Authgate integration stage 1.

diff --git a/TODO.txt b/TODO.txt
index 30be80aa58f2f0220167032a41b760a63b46bfba..f90e6b1fa6b89b84bc134cdb8f62a84248a6d001 100644 (file)
--- a/TODO.txt
+++ b/TODO.txt
@@ -1,5 +1,4 @@
 O sound\r
-fix embedding wizard in IE\r
 tab dragging\r
 O options pane (notices, sound, query behaviour, @+ in nick shown in chantext, etc)\r
 O authgate integration\r
@@ -10,3 +9,4 @@ memory leaks
 [ ] style flashing\r
 last position line\r
 /msg $ goes to status, as does /notice $\r
+Authgate: fix up state inconsistency if backend is restarted (state is stored in user cookie and not refreshed except on login).
\ No newline at end of file

diff --git a/config.py.example b/config.py.example
index 05f0e252fd76f1448608bd8a843c600e54e50f0b..1c02532bdd7e879b2b2855be05bcb008f281b036 100644 (file)
--- a/config.py.example
+++ b/config.py.example
@@ -6,3 +6,4 @@ MAXBUFLEN = 10000
 MAXSUBSCRIPTIONS = 3
 REALNAME = "http://moo.com/"
 MAXLINELEN = 600
+AUTHGATEDOMAIN = "webchat_test"

diff --git a/js/ui/genericlogin.js b/js/ui/genericlogin.js
index 1cf4756c229887dd11ba8489561d1679be36ad80..1693fa3d80539b16b6dc354860bdf6e49e3a9155 100644 (file)
--- a/js/ui/genericlogin.js
+++ b/js/ui/genericlogin.js
@@ -51,18 +51,23 @@ qwebirc.ui.ConfirmBox = function(parentElement, callback, initialNickname, initi
   var td = new Element("td");
   tr.appendChild(td);
 
-  var form = new Element("form");
-  td.appendChild(form);
-  
   var yes = new Element("input", {"type": "submit", "value": "Connect"});
-  form.appendChild(yes);
+  td.appendChild(yes);
   yes.focus();
-  
-  form.addEvent("submit", function(e) {
-    new Event(e).stop();
+  yes.addEvent("click", function(e) {
     parentElement.removeChild(box);
     callback({"nickname": initialNickname, "autojoin": initialChannels});
   });
+  
+  var user = Cookie.read("user")
+  if(!$defined(user)) {
+    var auth = new Element("input", {"type": "submit", "value": "Log in"});
+    td.appendChild(auth);
+    auth.addEvent("click", function(e) {
+      var cookie = Cookie.write("redirect", document.location);
+      document.location = "./auth/";
+    });
+  }
 }
 
 qwebirc.ui.LoginBox = function(parentElement, callback, initialNickname, initialChannels) {

diff --git a/qwebirc/ajaxengine.py b/qwebirc/ajaxengine.py
index 0da0f384514719c3b26d15e4d157b042c41a968e..0aae808802aa34711150cc1e3f2a069077bc2679 100644 (file)
--- a/qwebirc/ajaxengine.py
+++ b/qwebirc/ajaxengine.py
@@ -1,8 +1,8 @@
 from twisted.web import resource, server, static
 from twisted.names import client
 from twisted.internet import reactor
-import traceback
-import simplejson, md5, sys, os, ircclient, time, config, weakref
+from authgateengine import login_optional
+import simplejson, md5, sys, os, ircclient, time, config, weakref, traceback
 
 Sessions = {}
 
@@ -148,9 +148,15 @@ class AJAXEngine(resource.Resource):
 #    return self.render_POST(request)
   
   def newConnection(self, request):
+    ticket = login_optional(request)
+    
     _, ip, port = request.transport.getPeer()
 
-    nick, ident = request.args.get("nick"), "webchat"
+    nick, ident, realname = request.args.get("nick"), "webchat", config.REALNAME
+    
+    if not ticket is None:
+      realname = "%s (%s:%d:%s)" % (realname, ticket.username, ticket.id, ticket.authflags)
+      
     if not nick:
       raise AJAXException("Nickname not supplied")
       
@@ -165,7 +171,7 @@ class AJAXEngine(resource.Resource):
 
     session = IRCSession(id)
 
-    client = ircclient.createIRC(session, nick=nick, ident=ident, ip=ip, realname=config.REALNAME)
+    client = ircclient.createIRC(session, nick=nick, ident=ident, ip=ip, realname=realname)
     session.client = client
     
     Sessions[id] = session

diff --git a/qwebirc/authgateengine.py b/qwebirc/authgateengine.py
new file mode 100644 (file)
index 0000000..f412064
--- /dev/null
+++ b/qwebirc/authgateengine.py
@@ -0,0 +1,46 @@
+from authgate import twisted as authgate
+from twisted.web import resource, server, static
+import config, urlparse, urllib
+
+class AuthgateEngine(resource.Resource):
+  isLeaf = True
+  
+  def __init__(self, prefix):
+    self.__prefix = prefix
+    
+  def deleteCookie(self, request, key):
+    request.addCookie(key, "", path="/", expires="Sat, 29 Jun 1996 01:44:48 GMT")
+    
+  def render_GET(self, request):
+    if request.args.get("logout"):
+      self.deleteCookie(request, "user")
+      
+    a = authgate(request, config.AUTHGATEDOMAIN)
+    try:
+      ticket = a.login_required(accepting=lambda x: True)
+    except a.redirect_exception, e:
+      pass
+    else:
+      # only used for informational purposes, the backend stores this seperately
+      # so if the user changes it just their front end will be messed up!
+      request.addCookie("user", ticket.username, path="/")
+      
+      location = request.getCookie("redirect")
+      if location is None:
+        location = "/"
+      else:
+        self.deleteCookie(request, "redirect")
+        _, _, path, params, query, _ = urlparse.urlparse(urllib.unquote(location))
+        location = urlparse.urlunparse(("", "", path, params, query, ""))
+
+      request.redirect(location)
+      request.finish()
+      
+    return server.NOT_DONE_YET
+    
+def getSessionData(request):
+  return authgate.get_session_data(request)
+  
+def login_optional(request):
+  return authgate(request, config.AUTHGATEDOMAIN).login_optional()
+ 
\ No newline at end of file

diff --git a/qwebirc/root.py b/qwebirc/root.py
index 41502a358d3e9a9996b56383ca42457bfca65ca0..78bd71854637c564a216adf178029a13df5c016f 100644 (file)
--- a/qwebirc/root.py
+++ b/qwebirc/root.py
@@ -1,4 +1,5 @@
 from ajaxengine import AJAXEngine
+from authgateengine import AuthgateEngine
 import mimetypes
 from twisted.web import resource, server, static
 
@@ -15,6 +16,7 @@ class RootSite(server.Site):
 
     root.primaryChild = static.File(path)
     root.putChild("e", AJAXEngine("/e"))
+    root.putChild("auth", AuthgateEngine("/auth"))
 
 mimetypes.types_map[".ico"] = "image/vnd.microsoft.icon"