Commits

Empanado committed 3079525 Merge

Merge

  • Participants
  • Parent commits c89a81f, efca741

Comments (0)

Files changed (4)

flaskext/auth/__init__.py

     :license: BSD, see LICENSE for more details.
 """
 
-from flaskext.auth.auth import Auth, AuthUser, login, logout, get_current_user,\
-        login_required, encrypt
+from flaskext.auth.auth import Auth, AuthUser, login, logout, \
+        get_current_user_data, login_required, encrypt
 from flaskext.auth.permissions import has_permission, permission_required, \
         Role, Permission

flaskext/auth/auth.py

 
     role = None
 
-    def __init__(self, username, password=None, salt=None, role=None):
+    def __init__(self, username=None, password=None, salt=None, role=None):
         self.username = username
         # Storing password unmodified. Encryption of the password should 
         # happen explicitly.
             return True
         return False
 
-    def __eq__(self, other):
-        return hasattr(other, 'username') and self.username == other.username
+    @classmethod
+    def load_from_user_data(cls, user_data):
+        user = cls()
+        user.__dict__ = user_data
+        return user
 
     def is_logged_in(self):
-        return get_current_user() == self
+        user_data = get_current_user_data()
+        return user_data is not None and user_data.get('username') == self.username
 
 def encrypt(password, salt=None, hash_algorithm=None):
     """Encrypts a password based on the hashing algorithm."""
     Logs the user in. Note that NO AUTHENTICATION is done by this function. If
     you want to authenticate a user, use the AuthUser.authenticate() method.
     """
-    session[SESSION_USER_KEY] = user
+    session[SESSION_USER_KEY] = user.__dict__
     session[SESSION_LOGIN_KEY] = datetime.datetime.utcnow()
 
 def logout():
-    """Logs the currently logged in user out and returns the user (if any)."""
+    """Logs the currently logged in user out and returns the user data."""
     session.pop(SESSION_LOGIN_KEY, None)
     return session.pop(SESSION_USER_KEY, None)
     
-def get_current_user(apply_timeout=True):
+def get_current_user_data(apply_timeout=True):
+    """ 
+    Returns the data of the current user (user.__dict__) if there is a
+    current user and he didn't time out yet. If timeout should be ignored,
+    provide apply_timeout=False.  
     """
-    Returns the current user if there is one and he didn't time out yet. If
-    timeout should be ignored, provide apply_timeout=False.
-    """
-    user = session.get(SESSION_USER_KEY, None)
-    if user is None:
-        return None
+    user_data = session.get(SESSION_USER_KEY, None)
+    if user_data is None:
+        return None 
     if not apply_timeout:
-        return user
+        return user_data
     login_datetime = session[SESSION_LOGIN_KEY]
     now = datetime.datetime.utcnow()
     user_timeout = current_app.auth.user_timeout
        datetime.timedelta(seconds=user_timeout):
         logout()
         return None
-    return user
+    return user_data
 
 def _not_logged_in(callback, *args, **kwargs):
     if callback is None:
     """
     def wrap(func):
         def decorator(*args, **kwargs):
-            if get_current_user() is None:
+            if get_current_user_data() is None:
                 return _not_logged_in(callback, *args, **kwargs)
             return func(*args, **kwargs)
         return decorator

flaskext/auth/models/sa.py

 from sqlalchemy import Column, Integer, String, DateTime
 from flaskext.auth import AuthUser
 
-class User(object):
-    pass
-
 def get_user_class(declarative_base):
     """
     Factory function to create the SQLAlchemy model. It can either be called
         password = Column(String(120), nullable=False)
         salt = Column(String(80))
         role = Column(String(80))
-        created = Column(DateTime, default=datetime.datetime.utcnow)
-        modified = Column(DateTime)
+        created = Column(DateTime(), default=datetime.datetime.utcnow)
+        modified = Column(DateTime())
 
         def __init__(self, *args, **kwargs):
             super(User, self).__init__(*args, **kwargs)
                 # Initialize and encrypt password before first save.
                 self.set_and_encrypt_password(password)
 
-            def __getstate__(self):
-                global User
-                User = self.__class__
-                return (self.__dict__, declarative_base)
-
-            def __setstate__(self, state):
-                self.__class__ = get_user_class(state[1])
-                self.__dict__.update(state[0])
-
     return User

flaskext/auth/permissions.py

 """
 
 from flask import current_app
-from flaskext.auth.auth import get_current_user, _not_logged_in
+from flaskext.auth.auth import AuthUser, get_current_user_data, _not_logged_in
 user_permissions = dict()
 
 def has_permission(user, resource, action):
     """
     def wrap(func):
         def decorator(*args, **kwargs):
-            if get_current_user() is None:
+            if get_current_user_data() is None:
                 return _not_logged_in(callback, *args, **kwargs)
-            if not has_permission(get_current_user(), resource, action):
+            if not has_permission(AuthUser.load_from_user_data(
+                    get_current_user_data()), resource, action):
                 if callback is None:
                     return current_app.auth.not_permitted_callback(*args, **kwargs)
                 else: