def attempt_authentication(self, **kwargs):
# The arguments need to be passed as keywords and are timestamp, cookie
# and ip_address. A missing argument means the default value is used
# instead. An argument passed as None means that None will be used.
return authenticate_request(
self.session, self.contest,
kwargs.get("timestamp", self.timestamp),
kwargs.get("cookie", self.cookie),
ipaddress.ip_address(kwargs.get("ip_address", "10.0.0.1")))
def attempt_authentication(self, **kwargs):
# The arguments need to be passed as keywords and are timestamp, cookie
# and ip_address. A missing argument means the default value is used
# instead. An argument passed as None means that None will be used.
return authenticate_request(
self.session, self.contest,
kwargs.get("timestamp", self.timestamp),
kwargs.get("cookie", self.cookie),
ipaddress.ip_address(kwargs.get("ip_address", "10.0.0.1")))
def get_current_user(self):
"""Return the currently logged in participation.
The name is get_current_user because tornado requires that
name.
The participation is obtained from one of the possible sources:
- if IP autologin is enabled, the remote IP address is matched
with the participation IP address; if a match is found, that
participation is returned; in case of errors, None is returned;
- if username/password authentication is enabled, and the cookie
is valid, the corresponding participation is returned, and the
cookie is refreshed.
After finding the participation, IP login and hidden users
restrictions are checked.
In case of any error, or of a login by other sources, the
cookie is deleted.
return (Participation|None): the participation object for the
user logged in for the running contest.
"""
cookie_name = self.contest.name + "_login"
cookie = self.get_secure_cookie(cookie_name)
try:
# In py2 Tornado gives us the IP address as a native binary
# string, whereas ipaddress wants text (unicode) strings.
ip_address = ipaddress.ip_address(str(self.request.remote_ip))
except ValueError:
logger.warning("Invalid IP address provided by Tornado: %s",
self.request.remote_ip)
return None
participation, cookie = authenticate_request(self.sql_session,
self.contest,
self.timestamp, cookie,
ip_address)
if cookie is None:
self.clear_cookie(cookie_name)
elif self.refresh_cookie:
self.set_secure_cookie(cookie_name, cookie, expires_days=None)
return participation
def get_current_user(self):
"""Return the currently logged in participation.
The name is get_current_user because tornado requires that
name.
The participation is obtained from one of the possible sources:
- if IP autologin is enabled, the remote IP address is matched
with the participation IP address; if a match is found, that
participation is returned; in case of errors, None is returned;
- if username/password authentication is enabled, and the cookie
is valid, the corresponding participation is returned, and the
cookie is refreshed.
After finding the participation, IP login and hidden users
restrictions are checked.
In case of any error, or of a login by other sources, the
cookie is deleted.
return (Participation|None): the participation object for the
user logged in for the running contest.
"""
cookie_name = self.contest.name + "_login"
cookie = self.get_secure_cookie(cookie_name)
try:
# In py2 Tornado gives us the IP address as a native binary
# string, whereas ipaddress wants text (unicode) strings.
ip_address = ipaddress.ip_address(str(self.request.remote_ip))
except ValueError:
logger.warning("Invalid IP address provided by Tornado: %s",
self.request.remote_ip)
return None
participation, cookie = authenticate_request(
self.sql_session, self.contest, self.timestamp, cookie, ip_address)
if cookie is None:
self.clear_cookie(cookie_name)
elif self.refresh_cookie:
self.set_secure_cookie(cookie_name, cookie, expires_days=None)
return participation