1from zope.interface import implementer
2from repoze.who.interfaces import IAuthenticator
3
4
5class TGAuthMetadata(object):
6    """
7    Provides a way to lookup for user, groups and permissions
8    given the current identity. This has to be specialized
9    for each storage backend.
10
11    By default it returns empty lists for groups and permissions
12    and None for the user.
13    """
14    def get_user(self, identity, userid):
15        return None
16
17    def get_groups(self, identity, userid):
18        return []
19
20    def get_permissions(self, identity, userid):
21        return []
22
23
24@implementer(IAuthenticator)
25class _AuthMetadataAuthenticator(object):
26    def __init__(self, tgmdprovider, using_password):
27        self.tgmdprovider = tgmdprovider
28        self.using_password = using_password
29
30    # IAuthenticator
31    def authenticate(self, environ, identity):
32        if self.using_password and not ('login' in identity and 'password' in identity):
33            return None
34        return self.tgmdprovider.authenticate(environ, identity)
35
36
37def create_default_authenticator(authmetadata,
38                                 using_password=True, translations=None,
39                                 user_class=None, dbsession=None,
40                                 **kept_params):
41    auth = _AuthMetadataAuthenticator(authmetadata, using_password)
42    return kept_params, auth
43