb_login: authenticated %s (email %s)" % (username, email))
+
+ u = user.User(request, auth_username=username, auth_method=self.name, auth_attribs=('name', 'password', 'email'))
+ u.email = email
+ #u.remember_me = 0 # 0 enforces cookie_lifetime config param
+ u.create_or_update(True)
+
+ return ContinueLogin(u)
+ except:
+ import sys
+ import traceback
+ info = sys.exc_info()
+ logging.error("phpbb_login: authentication failed due to unexpected exception, traceback follows...")
+ logging.error(''.join(traceback.format_exception(*info)))
+ return ContinueLogin(user_obj)
+
+ def login_hint(self, request):
+ """ Return a snippet of HTML that is displayed with the login form. """
+ return self.hint
+
+# vim: set sw=4 expandtab sts=4:vim