[Grok-dev] grok 1.2 and session based auth.

Shrek Zhou zgwmike at gmail.com
Wed Nov 3 21:49:12 EDT 2010


To Christian,

I can not found groupfolder.zcml in that folder under *
.buildout/eggs/zope.pluggableauth-1.0.3-py2.6.egg/zope/pluggableauth/plugins/
*

i think you have to include zope.pluggableauth and this zcml-snippet:

<include package="zope.pluggableauth.plugins" file="groupfolder.zcml" />

Maybe you can report if it works for you.
Christian


On Thu, Nov 4, 2010 at 9:30 AM, Shrek Zhou <zgwmike at gmail.com> wrote:

> Hi, Jerrfey,
> I did that before I sent the mail. and I noticed that,
> in .buildout/eggs/zope.app.publication-3.12.0-py2.6.egg/zope/app/publication/zopepublication.py(89),
> the following func is called, which just get IAuthentication Utility from
> global site manager.
>
> def beforeTraversal(self, request):
>         notify(StartRequestEvent(request))
>         # Try to authenticate against the root authentication utility.
>         auth = zope.component.getGlobalSiteManager().getUtility(
>             zope.authentication.interfaces.IAuthentication)
>         principal = auth.authenticate(request)
>         if principal is None:
>             principal = auth.unauthenticatedPrincipal()
>             if principal is None:
>                 # Get the fallback unauthenticated principal
>                 principal = zope.component.getUtility(
>                     IFallbackUnauthenticatedPrincipal)
>
>         request.setPrincipal(principal)
>         newInteraction(request)
>         transaction.begin()
> ps:
>
> *And code snippet of app.py*
> class Bada(grok.Application, grok.Container):
>     grok.implements(IBada)
>     grok.local_utility(auth.UserAuthenticatorPlugin,
>                        provides=IAuthenticatorPlugin,
>                        name='users')
>     grok.local_utility(PluggableAuthentication,provides=IAuthentication,
>                        setup=auth.setup_authentication,
>                        )
> *And code snippet of auth.py*
> def setup_authentication(pau):
>     pau.credentialsPlugins=['credentials']
>     pau.authenticatorPlugins=['users']
>
> class Account(grok.Model):
>     def __init__(self,name,password,real_name,role):
>         self.name=name
>         self.real_name=real_name
>         self.role=role
>         self.setPassword(password)
>     def setPassword(self,password):
>         passwordManager=getUtility(IPasswordManager,'SHA1')
>         self.password=passwordManager.encodePassword(password)
>     def checkPassword(self,password):
>         passwordManager=getUtility(IPasswordManager,'SHA1')
>         return passwordManager.checkPassword(self.password,password)
> class UserFolder(grok.Container):
>     pass
> class
> MySessionCredentialsPlugin(grok.GlobalUtility,SessionCredentialsPlugin):
>     grok.provides(ICredentialsPlugin)
>     grok.name("credentials")
>
>     loginpagename="login"
>     loginfield='login'
>     passwordfield='password'
>
> class PrincipalInfo(object):
>     grok.implements(IPrincipalInfo)
>     def __init__(self,id,title,description):
>         self.id=id
>         self.title=title
>         self.description=description
>         self.credentialsPlugin=None
>         self.authenticatorPlugin=None
> class UserAuthenticatorPlugin(grok.LocalUtility):
>     grok.implements(IAuthenticatorPlugin)
>     grok.name('users')
>
>     def __init__(self):
>         self.user_folder=UserFolder()
>     def authenticateCredentials(self,credentials):
>         if not isinstance(credentials,dict):
>             return None
>         if not ('login' in credentials and 'password' in credentials):
>             return None
>         account=self.getAccount(credentials['login'])
>         if account is None:
>             return None
>         if not account.checkPassword(credentials['password']):
>             return None
>         return PrincipalInfo(id=account.name,
>                              title=account.real_name,
>                              description=account.real_name
>                              )
>     def principalInfo(self,id):
>         account=self.getAccount(id)
>         if account is None:
>             return None
>         return PrincialInfo(id=account.name,
>                             title=account.real_name,
>                             description=account.real_name
>                             )
>     def getAccount(self,login):
>         return login in self.user_folder and self.user_folder[login] or
> None
>     def addUser(self,username,password,real_name,role,**kwargw):
>         import pdb;pdb.set_trace()
>         if username not in self.user_folder:
>             user=Account(username,password,real_name,role)
>             self.user_folder[username]=user
>             role_manager=IPrincipalRoleManager(grok.getSite())
>             permission_manager=IPrincipalPermissionManager(grok.getSite())
>             #TODO: do role or permission assigning here.
>             permission_manager.grantPermissionToPrincipal('zope.View',
> user.name)
>
> class ILoginForm(Interface):
>     login=schema.BytesLine(title=_(u'Username'),required=True)
>     camefrom=schema.BytesLine(title=u'',required=False)
>     password=schema.Password(title=_(u'Password'),required=True)
>
> class Login(megrok.layout.Form):
>     grok.context(Interface)
>     grok.require('zope.Public')
>     label='Login'
>     prefix=''
>     form_fields=grok.Fields(ILoginForm)
>
>     def setUpWidgets(self,ignore_request=False):
>         super(Login,self).setUpWidgets(ignore_request)
>         self.widgets['camefrom'].type='hidden'
>         self.widgets['login'].cssClass='title'
>         self.widgets['password'].cssClass='title'
>
>     @grok.action('Login')
>     def handle_login(self,**data):
>         import pdb;pdb.set_trace()
>
>  self.redirect(self.request.form.get('camefrom',self.url(grok.getSite())))
>
> class IAddUserForm(Interface):
>     login=schema.BytesLine(title=_(u"Username"),required=True)
>     password=schema.Password(title=_(u'Password'),required=True)
>     confirm_password=schema.Password(title=_(u"Confirm password"),
>                                      required=True)
>     real_name=schema.TextLine(title=_(u'Real name'),required=True)
>     role=schema.Choice(title=_(u'User role'),
>                        values=[_(u'Bada Member'),_(u'Bada Master
> Account')],
>                        required=True)
>
> class AddUserForm(megrok.layout.Form):
>     grok.context(Interface)
>     grok.require('zope.Public')
>     label=_('Register')
>     form_fields=grok.Fields(IAddUserForm)
>     @grok.action(_(u'Register'))
>     def handle_add(self,**data):
>         users=getUtility(IAuthenticatorPlugin,'users')
>
>  users.addUser(data['login'],data['password'],data['real_name'],data['role'])
>         self.redirect(self.url(grok.getSite()))
>
> On Thu, Nov 4, 2010 at 1:49 AM, Jeffrey D Peterson <bgpete at gmail.com>wrote:
>
>>  There is a bug, it’s been documented.
>>
>>
>>
>> You need to include zope.pluggableauth in your setup.py in
>> install_requires and rerun buildout.  This will work around the bug.
>>
>>
>>
>> Hopefully that’s the issue, otherwise, we’ll have to look closer.
>>
>>
>>
>> --
>>
>> Jeffrey Peterson
>>
>> bgpete3 at gmail.com
>>
>>
>>
>> *From:* grok-dev-bounces at zope.org [mailto:grok-dev-bounces at zope.org] *On
>> Behalf Of *Shrek Zhou
>> *Sent:* Wednesday, November 03, 2010 12:01 PM
>> *To:* grok-dev at zope.org
>> *Subject:* [Grok-dev] grok 1.2 and session based auth.
>>
>>
>>
>> hi, grokkers,
>>
>>
>>
>> *My problem:*
>>
>> I can not use PluggableAuthenticationPlugin from zope.pluggableauth to do
>> a session based auth.
>>
>>
>>
>> *Steps I took:*
>>
>> 1. added the following lines to my gork.Application:
>>
>>
>>
>>     grok.local_utility(auth.UserAuthenticatorPlugin,
>>
>>                        provides=IAuthenticatorPlugin,
>>
>>                        name='users')
>>
>>     grok.local_utility(PluggableAuthentication,provides=IAuthentication,
>>
>>                        setup=auth.setup_authentication,
>>
>>                        )
>>
>>
>>
>> 2. created corresponding authenticatorPlugin and credentialsPlugin, and
>> add them to pau through setup_authentication.
>>
>>
>>
>> *Results*:
>>
>> The authentication utility is not called at all. only
>> princialRegistry(from zope.principalregistry which is a globalsite utility
>> that implements IAuthentication.) works.
>>
>>
>>
>> Expected:
>>
>> The local authentication utility should work and substitute the global
>> one.
>>
>>
>>
>> *How can I fix the above problem??*
>>
>>
>>
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mail.zope.org/pipermail/grok-dev/attachments/20101104/b33f1dfc/attachment.html 


More information about the Grok-dev mailing list