Login

SimpleMachines forum authentication backend

Author:
kropp
Posted:
February 1, 2008
Language:
Python
Version:
.96
Score:
0 (after 0 ratings)

Authentication backend for Simple Machines Forum user database.

Needs one setting in settings.py:

SMF_PREFIX = 'smf'

This is prefix of SMF tables. This shippet assumes that they are in the same database.

There is one more optional setting:

SMF_GROUP = 1

If set, will allow only users from group with given id. May be used to allow access to admin page only for moderators.

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
import hashlib
from string import lower
from django.contrib.auth.models import User
from yourproject import settings

class SMFBackend:
    """
    Django authentication backend for SimpleMachines Forum user database.
    (For more information on SMF go to http://simplemachines.org/)

    Also it fetches e-mail address from SMF user profile and updates Django user profile on every login.
    """
    def authenticate(self, username=None, password=None):
        valid = False
        email = None

        if not (username is None) and not (password is None):
            hash = hashlib.sha1(lower(username) + password).hexdigest()

            from django.db import connection
            cursor = connection.cursor()
            cursor.execute("select passwd, ID_GROUP, emailAddress from %s_members where memberName = '%s' and is_activated = '1'" % (settings.SMF_PREFIX, username))
            row = cursor.fetchone()
            email = row[2]
            
            if row[0] == hash:
                valid = True

            if hasattr(settings, 'SMF_GROUP') and (settings.SMF_GROUP != row[1]):
                valid = False

        if valid:
            try:
                user = User.objects.get(username=username)
            except User.DoesNotExist:
                user = User(username=username)
                user.is_staff = True
                user.is_superuser = False
                user.set_unusable_password() # disable login through Model backend
                user.save()
            if not email is None:
                user.email = email
            return user
        return None

    def get_user(self, user_id):
        try:
            return User.objects.get(pk=user_id)
        except User.DoesNotExist:
            return None

More like this

  1. Template tag - list punctuation for a list of items by shapiromatron 9 months ago
  2. JSONRequestMiddleware adds a .json() method to your HttpRequests by cdcarter 9 months, 1 week ago
  3. Serializer factory with Django Rest Framework by julio 1 year, 4 months ago
  4. Image compression before saving the new model / work with JPG, PNG by Schleidens 1 year, 4 months ago
  5. Help text hyperlinks by sa2812 1 year, 5 months ago

Comments

Please login first before commenting.