Ming MongoDB backend and authentication support

TurboGears · Aug 9, 2011 · 203b249 · 203b249
1 parent 825c859
commit 203b249
Show file tree

Hide file tree

Showing 2 changed files with 102 additions and 4 deletions.
diff --git a/tg/configuration.py b/tg/configuration.py
@@ -130,6 +130,8 @@ def __init__(self):
         # legacy renderers are buffet interface plugins
         self.use_legacy_renderer = False
 
+        self.use_ming = False
+        self.use_sqlalchemy = False
         self.use_toscawidgets = True
         self.use_transaction_manager = True
         self.use_toscawidgets2 = False
@@ -504,6 +506,16 @@ def setup_persistence(self):
         """
         if self.use_sqlalchemy:
             self.setup_sqlalchemy()
+        elif self.use_ming:
+            self.setup_ming()
+
+    def setup_ming(self):
+        """Setup MongoDB database engine using Ming"""
+        from ming.datastore import DataStore
+
+        datastore = DataStore(config['ming.url'], database=config['ming.db'])
+        config['pylons.app_globals'].ming_datastore = datastore
+        self.package.model.init_model(datastore)
 
     def setup_sqlalchemy(self):
         """Setup SQLAlchemy database engine.
@@ -550,7 +562,7 @@ def setup_auth(self):
 
            For the standard TurboGears App, this will set up the auth with SQLAlchemy.
         """
-        if self.auth_backend == "sqlalchemy":
+        if self.auth_backend in ("ming", "sqlalchemy"):
             self.setup_sa_auth_backend()
 
     def make_load_environment(self):
@@ -624,7 +636,6 @@ def add_auth_middleware(self, app, skip_authentication):
         :type skip_authentication: bool
 
         """
-        from repoze.what.plugins.quickstart import setup_sql_auth
         from repoze.what.plugins.pylonshq import booleanize_predicates
 
         # Predicates booleanized:
@@ -646,8 +657,13 @@ def add_auth_middleware(self, app, skip_authentication):
                 "you must define it in app_cfg.py or set "\
                 "sa_auth.cookie_secret in development.ini"
                 raise TGConfigError(msg)
-        app = setup_sql_auth(app, skip_authentication=skip_authentication,
-                             **auth_args)
+
+        if self.auth_backend == "sqlalchemy":
+            from repoze.what.plugins.quickstart import setup_sql_auth
+            app = setup_sql_auth(app, skip_authentication=skip_authentication, **auth_args)
+        elif self.auth_backend == "ming":
+            from repoze_ming import setup_ming_auth
+            app = setup_ming_auth(app, skip_authentication=skip_authentication, **auth_args)
         return app
 
     def add_core_middleware(self, app):
@@ -794,6 +810,11 @@ def add_tm_middleware(self, app):
         from repoze.tm import make_tm
         return make_tm(app, self.commit_veto)
 
+    def add_ming_middleware(self, app):
+        """Set up the ming middleware for the unit of work"""
+        import ming.orm.middleware
+        return ming.orm.middleware.MingMiddleware(app)
+
     def add_dbsession_remover_middleware(self, app):
         """Set up middleware that cleans up the sqlalchemy session.
 
@@ -880,6 +901,9 @@ def make_base_app(global_conf, wrap_app=None, full_stack=True, **app_conf):
                     self.DBSession = self.model.DBSession
                 app = self.add_dbsession_remover_middleware(app)
 
+            if self.use_ming:
+                app = self.add_ming_middleware(app)
+
             if pylons_config.get('make_body_seekable'):
                 app = maybe_make_body_seekable(app)
 

diff --git a/tg/repoze_ming.py b/tg/repoze_ming.py
@@ -0,0 +1,74 @@
+from zope.interface import implements
+from repoze.who.interfaces import IAuthenticator, IMetadataProvider
+from repoze.who.plugins.friendlyform import FriendlyFormPlugin
+from repoze.who.plugins.auth_tkt import AuthTktCookiePlugin
+from repoze.who.middleware import PluggableAuthenticationMiddleware
+
+class MingAuthenticatorPlugin(object):
+    implements(IAuthenticator)
+
+    def __init__(self, user_class):
+        self.user_class = user_class
+
+    # IAuthenticator
+    def authenticate(self, environ, identity):
+        if not ('login' in identity and 'password' in identity):
+            return None
+
+        user = self.user_class.query.get(user_name=identity.get('login', None))
+        if user:
+            if user.validate_password(identity.get('password', None)):
+                return identity['login']
+
+class MingUserMDPlugin(object):
+    implements(IMetadataProvider)
+
+    def __init__(self, user_class):
+        self.user_class = user_class
+
+    def add_metadata(self, environ, identity):
+        identity['user'] = self.user_class.query.get(user_name=identity['repoze.who.userid'])
+        identity['groups'] = identity['user'].groups
+
+        if 'repoze.what.credentials' not in environ:
+            environ['repoze.what.credentials'] = {}
+
+        environ['repoze.what.credentials']['groups'] = identity['groups']
+        environ['repoze.what.credentials']['repoze.what.userid'] = identity['repoze.who.userid']
+
+def setup_ming_auth(app, skip_authentication, **auth_args):
+    cookie_secret = auth_args.get('cookie_secret', 'secret')
+    cookie_name = auth_args.get('cookie_name', 'authtkt')
+
+    form_plugin = FriendlyFormPlugin(auth_args.get('login_url', '/login'),
+                                     auth_args.get('login_handler', '/login_handler'),
+                                     auth_args['post_login_url'],
+                                     auth_args.get('logout_handler', '/logout_handler'),
+                                     auth_args['post_logout_url'],
+                                     login_counter_name=auth_args.get('login_counter_name'),
+                                     rememberer_name='cookie')
+
+    challengers = [('form', form_plugin)]
+
+    auth = MingAuthenticatorPlugin(user_class=auth_args['user_class'])
+    authenticators = [('mingauth', auth)]
+
+    cookie = AuthTktCookiePlugin(cookie_secret, cookie_name)
+    identifiers = [('cookie', cookie), ('form', form_plugin)]
+
+    provider = MingUserMDPlugin(user_class=auth_args['user_class'])
+    mdproviders = [('ming_user_md', provider)]
+
+    from repoze.who.classifiers import default_request_classifier
+    from repoze.who.classifiers import default_challenge_decider
+
+    app = PluggableAuthenticationMiddleware(
+        app,
+        identifiers=identifiers,
+        authenticators=authenticators,
+        challengers=challengers,
+        mdproviders=mdproviders,
+        classifier=default_request_classifier,
+        challenge_decider=default_challenge_decider)
+
+    return app