]> git.rm.cloudns.org Git - xonotic/xonstat.git/commitdiff
Verify logins with pyramid_persona.
authorAnt Zucaro <azucaro@gmail.com>
Fri, 13 Jun 2014 18:01:01 +0000 (14:01 -0400)
committerAnt Zucaro <azucaro@gmail.com>
Fri, 13 Jun 2014 18:01:01 +0000 (14:01 -0400)
xonstat/__init__.py
xonstat/views/__init__.py
xonstat/views/admin.py

index ff783f9da855369079d2e6e1b09652338127b407..3ce684c4c476dc1781f8c502686c7475ce3eb7a1 100644 (file)
@@ -171,6 +171,9 @@ def main(global_config, **settings):
     # ADMIN ROUTES
     config.add_forbidden_view(forbidden, renderer="forbidden.mako")
 
+    config.add_route("login", "/login")
+    config.add_view(login, route_name="login", check_csrf=True, renderer="json")
+
     config.add_route("merge",      "/merge")
     config.add_view(route_name="merge", renderer="merge.mako", permission="admin")
 
index a084bcc5723529ceae6f7851bd65548c8bf9485a..bdc53ba0a8e2137bbda2b02ba2c1aafa1d58e15d 100644 (file)
@@ -29,4 +29,4 @@ from xonstat.views.exceptions   import notfound
 from xonstat.views.main   import main_index, top_players_by_time, top_servers_by_players
 from xonstat.views.main   import top_servers_by_players, top_maps_by_times_played
 
-from xonstat.views.admin   import forbidden
+from xonstat.views.admin   import forbidden, login
index f46aca2be7077d6cf8a30d37765055488cb3a7cf..b8f64866e459fb18e20bd92e2fc189cc34b6f243 100644 (file)
@@ -1,8 +1,32 @@
 from pyramid.response import Response
-from pyramid.httpexceptions import HTTPForbidden
+from pyramid.httpexceptions import HTTPForbidden, HTTPFound
+from pyramid.security import remember, forget
+from pyramid_persona.views import verify_login
+from xonstat.models import *
 
 def forbidden(request):
     '''A simple forbidden view. Does nothing more than set the status and then
     gets the heck out of dodge. The forbidden.mako template does the work.'''
     request.response.status = 403
     return {}
+
+def login(request):
+    # Verify the assertion and get the email of the user
+    persona_email = verify_login(request)
+
+    # Check that the email exists in the players table
+    player_email = DBSession.query(Player).\
+            filter(Player.email_addr == persona_email).one()
+
+    #log.debug("Verified email address: %s" % persona_email)
+    #log.debug("Corresponding player is %s" % player_email)
+
+    if player_email is not None:
+        # Add the headers required to remember the user to the response
+        request.response.headers.extend(remember(request, persona_email))
+    else:
+        url = request.route_url("forbidden")
+        return HTTPFound(location=url)
+
+    # Return a json message containing the address or path to redirect to.
+    return {'redirect': request.POST['came_from'], 'success': True}