diff options
Diffstat (limited to 'ipsilon/login')
-rwxr-xr-x | ipsilon/login/authldap.py | 10 | ||||
-rwxr-xr-x | ipsilon/login/authtest.py | 3 | ||||
-rwxr-xr-x | ipsilon/login/common.py | 12 |
3 files changed, 21 insertions, 4 deletions
diff --git a/ipsilon/login/authldap.py b/ipsilon/login/authldap.py index 0d70479..a41d167 100755 --- a/ipsilon/login/authldap.py +++ b/ipsilon/login/authldap.py @@ -64,7 +64,15 @@ class LDAP(LoginFormBase, Log): if username and password: try: - userattrs = self._authenticate(username, password) + userdata = self._authenticate(username, password) + if userdata: + userattrs = dict() + for d, v in userdata.get('userdata', {}).items(): + userattrs[d] = v + if 'groups' in userdata: + userattrs['groups'] = userdata['groups'] + if 'extras' in userdata: + userattrs['extras'] = userdata['extras'] authed = True except Exception, e: # pylint: disable=broad-except errmsg = "Authentication failed" diff --git a/ipsilon/login/authtest.py b/ipsilon/login/authtest.py index 55b30a4..44492a4 100755 --- a/ipsilon/login/authtest.py +++ b/ipsilon/login/authtest.py @@ -33,8 +33,9 @@ class TestAuth(LoginFormBase): if username and password: if password == 'ipsilon': cherrypy.log("User %s successfully authenticated." % username) + testdata = {'fullname': 'Test User %s' % username} return self.lm.auth_successful(self.trans, - username, 'password') + username, 'password', testdata) else: cherrypy.log("User %s failed authentication." % username) error = "Authentication failed" diff --git a/ipsilon/login/common.py b/ipsilon/login/common.py index 2fee357..6231997 100755 --- a/ipsilon/login/common.py +++ b/ipsilon/login/common.py @@ -49,9 +49,17 @@ class LoginManagerBase(PluginObject, Log): if self.info: userattrs = self.info.get_user_attrs(username) if userdata: - userdata.update(userattrs or {}) + userdata.update(userattrs.get('userdata', {})) else: - userdata = userattrs + userdata = userattrs.get('userdata', {}) + + # merge groups and extras from login plugin and info plugin + userdata['groups'] = list(set(userdata.get('groups', []) + + userattrs.get('groups', []))) + + userdata['extras'] = userdata.get('extras', {}) + userdata['extras'].update(userattrs.get('extras', {})) + self.debug("User %s attributes: %s" % (username, repr(userdata))) if auth_type: |