@@ -15,6 +15,8 @@ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions and limitations under the License. +Modifications for AppDrop.com deployment made by J. Chris Anderson (http://jchris.mfdz.com) + DJANGO FRAMEWORK ================ LICENSE @@ -274,7 +274,8 @@ class MatcherDispatcher(URLDispatcher): login_url, url_matchers, get_user_info=dev_appserver_login.GetUserInfo, - login_redirect=dev_appserver_login.LoginRedirect): + login_redirect=dev_appserver_login.LoginRedirect, + clear_cookies=dev_appserver_login.ClearUserInfoCookie): """Initializer. Args: @@ -286,6 +287,7 @@ class MatcherDispatcher(URLDispatcher): self._url_matchers = tuple(url_matchers) self._get_user_info = get_user_info self._login_redirect = login_redirect + self._clear_cookies = clear_cookies def Dispatch(self, relative_url, @@ -301,7 +303,7 @@ class MatcherDispatcher(URLDispatcher): path variable supplied to this method is ignored. """ cookies = ', '.join(headers.getheaders('cookie')) - email, nickname, admin = self._get_user_info(cookies) + email, nickname, admin, valid_cookie = self._get_user_info(cookies) for matcher in self._url_matchers: dispatcher, matched_path, requires_login, admin_only = matcher.Match(relative_url) @@ -319,6 +321,15 @@ class MatcherDispatcher(URLDispatcher): base_env_dict['SERVER_PORT'], relative_url, outfile) + elif not valid_cookie: + output_headers = [] + output_headers.append(self._clear_cookies()) + outfile.write('Status: 302 Redirecting to continue URL\r\n') + for header in output_headers: + outfile.write(header) + outfile.write('Location: %s\r\n' % relative_url) + outfile.write('\r\n') + elif admin_only and not admin: outfile.write('Status: %d Not authorized\r\n' '\r\n' @@ -479,7 +490,7 @@ def SetupEnvironment(cgi_path, env['CONTENT_LENGTH'] = headers.getheader('content-length', '') cookies = ', '.join(headers.getheaders('cookie')) - email, nickname, admin = get_user_info(cookies) + email, nickname, admin, valid_cookie = get_user_info(cookies) env['USER_EMAIL'] = email if admin: google/appengine/tools/dev_appserver.py @@ -69,6 +69,7 @@ def GetUserInfo(http_cookie, cookie_name=COOKIE_NAME): cookie = Cookie.SimpleCookie(http_cookie) cookie_value = '' + valid_cookie = True if cookie_name in cookie: cookie_value = cookie[cookie_name].value @@ -81,10 +82,11 @@ def GetUserInfo(http_cookie, cookie_name=COOKIE_NAME): vhsh = sha.new(email+nickname+admin+COOKIE_SECRET).hexdigest() if hsh != vhsh: logging.info(email+" had invalid cookie") + valid_cookie = False # todo clear the cookie # redirect to os.environ['PATH_INFO'] with the cookier clearing? - return email, nickname, (admin == 'True') + return email, nickname, (admin == 'True'), valid_cookie def CreateCookieData(email, nickname, admin): @@ -164,8 +166,10 @@ def LoginRedirect(login_url, outfile.write('Status: 302 Requires login\r\n') outfile.write('Location: %s\r\n\r\n' % redirect_url) -def LoginServiceRedirect(dest_url, endpoint, outfile): - redirect_url = '%s?%s=%s' % (endpoint, CONTINUE_PARAM, urllib.quote(dest_url)) +def LoginServiceRedirect(dest_url, endpoint, ah_url, outfile): + redirect_url = '%s?%s=%s' % (endpoint, + CONTINUE_PARAM, + urllib.quote('%s?%s=%s' %(ah_url,CONTINUE_PARAM,dest_url))) outfile.write('Status: 302 Redirecting to login service URL\r\n') outfile.write('Location: %s\r\n' % redirect_url) @@ -182,14 +186,14 @@ def Logout(continue_url, outfile): outfile.write('\r\n') -def LoginFromAuth(token, continue_url, auth_endpoint, outfile): +def LoginFromAuth(token, continue_url, auth_endpoint, host, outfile): """Uses the auth token to fetch the userdata from appdrop, then sets the cookie""" output_headers = [] - auth_url = "%s?token=%s" % (auth_endpoint,token) + auth_url = "%s?token=%s&app=%s" % (auth_endpoint,token,host) logging.info('fetching: '+auth_url) result = urlfetch.fetch(auth_url); - + logging.info('result: '+result.content) if (result.status_code == 200): userinfo = simplejson.loads(result.content) output_headers.append(SetUserInfoCookie(userinfo['email'], userinfo['nickname'], userinfo['admin'])) @@ -205,7 +209,13 @@ def LoginFromAuth(token, continue_url, auth_endpoint, outfile): def main(): """Runs the login and logout CGI redirector script.""" form = cgi.FieldStorage() - login_url = os.environ['PATH_INFO'] + ah_path = os.environ['PATH_INFO'] + host = 'http://'+os.environ['SERVER_NAME'] + if os.environ['SERVER_PORT'] != '80': + host = host + ":" + os.environ['SERVER_PORT'] + + ah_login_url = host+ah_path + action = form.getfirst(ACTION_PARAM) if action == None: @@ -220,9 +230,9 @@ def main(): if action.lower() == LOGOUT_ACTION.lower(): Logout(continue_url, sys.stdout) elif auth_token == '': - LoginServiceRedirect(continue_url, login_service_endpoint, sys.stdout) + LoginServiceRedirect(continue_url, login_service_endpoint, ah_login_url, sys.stdout) else: - LoginFromAuth(auth_token, continue_url, auth_endpoint, sys.stdout) + LoginFromAuth(auth_token, continue_url, auth_endpoint, host, sys.stdout) return 0 google/appengine/tools/dev_appserver_login.py @@ -160,6 +160,7 @@ def ParseArguments(argv): 'enable_sendmail', 'help', 'history_path=', + 'login_url=', 'port=', 'require_indexes', 'smtp_host=', @@ -194,6 +195,9 @@ def ParseArguments(argv): if option == '--datastore_path': option_dict[ARG_DATASTORE_PATH] = value + if option == '--login_url': + option_dict[ARG_LOGIN_URL] = value + if option == '--history_path': option_dict[ARG_HISTORY_PATH] = value google/appengine/tools/dev_appserver_main.py 66e93a3ace324490ec4749f9b64f9ba7b2c952bd Chris Anderson jchris@grabb.it http://github.com/jchris/portable-google-app-engine-sdk/commit/8fc65b2bd0bc31ae2c20669ac4043c4d09f35015 8fc65b2bd0bc31ae2c20669ac4043c4d09f35015 2008-04-12T17:44:29-07:00 2008-04-12T17:44:29-07:00 got the login loop working ad0f963a053ae1420f07841e106a675b38542a20 Chris Anderson jchris@grabb.it