mirror of
https://github.com/xcat2/confluent.git
synced 2024-11-26 19:40:12 +00:00
Extend HTTP token to work correctly with PAM authentication
This commit is contained in:
parent
c70f365cd2
commit
12f939a533
@ -113,10 +113,10 @@ def authorize(name, element, tenant=False, operation='create',
|
||||
return None
|
||||
manager = configmanager.ConfigManager(tenant)
|
||||
if skipuserobj:
|
||||
return None, manager, user, tenant
|
||||
return None, manager, user, tenant, skipuserobj
|
||||
userobj = manager.get_user(user)
|
||||
if userobj: # returning
|
||||
return userobj, manager, user, tenant
|
||||
return userobj, manager, user, tenant, skipuserobj
|
||||
return None
|
||||
|
||||
|
||||
|
@ -160,7 +160,9 @@ def _authorize_request(env, operation):
|
||||
if sessionid in httpsessions:
|
||||
httpsessions[sessionid]['expiry'] = time.time() + 90
|
||||
name = httpsessions[sessionid]['name']
|
||||
authdata = auth.authorize(name, element=None)
|
||||
authdata = auth.authorize(
|
||||
name, element=None,
|
||||
skipuserobj=httpsessions[sessionid]['skipuserobject'])
|
||||
if (not authdata) and 'HTTP_AUTHORIZATION' in env:
|
||||
name, passphrase = base64.b64decode(
|
||||
env['HTTP_AUTHORIZATION'].replace('Basic ', '')).split(':', 1)
|
||||
@ -168,7 +170,8 @@ def _authorize_request(env, operation):
|
||||
sessid = util.randomstring(32)
|
||||
while sessid in httpsessions:
|
||||
sessid = util.randomstring(32)
|
||||
httpsessions[sessid] = {'name': name, 'expiry': time.time() + 90}
|
||||
httpsessions[sessid] = {'name': name, 'expiry': time.time() + 90,
|
||||
'skipuserobject': authdata[4]}
|
||||
cookie['confluentsessionid'] = sessid
|
||||
cookie['confluentsessionid']['secure'] = 1
|
||||
cookie['confluentsessionid']['httponly'] = 1
|
||||
|
Loading…
Reference in New Issue
Block a user