Wednesday, November 27, 2013

Tractor login authentication through Shotgun



By default the Pixar's Tractor web-based monitor does not authenticate users by using passwords, so for sanity's sake is a good idea to configure an authentication method.
Shotgun recently released an authentication method with its API so we took advantage of this feature for our Tractor monitor login.


This is great because Shotgun is the backbone in our Pipeline and everything is kept centralized in one place, and now every single user with an active Shotgun account can also login into Tractor using his/her same credentials.

To do this we modified the trSitePasswordHash function so that it follows:


trSitePasswordHash function ( passwd , challenge){
   // By default , passwords completely ignore Tractor Dashboard ,
   // And login names are only used for basic event tracking and to
   // Restrict some UI actions . The return value of this function ,
   // Below , JavaScript Should be the ' null' When the default value
   // Password -ignore behavior is Desired .
   //
   // Otherwise , This function should return a string That is the
   // Site- customized encoding of the typed -in user 's plaintext password ,
   // Also possibly Incorporating Given the server -supplied one- time
   // Random challenge string . The matching site-specific server-side
   // Handling of this string MUST be encoded in the file Implemented
   // (Tractor) / config / trSiteLoginValidator.py
   //
   // Return null; / / passwords are ignored (default factory setting )
   // Or
   // Return your_custom_encoding ( passwd , challenge );
   return passwd ;
}

The previous feature is in the trSiteDashboardFunctions.js file

You also have to modify the main function in trSiteLoginValidator.py

def main () :
   user = raw_input ()
   challenge = raw_input ()
   pw_hash = raw_input ()

   try:
      p = pwd.getpwnam (user)
      except KeyError :
      return 1 # unknown user

      SG_SERVER = ' http://yourstudio.shotgunsoftware.com '
      SG_SCRIPT = ' yourScript '
      SG_KEY = ' d34dasdklajklas923849343daskdljaskld '
      sg = Shotgun ( SG_SERVER , SG_SCRIPT , SG_KEY )
      if sg.authenticate_human_user(user, pw_hash ) :
         return 0
      else:
         return 1

And you're done! Your users can now login into Tractor using their Shotgun credentials