libervia-backend: src/stdui/ui_profile

comparison src/stdui/ui_profile_manager.py @ 1697:52af44e745b5

core (stdui[ui_profile_manager]): refactored profile authentication: the workflow is greatly simplified by the use of the new startSession mechanisme and deferedUI

author	Goffi <goffi@goffi.org>
date	Fri, 27 Nov 2015 16:57:49 +0100
parents	05274b27e90e
children	d17772b0fe22

comparison

equal deleted inserted replaced

-:9a7a27c44611
+:52af44e745b5
 # You should have received a copy of the GNU Affero General Public License
 # along with this program.  If not, see <http://www.gnu.org/licenses/>.
 from sat.core.i18n import D_
 from sat.core.constants import Const as C
+from sat.core.log import getLogger
+log = getLogger(__name__)
+from sat.core import exceptions
 from sat.tools import xml_tools
-from sat.memory.crypto import PasswordHasher
 from sat.memory.memory import ProfileSessions
-from twisted.internet import defer
 from twisted.words.protocols.jabber import jid
 class ProfileManager(object):
 """Manage profiles."""
 self._sessions = ProfileSessions()
 host.registerCallback(self._authenticateProfile, force_id=C.AUTHENTICATE_PROFILE_ID, with_data=True)
 host.registerCallback(self._changeXMPPPassword, force_id=C.CHANGE_XMPP_PASSWD_ID, with_data=True)
 self.__new_xmpp_passwd_id = host.registerCallback(self._changeXMPPPasswordCb, with_data=True)
+def _startSessionEb(self, fail, first, profile):
+"""Errback method for startSession during profile authentication
+@param first(bool): if True, this is the first try and we have tryied empty password
+in this case we ask for a password to the user.
+@param profile(unicode, None): %(doc_profile)s
+must only be used if first is True
+"""
+if first:
+# first call, we ask for the password
+form_ui = xml_tools.XMLUI("form", title=D_('Profile password for {}').format(profile), submit_id='')
+form_ui.addPassword('profile_password', value='')
+d = xml_tools.deferredUI(self.host, form_ui, chained=True)
+d.addCallback(self._authenticateProfile, profile)
+return {'xmlui': form_ui.toXml()}
+assert profile is None
+if fail.check(exceptions.PasswordError):
+dialog = xml_tools.XMLUI('popup', title=D_('Connection error'))
+dialog.addText(D_("The provided profile password doesn't match."))
+else:
+log.error(u"Unexpected exceptions: {}".format(fail))
+dialog = xml_tools.XMLUI('popup', title=D_('Internal error'))
+dialog.addText(D_(u"Internal error: {}".format(fail)))
+return {'xmlui': dialog.toXml(), 'validated': C.BOOL_FALSE}
 def _authenticateProfile(self, data, profile):
-"""Get the data/dialog for connecting a profile
+if self.host.memory.isSessionStarted(profile):
+return {'validated': C.BOOL_TRUE}
-@param data (dict)
+try:
-@param profile: %(doc_profile)s
+password = data[xml_tools.formEscape('profile_password')]
-@return: deferred dict
+except KeyError:
-"""
+# first request, we try empty password
-def gotProfileCipher(profile_cipher):
+password = ''
-if self.host.memory.auth_sessions.profileGetUnique(profile):
+first = True
-# case 1: profile already authenticated
+eb_profile = profile
-return {'validated': C.boolConst(True)}
+else:
-self.profile_ciphers[profile] = profile_cipher
+first = False
-if 'profile_password' in data:
+eb_profile = None
-# case 2: password is provided by the caller
+d = self.host.memory.startSession(password, profile)
-return self._verifyPassword(data, profile)
+d.addCallback(lambda dummy: {'validated': C.BOOL_TRUE})
+d.addErrback(self._startSessionEb, first, eb_profile)
-def check_empty_password(verify_password_result):
-validated = C.bool(verify_password_result['validated'])
-if validated:
-# case 3: there's no password for this profile
-return verify_password_result
-# case 4: prompt the user for a password
-def xmlui_cb(data_, profile):
-return self._verifyPassword(data_, profile)
-callback_id = self.host.registerCallback(xmlui_cb, with_data=True, one_shot=True)
-form_ui = xml_tools.XMLUI("form", title=D_('Profile password for {}').format(profile), submit_id=callback_id)
-form_ui.addPassword('profile_password', value='')
-return {'xmlui': form_ui.toXml()}
-check_empty_data = {'profile_password': ''}
-d = self._verifyPassword(check_empty_data, profile)
-return d.addCallback(check_empty_password)
-d = self.host.memory.asyncGetStringParamA(C.PROFILE_PASS_PATH[1], C.PROFILE_PASS_PATH[0], profile_key=profile)
-d.addCallback(gotProfileCipher)
-d.addErrback(self.getParamError)
 return d
-def getParamError(self, failure):
-_dialog = xml_tools.XMLUI('popup', title=D_('Error'))
-_dialog.addText(D_("Can't get profile parameter."))
-return {'xmlui': _dialog.toXml(), 'validated': C.boolConst(False)}
-@defer.inlineCallbacks
-def _verifyPassword(self, data, profile):
-"""Verify the given password
-@param data (dict)
-@param profile: %(doc_profile)s
-@return: deferred dict
-"""
-assert profile in self.profile_ciphers
-try:
-profile_password = data[xml_tools.formEscape('profile_password')]
-except KeyError:
-profile_password = data['profile_password']  # not received from a user input
-verified = yield PasswordHasher.verify(profile_password, self.profile_ciphers[profile])
-if not verified:
-_dialog = xml_tools.XMLUI('popup', title=D_('Connection error'))
-_dialog.addText(D_("The provided profile password doesn't match."))
-defer.returnValue({'xmlui': _dialog.toXml(), 'validated': C.boolConst(False)})
-yield self.host.memory.newAuthSession(profile_password, profile)
-defer.returnValue({'validated': C.boolConst(True)})
 def _changeXMPPPassword(self, data, profile):
 session_data = self._sessions.profileGetUnique(profile)
 if not session_data:
 server = self.host.memory.getParamA(C.FORCE_SERVER_PARAM, "Connection", profile_key=profile)

Mercurial > libervia-backend

comparison src/stdui/ui_profile_manager.py @ 1697:52af44e745b5