diff --git a/README.md b/README.md index 122d1f7..2ffbd9a 100644 --- a/README.md +++ b/README.md @@ -1,6 +1,6 @@ # Introduction -This is the main part of the code of the semantic +This project contains extension packages for the web application platform *loops*, based on Zope 3 / bluebream. diff --git a/cco/member/auth.py b/cco/member/auth.py index f2a2b2c..965fddf 100644 --- a/cco/member/auth.py +++ b/cco/member/auth.py @@ -1,35 +1,17 @@ -# -# Copyright (c) 2023 Helmut Merz helmutm@cy55.de -# -# This program is free software; you can redistribute it and/or modify -# it under the terms of the GNU General Public License as published by -# the Free Software Foundation; either version 2 of the License, or -# (at your option) any later version. -# -# This program is distributed in the hope that it will be useful, -# but WITHOUT ANY WARRANTY; without even the implied warranty of -# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -# GNU General Public License for more details. -# -# You should have received a copy of the GNU General Public License -# along with this program; if not, write to the Free Software -# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA -# +# cco.member.auth -""" -Specialized authentication components. +""" Specialized authentication components. """ import hashlib import logging import random from datetime import datetime, timedelta -from email.MIMEText import MIMEText -from urllib import urlencode +from email.mime.text import MIMEText +from urllib.parse import urlencode import requests -from zope.app.component import hooks -from zope.interface import Interface, implements +from zope.component import hooks from zope import component from zope.pluggableauth.interfaces import IAuthenticatedPrincipalFactory from zope.pluggableauth.plugins.session import SessionCredentialsPlugin \ @@ -88,14 +70,13 @@ class TwoFactorSessionCredentials(SessionCredentials): self.password = password self.tan = random.randint(100000, 999999) self.timestamp = datetime.now() - rng = range(len(str(self.tan))) + rng = list(range(len(str(self.tan)))) t1 = random.choice(rng) rng.remove(t1) t2 = random.choice(rng) self.tanA, self.tanB = sorted((t1, t2)) - self.hash = (hashlib. - sha224("%s:%s:%s" % (login, password, self.tan)). - hexdigest()) + credstr = '%s:%s:%s' % (login, password, self.tan) + self.hash = hashlib.sha224(credstr.encode('UTF-8')).hexdigest() self.validated = False @@ -233,7 +214,7 @@ class SessionCredentialsPlugin(BaseSessionCredentialsPlugin): credentials = sessionData.get('credentials') if not credentials: msg = 'Missing credentials' - return log.warn(msg) + return log.warning(msg) log.info("Processing phase 2, TAN: %s. " % credentials.tan) if credentials.hash != hash: msg = 'Illegal hash.' diff --git a/cco/member/browser.py b/cco/member/browser.py index 98643b3..e4a79ee 100644 --- a/cco/member/browser.py +++ b/cco/member/browser.py @@ -1,23 +1,6 @@ -# -# Copyright (c) 2016 Helmut Merz helmutm@cy55.de -# -# This program is free software; you can redistribute it and/or modify -# it under the terms of the GNU General Public License as published by -# the Free Software Foundation; either version 2 of the License, or -# (at your option) any later version. -# -# This program is distributed in the hope that it will be useful, -# but WITHOUT ANY WARRANTY; without even the implied warranty of -# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -# GNU General Public License for more details. -# -# You should have received a copy of the GNU General Public License -# along with this program; if not, write to the Free Software -# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA -# +# cco.member.browser -""" -Login, logout, unauthorized stuff. +""" Login, logout, unauthorized stuff. """ try: @@ -26,18 +9,18 @@ try: except ImportError: pass from datetime import timedelta -from email.MIMEText import MIMEText +from email.mime.text import MIMEText import logging -from zope.app.exception.browser.unauthorized import Unauthorized as DefaultUnauth -from zope.app.pagetemplate import ViewPageTemplateFile -from zope.app.security.interfaces import IAuthentication -from zope.app.security.interfaces import ILogout, IUnauthenticatedPrincipal +from zope.authentication.interfaces import IAuthentication +from zope.authentication.interfaces import ILogout, IUnauthenticatedPrincipal +from zope.browserpage import ViewPageTemplateFile from zope.cachedescriptors.property import Lazy from zope import component from zope.i18n import translate from zope.i18nmessageid import MessageFactory -from zope.interface import implements +from zope.interface import implementer from zope.publisher.interfaces.http import IHTTPRequest +from zope.security.interfaces import Unauthorized as DefaultUnauth from zope.sendmail.interfaces import IMailDelivery from cco.member.auth import getCredentials, getPrincipalFromCredentials,\ @@ -149,10 +132,9 @@ class TanForm(LoginForm): return recipient +@implementer(ILogout) class Logout(object): - implements(ILogout) - def __init__(self, context, request): self.context = context self.request = request diff --git a/cco/member/webapi.py b/cco/member/webapi.py index c6ba713..61be6ac 100644 --- a/cco/member/webapi.py +++ b/cco/member/webapi.py @@ -1,6 +1,4 @@ -# # cco.member.webapi -# from cco.webapi.server import TypeHandler @@ -9,6 +7,6 @@ class Users(TypeHandler): def create(self): data = self.getInputData() - print '***', data + print('***', data) #create_or_update_object(self.loopsRoot, 'person', data) return self.success() diff --git a/pyproject.toml b/pyproject.toml index 5db09df..84700a4 100644 --- a/pyproject.toml +++ b/pyproject.toml @@ -12,11 +12,14 @@ keywords = ["loops"] authors = [{name = "Helmut Merz", email = "helmutm@cy55.de"}] dependencies = [ - "loops" + "loops", + "requests", ] [project.optional-dependencies] +jwt = ["python_jwt", "jwcrypto"] + test = ["zope.testrunner"] [tool.setuptools]