Mercurial > p > roundup > code
comparison doc/customizing.txt @ 1236:dd52bf10f934
Bug fixes.
- fixed bug in login if the username wasn't known
- handle close/rollback of already-closed sqlite database
- added example for external passwd-style user password verification
| author | Richard Jones <richard@users.sourceforge.net> |
|---|---|
| date | Fri, 27 Sep 2002 01:04:38 +0000 |
| parents | 7441653e5330 |
| children | 8dd4f736370b |
comparison
equal
deleted
inserted
replaced
| 1235:7441653e5330 | 1236:dd52bf10f934 |
|---|---|
| 1 =================== | 1 =================== |
| 2 Customising Roundup | 2 Customising Roundup |
| 3 =================== | 3 =================== |
| 4 | 4 |
| 5 :Version: $Revision: 1.49 $ | 5 :Version: $Revision: 1.50 $ |
| 6 | 6 |
| 7 .. This document borrows from the ZopeBook section on ZPT. The original is at: | 7 .. This document borrows from the ZopeBook section on ZPT. The original is at: |
| 8 http://www.zope.org/Documentation/Books/ZopeBook/current/ZPT.stx | 8 http://www.zope.org/Documentation/Books/ZopeBook/current/ZPT.stx |
| 9 | 9 |
| 10 .. contents:: | 10 .. contents:: |
| 2116 self.template = 'add_page2' | 2116 self.template = 'add_page2' |
| 2117 | 2117 |
| 2118 4. Use the usual "new" action as the :action on the final page, and you're | 2118 4. Use the usual "new" action as the :action on the final page, and you're |
| 2119 done (the standard context/submit method can do this for you). | 2119 done (the standard context/submit method can do this for you). |
| 2120 | 2120 |
| 2121 | |
| 2122 Using an external password validation source | |
| 2123 -------------------------------------------- | |
| 2124 | |
| 2125 We have a centrally-managed password changing system for our users. This | |
| 2126 results in a UN*X passwd-style file that we use for verification of users. | |
| 2127 Entries in the file consist of ``name:password`` where the password is | |
| 2128 encrypted using the standard UN*X ``crypt()`` function (see the ``crypt`` | |
| 2129 module in your Python distribution). An example entry would be:: | |
| 2130 | |
| 2131 admin:aamrgyQfDFSHw | |
| 2132 | |
| 2133 Each user of Roundup must still have their information stored in the Roundup | |
| 2134 database - we just use the passwd file to check their password. To do this, we | |
| 2135 add the following code to our ``Client`` class in the tracker home | |
| 2136 ``interfaces.py`` module:: | |
| 2137 | |
| 2138 def verifyPassword(self, userid, password): | |
| 2139 # get the user's username | |
| 2140 username = self.db.user.get(userid, 'username') | |
| 2141 | |
| 2142 # the passwords are stored in the "passwd.txt" file in the tracker | |
| 2143 # home | |
| 2144 file = os.path.join(self.db.config.TRACKER_HOME, 'passwd.txt') | |
| 2145 | |
| 2146 # see if we can find a match | |
| 2147 for ent in [line.strip().split(':') for line in open(file).readlines()]: | |
| 2148 if ent[0] == username: | |
| 2149 return crypt.crypt(password, ent[1][:2]) == ent[1] | |
| 2150 | |
| 2151 # user doesn't exist in the file | |
| 2152 return 0 | |
| 2153 | |
| 2154 What this does is look through the file, line by line, looking for a name that | |
| 2155 matches. | |
| 2156 | |
| 2157 We also remove the redundant password fields from the ``user.item`` template. | |
| 2158 | |
| 2159 | |
| 2121 ------------------- | 2160 ------------------- |
| 2122 | 2161 |
| 2123 Back to `Table of Contents`_ | 2162 Back to `Table of Contents`_ |
| 2124 | 2163 |
| 2125 .. _`Table of Contents`: index.html | 2164 .. _`Table of Contents`: index.html |