incubator-allura-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From john...@apache.org
Subject [10/10] git commit: [#6701] Must call get_basic_auth_pw before req.user
Date Thu, 20 Mar 2014 18:46:58 GMT
[#6701] Must call get_basic_auth_pw before req.user

Signed-off-by: Cory Johns <cjohns@slashdotmedia.com>


Project: http://git-wip-us.apache.org/repos/asf/incubator-allura/repo
Commit: http://git-wip-us.apache.org/repos/asf/incubator-allura/commit/f970d43d
Tree: http://git-wip-us.apache.org/repos/asf/incubator-allura/tree/f970d43d
Diff: http://git-wip-us.apache.org/repos/asf/incubator-allura/diff/f970d43d

Branch: refs/heads/master
Commit: f970d43d4ad579ede476d97ea916c07d1a6d59ec
Parents: 496090a
Author: Cory Johns <cjohns@slashdotmedia.com>
Authored: Wed Mar 19 20:20:42 2014 +0000
Committer: Cory Johns <cjohns@slashdotmedia.com>
Committed: Thu Mar 20 18:45:32 2014 +0000

----------------------------------------------------------------------
 scripts/ApacheAccessHandler.py | 7 +++++--
 1 file changed, 5 insertions(+), 2 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/incubator-allura/blob/f970d43d/scripts/ApacheAccessHandler.py
----------------------------------------------------------------------
diff --git a/scripts/ApacheAccessHandler.py b/scripts/ApacheAccessHandler.py
index 6575a6f..69e1d62 100644
--- a/scripts/ApacheAccessHandler.py
+++ b/scripts/ApacheAccessHandler.py
@@ -91,10 +91,13 @@ def check_repo_path(req):
 
 
 def check_authentication(req):
+    password = req.get_basic_auth_pw()  # MUST be called before req.user
+    username = req.user
+    log(req, "checking auth for: %s" % username)
     auth_url = req.get_options().get('ALLURA_AUTH_URL', 'https://127.0.0.1/auth/do_login')
     r = requests.post(auth_url, allow_redirects=False, data={
-        'username': req.user,
-        'password': req.get_basic_auth_pw(),
+        'username': username,
+        'password': password,
         'return_to': '/login_successful'})
     return r.status_code == 302 and r.headers['location'].endswith('/login_successful')
 


Mime
View raw message