Portal Auth
inyoka.portal.auth
Custom authorization functions for Inyoka.
- copyright:
2007-2024 by the Inyoka Team, see AUTHORS for more details.
- license:
BSD, see LICENSE for more details.
- class inyoka.portal.auth.InyokaAuthBackend
Customized authentication backend to support Inyoka specific features:
user banning
workaround for case (in)sensitive usernames
login by username or email
anonymous permissions
- authenticate(request, username=None, password=None, **kwargs)
Authenticate a user with username (which can also be the email address) and password.
- Raises:
- UserBanned
If the found user was banned by an admin.
- get_all_permissions(user_obj, obj=None)
Returns all present Permissions for user_obj.
In fact we simply return get_group_permissions() because we don’t use any other Permissions in Inyoka.
- get_group_permissions(user_obj, obj=None)
Returns the permissions of user_obj based on the groups a user is in.
- get_user(user_id)
- get_user_permissions(user_obj, obj=None)
Returns present Permissions for user_obj.
As we don’t use user based Permissions in Inyoka we always return an empty set to avoid incompatibilities with Django Upstream.
- has_module_perms(user_obj, app_label)
Returns True if user_obj has any permissions in the given app_label.
Inactive Users, except anonymous, always get back False for security reasons.
- has_perm(user_obj, perm, obj=None)
Return True if user_obj has perm or False in any other case.
This Backend don’t support object based permissions, and will always return False if requests through this backend if obj is given.
Inactive Users, except anonymous, always get back False for security reasons.