Beispiel #1
0
def check_user(request):
    login = pyramid.security.authenticated_userid(request)
    user = None
    isValid = False
    if login is not None:
        username = login.split("|")[0]
        userId = login.split("|")[1]
        user = User(username)
        isValid = user.is_token_valid(userId)
        print "TESTING FOR SESSION", isValid
    if isValid == False:
        return False
    else:
        session = request.session
        print session
        if 'fullname' in session:
            user.fullname = session["fullname"]
            user.userId = session["userId"]
            user.check_userLevel()
        else:
            userObj = user.get_userObj()
            session['fullname'] = userObj["fullname"]
            session['userId'] = userObj["userId"]
        return user
Beispiel #2
0
def service_post(request):
    user = None
    did_fail = False
    templateVars = {  # for failed login attempt
        'message':
        'Your email or password is incorrect.<br/> Please try again',
        #'user': user,
        'breadCrumbs': [{
            "url": "/",
            "text": "Home"
        }, {
            "url": "",
            "text": "Login"
        }],
        'pageTitle': 'Login',
        #'token':token,   # session token
        "request": request
    }

    if 'submit' in request.POST:
        login = request.POST.get('login', '')
        passwd = request.POST.get('passwd', '')
        #user = USERS.get(login, None)
        print login, passwd
        user = User(login, None)

        loginCheck = user.check_password(passwd)
        #print loginCheck
        #Hard coding allowed users
        #allowedUsers = ['rrajendra','anjalisilva','cwei','ema','sratnasi','johanssj','cbertrand','dchan','drea','melbastami','mmilton','stoneham','rmanjunath','sratnasingham1','c.wei1','asauk','boldhoc','telliott2','ezakharov','sprosser','tbraukmann']
        #if login not in allowedUsers:
        #    loginCheck = False

        if user and loginCheck != False:
            userObj = user.get_userObj()
            user.check_userLevel()

            if user.get_userLevel(
            ) is None and userObj["userId"] not in getValidLogins(
            ):  # ensure only reviewers & admins can login
                templateVars = {
                    "user": user,
                    "title": "No Access",
                    "message":
                    "Sorry, access is now restricted to reviewers and conference coordinators",
                    "showButton": "loginPoster"
                }
                return conference_abstract.util.generate_template(
                    'abstractThankYouMessage.mako', templateVars)
            else:

                # Create session and set cookies
                headers = pyramid.security.remember(
                    request, login + "|" + str(loginCheck))
                session = request.session
                session['fullname'] = userObj["fullname"]
                session['userId'] = userObj["userId"]
                return HTTPFound(location="/dashboard", headers=headers)
        did_fail = True

    # Handling error response

    user = None
    templateVars['failed_attempt'] = did_fail
    templateVars['login'] = login

    #token = login.split("|")[1] if login is not None else ""
    return conference_abstract.util.generate_template('login.mako',
                                                      templateVars)