auth.py

   1 from django.conf import settings
   2 from django.contrib.auth.models import User, check_password
   3 import md5
   4 import MySQLdb
   5
   6
   7 """
   8 This auth backend allows django to authenticate against an external phpbb
   9 database. If authentication is successful, the corresponding User from the
  10 normal django database is returned (linked on the username field). If no such
  11 User exists, it is created automatically.
  12
  13 This class uses the following variables from you django settings:
  14     PHPBB_DATABASE_HOST
  15     PHPBB_DATABASE_PORT
  16     PHPBB_DATABASE_USER
  17     PHPBB_DATABASE_PASSWORD
  18     PHPBB_DATABASE_NAME
  19
  20 If any of these settings are missing, the corresponding setting from Django's
  21 own database settings are used. This means, that, usually, you only have to
  22 specify the database name where phpbb lives.
  23 """
  24 class PhpBBBackend:
  25     def connect(self):
  26         host     = getattr(settings, 'PHPBB_DATABASE_HOST',     settings.DATABASE_HOST)
  27         port     = getattr(settings, 'PHPBB_DATABASE_PORT',     settings.DATABASE_PORT)
  28         user     = getattr(settings, 'PHPBB_DATABASE_USER',     settings.DATABASE_USER)
  29         password = getattr(settings, 'PHPBB_DATABASE_PASSWORD', settings.DATABASE_PASSWORD)
  30         name     = getattr(settings, 'PHPBB_DATABASE_NAME',     settings.DATABASE_NAME)
  31
  32         # This code was shamelessly stolen from
  33         # django.db.backends.mysql.base.cursor
  34         kwargs = {
  35             #'conv': django_conversions,
  36             'charset': 'utf8',
  37             'use_unicode': False,
  38         }
  39         if user:
  40             kwargs['user'] = user
  41         if name:
  42             kwargs['db'] = name
  43         if password:
  44             kwargs['passwd'] = password
  45         if host.startswith('/'):
  46             kwargs['unix_socket'] = host
  47         elif host:
  48             kwargs['host'] = host
  49         if port:
  50             kwargs['port'] = int(port)
  51
  52         conn = MySQLdb.connect (**kwargs)
  53         # End stolen code
  54
  55         return conn
  56
  57     def check_login(self, username, password):
  58         conn = self.connect()
  59
  60         # Get some data
  61         cursor = conn.cursor ()
  62         cursor.execute ("SELECT user_password,user_email FROM users WHERE username=%s", username)
  63
  64         # No data? No login.
  65         if (cursor.rowcount == 0):
  66             conn.close()
  67             return False
  68
  69         # Check password
  70         row = cursor.fetchone()
  71         conn.close()
  72
  73         if (md5.new(password).hexdigest() == row[0]):
  74             return row[1]
  75         else:
  76             return False
  77
  78
  79     """
  80     Authenticate against a PhpBB database.
  81
  82     Most of this code has been taken from Django's user auth tutorial.
  83     """
  84     def authenticate(self, username=None, password=None):
  85         email = self.check_login(username, password)
  86         if email:
  87             try:
  88                 user = User.objects.get(username=username)
  89             except User.DoesNotExist:
  90                 # Create a new user. Note that we can set password
  91                 # to anything, because it won't be checked; the password
  92                 # from settings.py will.
  93                 user = User(username=username, password='get from settings.py')
  94                 user.email = email
  95                 user.set_unusable_password()
  96                 user.save()
  97             return user
  98         else:
  99             return None
 100
 101     def get_user(self, user_id):
 102         try:
 103             return User.objects.get(pk=user_id)
 104         except User.DoesNotExist:
 105             return None
 106
 107 # vim: set sts=4 sw=4 expandtab: