Mercurial > libervia-backend
annotate src/stdui/ui_profile_manager.py @ 1034:5197600a1e13
quick_app, primitivus: update the connection mechanism to ask for non empty profile passwords
author | souliane <souliane@mailoo.org> |
---|---|
date | Wed, 07 May 2014 16:11:32 +0200 |
parents | b262ae6d53af |
children | 066308706dc6 |
rev | line source |
---|---|
1032
b262ae6d53af
stdui: add ui_profile_manager to interact with frontends when profile authentication is needed
souliane <souliane@mailoo.org>
parents:
diff
changeset
|
1 #!/usr/bin/python |
b262ae6d53af
stdui: add ui_profile_manager to interact with frontends when profile authentication is needed
souliane <souliane@mailoo.org>
parents:
diff
changeset
|
2 # -*- coding: utf-8 -*- |
b262ae6d53af
stdui: add ui_profile_manager to interact with frontends when profile authentication is needed
souliane <souliane@mailoo.org>
parents:
diff
changeset
|
3 |
b262ae6d53af
stdui: add ui_profile_manager to interact with frontends when profile authentication is needed
souliane <souliane@mailoo.org>
parents:
diff
changeset
|
4 # SAT standard user interface for managing contacts |
b262ae6d53af
stdui: add ui_profile_manager to interact with frontends when profile authentication is needed
souliane <souliane@mailoo.org>
parents:
diff
changeset
|
5 # Copyright (C) 2009, 2010, 2011, 2012, 2013, 2014 Jérôme Poisson (goffi@goffi.org) |
b262ae6d53af
stdui: add ui_profile_manager to interact with frontends when profile authentication is needed
souliane <souliane@mailoo.org>
parents:
diff
changeset
|
6 # Copyright (C) 2013, 2014 Adrien Cossa (souliane@mailoo.org) |
b262ae6d53af
stdui: add ui_profile_manager to interact with frontends when profile authentication is needed
souliane <souliane@mailoo.org>
parents:
diff
changeset
|
7 |
b262ae6d53af
stdui: add ui_profile_manager to interact with frontends when profile authentication is needed
souliane <souliane@mailoo.org>
parents:
diff
changeset
|
8 # This program is free software: you can redistribute it and/or modify |
b262ae6d53af
stdui: add ui_profile_manager to interact with frontends when profile authentication is needed
souliane <souliane@mailoo.org>
parents:
diff
changeset
|
9 # it under the terms of the GNU Affero General Public License as published by |
b262ae6d53af
stdui: add ui_profile_manager to interact with frontends when profile authentication is needed
souliane <souliane@mailoo.org>
parents:
diff
changeset
|
10 # the Free Software Foundation, either version 3 of the License, or |
b262ae6d53af
stdui: add ui_profile_manager to interact with frontends when profile authentication is needed
souliane <souliane@mailoo.org>
parents:
diff
changeset
|
11 # (at your option) any later version. |
b262ae6d53af
stdui: add ui_profile_manager to interact with frontends when profile authentication is needed
souliane <souliane@mailoo.org>
parents:
diff
changeset
|
12 |
b262ae6d53af
stdui: add ui_profile_manager to interact with frontends when profile authentication is needed
souliane <souliane@mailoo.org>
parents:
diff
changeset
|
13 # This program is distributed in the hope that it will be useful, |
b262ae6d53af
stdui: add ui_profile_manager to interact with frontends when profile authentication is needed
souliane <souliane@mailoo.org>
parents:
diff
changeset
|
14 # but WITHOUT ANY WARRANTY; without even the implied warranty of |
b262ae6d53af
stdui: add ui_profile_manager to interact with frontends when profile authentication is needed
souliane <souliane@mailoo.org>
parents:
diff
changeset
|
15 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
b262ae6d53af
stdui: add ui_profile_manager to interact with frontends when profile authentication is needed
souliane <souliane@mailoo.org>
parents:
diff
changeset
|
16 # GNU Affero General Public License for more details. |
b262ae6d53af
stdui: add ui_profile_manager to interact with frontends when profile authentication is needed
souliane <souliane@mailoo.org>
parents:
diff
changeset
|
17 |
b262ae6d53af
stdui: add ui_profile_manager to interact with frontends when profile authentication is needed
souliane <souliane@mailoo.org>
parents:
diff
changeset
|
18 # You should have received a copy of the GNU Affero General Public License |
b262ae6d53af
stdui: add ui_profile_manager to interact with frontends when profile authentication is needed
souliane <souliane@mailoo.org>
parents:
diff
changeset
|
19 # along with this program. If not, see <http://www.gnu.org/licenses/>. |
b262ae6d53af
stdui: add ui_profile_manager to interact with frontends when profile authentication is needed
souliane <souliane@mailoo.org>
parents:
diff
changeset
|
20 |
b262ae6d53af
stdui: add ui_profile_manager to interact with frontends when profile authentication is needed
souliane <souliane@mailoo.org>
parents:
diff
changeset
|
21 from sat.core.i18n import _, D_ |
b262ae6d53af
stdui: add ui_profile_manager to interact with frontends when profile authentication is needed
souliane <souliane@mailoo.org>
parents:
diff
changeset
|
22 from sat.core.constants import Const as C |
b262ae6d53af
stdui: add ui_profile_manager to interact with frontends when profile authentication is needed
souliane <souliane@mailoo.org>
parents:
diff
changeset
|
23 from sat.tools import xml_tools |
b262ae6d53af
stdui: add ui_profile_manager to interact with frontends when profile authentication is needed
souliane <souliane@mailoo.org>
parents:
diff
changeset
|
24 from sat.memory.crypto import PasswordHasher |
b262ae6d53af
stdui: add ui_profile_manager to interact with frontends when profile authentication is needed
souliane <souliane@mailoo.org>
parents:
diff
changeset
|
25 from twisted.internet import defer |
b262ae6d53af
stdui: add ui_profile_manager to interact with frontends when profile authentication is needed
souliane <souliane@mailoo.org>
parents:
diff
changeset
|
26 |
b262ae6d53af
stdui: add ui_profile_manager to interact with frontends when profile authentication is needed
souliane <souliane@mailoo.org>
parents:
diff
changeset
|
27 |
b262ae6d53af
stdui: add ui_profile_manager to interact with frontends when profile authentication is needed
souliane <souliane@mailoo.org>
parents:
diff
changeset
|
28 class ProfileManager(object): |
b262ae6d53af
stdui: add ui_profile_manager to interact with frontends when profile authentication is needed
souliane <souliane@mailoo.org>
parents:
diff
changeset
|
29 """Manage profiles.""" |
b262ae6d53af
stdui: add ui_profile_manager to interact with frontends when profile authentication is needed
souliane <souliane@mailoo.org>
parents:
diff
changeset
|
30 |
b262ae6d53af
stdui: add ui_profile_manager to interact with frontends when profile authentication is needed
souliane <souliane@mailoo.org>
parents:
diff
changeset
|
31 def __init__(self, host): |
b262ae6d53af
stdui: add ui_profile_manager to interact with frontends when profile authentication is needed
souliane <souliane@mailoo.org>
parents:
diff
changeset
|
32 self.host = host |
b262ae6d53af
stdui: add ui_profile_manager to interact with frontends when profile authentication is needed
souliane <souliane@mailoo.org>
parents:
diff
changeset
|
33 self.profile_ciphers = {} |
b262ae6d53af
stdui: add ui_profile_manager to interact with frontends when profile authentication is needed
souliane <souliane@mailoo.org>
parents:
diff
changeset
|
34 host.registerCallback(self._authenticateProfile, force_id=C.AUTHENTICATE_PROFILE_ID, with_data=True) |
b262ae6d53af
stdui: add ui_profile_manager to interact with frontends when profile authentication is needed
souliane <souliane@mailoo.org>
parents:
diff
changeset
|
35 |
b262ae6d53af
stdui: add ui_profile_manager to interact with frontends when profile authentication is needed
souliane <souliane@mailoo.org>
parents:
diff
changeset
|
36 def _authenticateProfile(self, data, profile): |
b262ae6d53af
stdui: add ui_profile_manager to interact with frontends when profile authentication is needed
souliane <souliane@mailoo.org>
parents:
diff
changeset
|
37 """Get the data/dialog for connecting a profile |
b262ae6d53af
stdui: add ui_profile_manager to interact with frontends when profile authentication is needed
souliane <souliane@mailoo.org>
parents:
diff
changeset
|
38 |
b262ae6d53af
stdui: add ui_profile_manager to interact with frontends when profile authentication is needed
souliane <souliane@mailoo.org>
parents:
diff
changeset
|
39 @param data (dict) |
b262ae6d53af
stdui: add ui_profile_manager to interact with frontends when profile authentication is needed
souliane <souliane@mailoo.org>
parents:
diff
changeset
|
40 @param profile: %(doc_profile)s |
b262ae6d53af
stdui: add ui_profile_manager to interact with frontends when profile authentication is needed
souliane <souliane@mailoo.org>
parents:
diff
changeset
|
41 @return: deferred dict |
b262ae6d53af
stdui: add ui_profile_manager to interact with frontends when profile authentication is needed
souliane <souliane@mailoo.org>
parents:
diff
changeset
|
42 """ |
b262ae6d53af
stdui: add ui_profile_manager to interact with frontends when profile authentication is needed
souliane <souliane@mailoo.org>
parents:
diff
changeset
|
43 def gotProfileCipher(profile_cipher): |
b262ae6d53af
stdui: add ui_profile_manager to interact with frontends when profile authentication is needed
souliane <souliane@mailoo.org>
parents:
diff
changeset
|
44 if self.host.memory.auth_sessions.profileGetUnique(profile): |
b262ae6d53af
stdui: add ui_profile_manager to interact with frontends when profile authentication is needed
souliane <souliane@mailoo.org>
parents:
diff
changeset
|
45 # case 1: profile already authenticated |
b262ae6d53af
stdui: add ui_profile_manager to interact with frontends when profile authentication is needed
souliane <souliane@mailoo.org>
parents:
diff
changeset
|
46 return {'authenticated_profile': profile, 'caller': data['caller']} |
b262ae6d53af
stdui: add ui_profile_manager to interact with frontends when profile authentication is needed
souliane <souliane@mailoo.org>
parents:
diff
changeset
|
47 self.profile_ciphers[profile] = profile_cipher |
b262ae6d53af
stdui: add ui_profile_manager to interact with frontends when profile authentication is needed
souliane <souliane@mailoo.org>
parents:
diff
changeset
|
48 if 'profile_password' in data: |
b262ae6d53af
stdui: add ui_profile_manager to interact with frontends when profile authentication is needed
souliane <souliane@mailoo.org>
parents:
diff
changeset
|
49 # case 2: password is provided by the caller |
b262ae6d53af
stdui: add ui_profile_manager to interact with frontends when profile authentication is needed
souliane <souliane@mailoo.org>
parents:
diff
changeset
|
50 return self._verifyPassword(data, profile) |
b262ae6d53af
stdui: add ui_profile_manager to interact with frontends when profile authentication is needed
souliane <souliane@mailoo.org>
parents:
diff
changeset
|
51 |
b262ae6d53af
stdui: add ui_profile_manager to interact with frontends when profile authentication is needed
souliane <souliane@mailoo.org>
parents:
diff
changeset
|
52 def check_empty_password(empty_password_result): |
b262ae6d53af
stdui: add ui_profile_manager to interact with frontends when profile authentication is needed
souliane <souliane@mailoo.org>
parents:
diff
changeset
|
53 if 'authenticated_profile' in empty_password_result: |
b262ae6d53af
stdui: add ui_profile_manager to interact with frontends when profile authentication is needed
souliane <souliane@mailoo.org>
parents:
diff
changeset
|
54 # case 3: there's no password for this profile |
b262ae6d53af
stdui: add ui_profile_manager to interact with frontends when profile authentication is needed
souliane <souliane@mailoo.org>
parents:
diff
changeset
|
55 return empty_password_result |
b262ae6d53af
stdui: add ui_profile_manager to interact with frontends when profile authentication is needed
souliane <souliane@mailoo.org>
parents:
diff
changeset
|
56 |
b262ae6d53af
stdui: add ui_profile_manager to interact with frontends when profile authentication is needed
souliane <souliane@mailoo.org>
parents:
diff
changeset
|
57 # case 4: prompt the user for a password |
b262ae6d53af
stdui: add ui_profile_manager to interact with frontends when profile authentication is needed
souliane <souliane@mailoo.org>
parents:
diff
changeset
|
58 def xmlui_cb(data_, profile): |
b262ae6d53af
stdui: add ui_profile_manager to interact with frontends when profile authentication is needed
souliane <souliane@mailoo.org>
parents:
diff
changeset
|
59 data_['caller'] = data['caller'] |
b262ae6d53af
stdui: add ui_profile_manager to interact with frontends when profile authentication is needed
souliane <souliane@mailoo.org>
parents:
diff
changeset
|
60 return self._verifyPassword(data_, profile) |
b262ae6d53af
stdui: add ui_profile_manager to interact with frontends when profile authentication is needed
souliane <souliane@mailoo.org>
parents:
diff
changeset
|
61 |
b262ae6d53af
stdui: add ui_profile_manager to interact with frontends when profile authentication is needed
souliane <souliane@mailoo.org>
parents:
diff
changeset
|
62 callback_id = self.host.registerCallback(xmlui_cb, with_data=True, one_shot=True) |
b262ae6d53af
stdui: add ui_profile_manager to interact with frontends when profile authentication is needed
souliane <souliane@mailoo.org>
parents:
diff
changeset
|
63 form_ui = xml_tools.XMLUI("form", title=D_('Profile password for %s') % profile, submit_id=callback_id) |
b262ae6d53af
stdui: add ui_profile_manager to interact with frontends when profile authentication is needed
souliane <souliane@mailoo.org>
parents:
diff
changeset
|
64 form_ui.addPassword('profile_password', value='') |
b262ae6d53af
stdui: add ui_profile_manager to interact with frontends when profile authentication is needed
souliane <souliane@mailoo.org>
parents:
diff
changeset
|
65 return {'xmlui': form_ui.toXml()} |
b262ae6d53af
stdui: add ui_profile_manager to interact with frontends when profile authentication is needed
souliane <souliane@mailoo.org>
parents:
diff
changeset
|
66 |
b262ae6d53af
stdui: add ui_profile_manager to interact with frontends when profile authentication is needed
souliane <souliane@mailoo.org>
parents:
diff
changeset
|
67 check_empty_data = {'profile_password': '', 'caller': data['caller']} |
b262ae6d53af
stdui: add ui_profile_manager to interact with frontends when profile authentication is needed
souliane <souliane@mailoo.org>
parents:
diff
changeset
|
68 d = self._verifyPassword(check_empty_data, profile) |
b262ae6d53af
stdui: add ui_profile_manager to interact with frontends when profile authentication is needed
souliane <souliane@mailoo.org>
parents:
diff
changeset
|
69 return d.addCallback(check_empty_password) |
b262ae6d53af
stdui: add ui_profile_manager to interact with frontends when profile authentication is needed
souliane <souliane@mailoo.org>
parents:
diff
changeset
|
70 |
b262ae6d53af
stdui: add ui_profile_manager to interact with frontends when profile authentication is needed
souliane <souliane@mailoo.org>
parents:
diff
changeset
|
71 assert(data['caller']) |
b262ae6d53af
stdui: add ui_profile_manager to interact with frontends when profile authentication is needed
souliane <souliane@mailoo.org>
parents:
diff
changeset
|
72 d = self.host.memory.asyncGetStringParamA(C.PROFILE_PASS_PATH[1], C.PROFILE_PASS_PATH[0], profile_key=profile) |
b262ae6d53af
stdui: add ui_profile_manager to interact with frontends when profile authentication is needed
souliane <souliane@mailoo.org>
parents:
diff
changeset
|
73 d.addCallback(gotProfileCipher) |
b262ae6d53af
stdui: add ui_profile_manager to interact with frontends when profile authentication is needed
souliane <souliane@mailoo.org>
parents:
diff
changeset
|
74 d.addErrback(self.getParamError) |
b262ae6d53af
stdui: add ui_profile_manager to interact with frontends when profile authentication is needed
souliane <souliane@mailoo.org>
parents:
diff
changeset
|
75 return d |
b262ae6d53af
stdui: add ui_profile_manager to interact with frontends when profile authentication is needed
souliane <souliane@mailoo.org>
parents:
diff
changeset
|
76 |
b262ae6d53af
stdui: add ui_profile_manager to interact with frontends when profile authentication is needed
souliane <souliane@mailoo.org>
parents:
diff
changeset
|
77 def getParamError(self): |
b262ae6d53af
stdui: add ui_profile_manager to interact with frontends when profile authentication is needed
souliane <souliane@mailoo.org>
parents:
diff
changeset
|
78 _dialog = xml_tools.XMLUI('popup', title=D_('Error')) |
b262ae6d53af
stdui: add ui_profile_manager to interact with frontends when profile authentication is needed
souliane <souliane@mailoo.org>
parents:
diff
changeset
|
79 _dialog.addText(_("Can't get profile parameter.")) |
b262ae6d53af
stdui: add ui_profile_manager to interact with frontends when profile authentication is needed
souliane <souliane@mailoo.org>
parents:
diff
changeset
|
80 return {'xmlui': _dialog.toXml()} |
b262ae6d53af
stdui: add ui_profile_manager to interact with frontends when profile authentication is needed
souliane <souliane@mailoo.org>
parents:
diff
changeset
|
81 |
b262ae6d53af
stdui: add ui_profile_manager to interact with frontends when profile authentication is needed
souliane <souliane@mailoo.org>
parents:
diff
changeset
|
82 @defer.inlineCallbacks |
b262ae6d53af
stdui: add ui_profile_manager to interact with frontends when profile authentication is needed
souliane <souliane@mailoo.org>
parents:
diff
changeset
|
83 def _verifyPassword(self, data, profile): |
b262ae6d53af
stdui: add ui_profile_manager to interact with frontends when profile authentication is needed
souliane <souliane@mailoo.org>
parents:
diff
changeset
|
84 """Verify the given password |
b262ae6d53af
stdui: add ui_profile_manager to interact with frontends when profile authentication is needed
souliane <souliane@mailoo.org>
parents:
diff
changeset
|
85 |
b262ae6d53af
stdui: add ui_profile_manager to interact with frontends when profile authentication is needed
souliane <souliane@mailoo.org>
parents:
diff
changeset
|
86 @param data (dict) |
b262ae6d53af
stdui: add ui_profile_manager to interact with frontends when profile authentication is needed
souliane <souliane@mailoo.org>
parents:
diff
changeset
|
87 @param profile: %(doc_profile)s |
b262ae6d53af
stdui: add ui_profile_manager to interact with frontends when profile authentication is needed
souliane <souliane@mailoo.org>
parents:
diff
changeset
|
88 @return: deferred dict |
b262ae6d53af
stdui: add ui_profile_manager to interact with frontends when profile authentication is needed
souliane <souliane@mailoo.org>
parents:
diff
changeset
|
89 """ |
b262ae6d53af
stdui: add ui_profile_manager to interact with frontends when profile authentication is needed
souliane <souliane@mailoo.org>
parents:
diff
changeset
|
90 assert(profile in self.profile_ciphers) |
b262ae6d53af
stdui: add ui_profile_manager to interact with frontends when profile authentication is needed
souliane <souliane@mailoo.org>
parents:
diff
changeset
|
91 assert(data['caller']) |
b262ae6d53af
stdui: add ui_profile_manager to interact with frontends when profile authentication is needed
souliane <souliane@mailoo.org>
parents:
diff
changeset
|
92 |
b262ae6d53af
stdui: add ui_profile_manager to interact with frontends when profile authentication is needed
souliane <souliane@mailoo.org>
parents:
diff
changeset
|
93 try: |
b262ae6d53af
stdui: add ui_profile_manager to interact with frontends when profile authentication is needed
souliane <souliane@mailoo.org>
parents:
diff
changeset
|
94 profile_password = data[xml_tools.formEscape('profile_password')] |
b262ae6d53af
stdui: add ui_profile_manager to interact with frontends when profile authentication is needed
souliane <souliane@mailoo.org>
parents:
diff
changeset
|
95 except KeyError: |
b262ae6d53af
stdui: add ui_profile_manager to interact with frontends when profile authentication is needed
souliane <souliane@mailoo.org>
parents:
diff
changeset
|
96 profile_password = data['profile_password'] # not received from a user input |
b262ae6d53af
stdui: add ui_profile_manager to interact with frontends when profile authentication is needed
souliane <souliane@mailoo.org>
parents:
diff
changeset
|
97 verified = yield PasswordHasher.verify(profile_password, self.profile_ciphers[profile]) |
b262ae6d53af
stdui: add ui_profile_manager to interact with frontends when profile authentication is needed
souliane <souliane@mailoo.org>
parents:
diff
changeset
|
98 if not verified: |
b262ae6d53af
stdui: add ui_profile_manager to interact with frontends when profile authentication is needed
souliane <souliane@mailoo.org>
parents:
diff
changeset
|
99 _dialog = xml_tools.XMLUI('popup', title=D_('Error')) |
b262ae6d53af
stdui: add ui_profile_manager to interact with frontends when profile authentication is needed
souliane <souliane@mailoo.org>
parents:
diff
changeset
|
100 _dialog.addText(_("The provided profile password doesn't match.")) |
b262ae6d53af
stdui: add ui_profile_manager to interact with frontends when profile authentication is needed
souliane <souliane@mailoo.org>
parents:
diff
changeset
|
101 defer.returnValue({'xmlui': _dialog.toXml()}) |
b262ae6d53af
stdui: add ui_profile_manager to interact with frontends when profile authentication is needed
souliane <souliane@mailoo.org>
parents:
diff
changeset
|
102 |
b262ae6d53af
stdui: add ui_profile_manager to interact with frontends when profile authentication is needed
souliane <souliane@mailoo.org>
parents:
diff
changeset
|
103 yield self.host.memory.newAuthSession(profile_password, profile) |
b262ae6d53af
stdui: add ui_profile_manager to interact with frontends when profile authentication is needed
souliane <souliane@mailoo.org>
parents:
diff
changeset
|
104 defer.returnValue({'authenticated_profile': profile, 'caller': data['caller']}) |