diff options
author | ianb <devnull@localhost> | 2009-03-07 03:29:21 +0000 |
---|---|---|
committer | ianb <devnull@localhost> | 2009-03-07 03:29:21 +0000 |
commit | 608be9fa2ca93d0122bb7d3ab39ed6e078ee0b4d (patch) | |
tree | 51dc3a1df486af00bedec0421f78603cb5799c3f /paste/auth | |
parent | 41a267e59bfaad6ed867f37b417edcadf069ec98 (diff) | |
download | paste-608be9fa2ca93d0122bb7d3ab39ed6e078ee0b4d.tar.gz |
Fix the auth_tkt middleware so it doesn't give exceptions when the token is bad
Diffstat (limited to 'paste/auth')
-rw-r--r-- | paste/auth/auth_tkt.py | 18 |
1 files changed, 9 insertions, 9 deletions
diff --git a/paste/auth/auth_tkt.py b/paste/auth/auth_tkt.py index 23b0e82..e70e2a3 100644 --- a/paste/auth/auth_tkt.py +++ b/paste/auth/auth_tkt.py @@ -273,18 +273,18 @@ class AuthTKTMiddleware(object): try: timestamp, userid, tokens, user_data = parse_ticket( self.secret, cookie_value, remote_addr) + tokens = ','.join(tokens) + environ['REMOTE_USER'] = userid + if environ.get('REMOTE_USER_TOKENS'): + # We want to add tokens/roles to what's there: + tokens = environ['REMOTE_USER_TOKENS'] + ',' + tokens + environ['REMOTE_USER_TOKENS'] = tokens + environ['REMOTE_USER_DATA'] = user_data + environ['AUTH_TYPE'] = 'cookie' except BadTicket: # bad credentials, just ignore without logging the user # in or anything - return self.app(environ, start_response) - tokens = ','.join(tokens) - environ['REMOTE_USER'] = userid - if environ.get('REMOTE_USER_TOKENS'): - # We want to add tokens/roles to what's there: - tokens = environ['REMOTE_USER_TOKENS'] + ',' + tokens - environ['REMOTE_USER_TOKENS'] = tokens - environ['REMOTE_USER_DATA'] = user_data - environ['AUTH_TYPE'] = 'cookie' + pass set_cookies = [] def set_user(userid, tokens='', user_data=''): set_cookies.extend(self.set_user_cookie( |