From: Chris Porter Date: Sat, 8 Nov 2008 18:22:11 +0000 (+0000) Subject: Authgate integration stage 1. X-Git-Url: https://jfr.im/git/irc/quakenet/qwebirc.git/commitdiff_plain/f065bc69f386c2ed1d9548a9199be5539a1fbd70 Authgate integration stage 1. --- diff --git a/TODO.txt b/TODO.txt index 30be80a..f90e6b1 100644 --- a/TODO.txt +++ b/TODO.txt @@ -1,5 +1,4 @@ O sound -fix embedding wizard in IE tab dragging O options pane (notices, sound, query behaviour, @+ in nick shown in chantext, etc) O authgate integration @@ -10,3 +9,4 @@ memory leaks [ ] style flashing last position line /msg $ goes to status, as does /notice $ +Authgate: fix up state inconsistency if backend is restarted (state is stored in user cookie and not refreshed except on login). \ No newline at end of file diff --git a/config.py.example b/config.py.example index 05f0e25..1c02532 100644 --- a/config.py.example +++ b/config.py.example @@ -6,3 +6,4 @@ MAXBUFLEN = 10000 MAXSUBSCRIPTIONS = 3 REALNAME = "http://moo.com/" MAXLINELEN = 600 +AUTHGATEDOMAIN = "webchat_test" diff --git a/js/ui/genericlogin.js b/js/ui/genericlogin.js index 1cf4756..1693fa3 100644 --- a/js/ui/genericlogin.js +++ b/js/ui/genericlogin.js @@ -51,18 +51,23 @@ qwebirc.ui.ConfirmBox = function(parentElement, callback, initialNickname, initi var td = new Element("td"); tr.appendChild(td); - var form = new Element("form"); - td.appendChild(form); - var yes = new Element("input", {"type": "submit", "value": "Connect"}); - form.appendChild(yes); + td.appendChild(yes); yes.focus(); - - form.addEvent("submit", function(e) { - new Event(e).stop(); + yes.addEvent("click", function(e) { parentElement.removeChild(box); callback({"nickname": initialNickname, "autojoin": initialChannels}); }); + + var user = Cookie.read("user") + if(!$defined(user)) { + var auth = new Element("input", {"type": "submit", "value": "Log in"}); + td.appendChild(auth); + auth.addEvent("click", function(e) { + var cookie = Cookie.write("redirect", document.location); + document.location = "./auth/"; + }); + } } qwebirc.ui.LoginBox = function(parentElement, callback, initialNickname, initialChannels) { diff --git a/qwebirc/ajaxengine.py b/qwebirc/ajaxengine.py index 0da0f38..0aae808 100644 --- a/qwebirc/ajaxengine.py +++ b/qwebirc/ajaxengine.py @@ -1,8 +1,8 @@ from twisted.web import resource, server, static from twisted.names import client from twisted.internet import reactor -import traceback -import simplejson, md5, sys, os, ircclient, time, config, weakref +from authgateengine import login_optional +import simplejson, md5, sys, os, ircclient, time, config, weakref, traceback Sessions = {} @@ -148,9 +148,15 @@ class AJAXEngine(resource.Resource): # return self.render_POST(request) def newConnection(self, request): + ticket = login_optional(request) + _, ip, port = request.transport.getPeer() - nick, ident = request.args.get("nick"), "webchat" + nick, ident, realname = request.args.get("nick"), "webchat", config.REALNAME + + if not ticket is None: + realname = "%s (%s:%d:%s)" % (realname, ticket.username, ticket.id, ticket.authflags) + if not nick: raise AJAXException("Nickname not supplied") @@ -165,7 +171,7 @@ class AJAXEngine(resource.Resource): session = IRCSession(id) - client = ircclient.createIRC(session, nick=nick, ident=ident, ip=ip, realname=config.REALNAME) + client = ircclient.createIRC(session, nick=nick, ident=ident, ip=ip, realname=realname) session.client = client Sessions[id] = session diff --git a/qwebirc/authgateengine.py b/qwebirc/authgateengine.py new file mode 100644 index 0000000..f412064 --- /dev/null +++ b/qwebirc/authgateengine.py @@ -0,0 +1,46 @@ +from authgate import twisted as authgate +from twisted.web import resource, server, static +import config, urlparse, urllib + +class AuthgateEngine(resource.Resource): + isLeaf = True + + def __init__(self, prefix): + self.__prefix = prefix + + def deleteCookie(self, request, key): + request.addCookie(key, "", path="/", expires="Sat, 29 Jun 1996 01:44:48 GMT") + + def render_GET(self, request): + if request.args.get("logout"): + self.deleteCookie(request, "user") + + a = authgate(request, config.AUTHGATEDOMAIN) + try: + ticket = a.login_required(accepting=lambda x: True) + except a.redirect_exception, e: + pass + else: + # only used for informational purposes, the backend stores this seperately + # so if the user changes it just their front end will be messed up! + request.addCookie("user", ticket.username, path="/") + + location = request.getCookie("redirect") + if location is None: + location = "/" + else: + self.deleteCookie(request, "redirect") + _, _, path, params, query, _ = urlparse.urlparse(urllib.unquote(location)) + location = urlparse.urlunparse(("", "", path, params, query, "")) + + request.redirect(location) + request.finish() + + return server.NOT_DONE_YET + +def getSessionData(request): + return authgate.get_session_data(request) + +def login_optional(request): + return authgate(request, config.AUTHGATEDOMAIN).login_optional() + \ No newline at end of file diff --git a/qwebirc/root.py b/qwebirc/root.py index 41502a3..78bd718 100644 --- a/qwebirc/root.py +++ b/qwebirc/root.py @@ -1,4 +1,5 @@ from ajaxengine import AJAXEngine +from authgateengine import AuthgateEngine import mimetypes from twisted.web import resource, server, static @@ -15,6 +16,7 @@ class RootSite(server.Site): root.primaryChild = static.File(path) root.putChild("e", AJAXEngine("/e")) + root.putChild("auth", AuthgateEngine("/auth")) mimetypes.types_map[".ico"] = "image/vnd.microsoft.icon"