Beispiel #1
0
	def asyncPost(self):
		try:
			# Required arguments check
			if not requestsManager.checkArguments(self.request.arguments, ("u", "p", "a")):
				raise exceptions.invalidArgumentsException(MODULE_NAME)

			# Get arguments
			username = self.get_argument("u")
			password = self.get_argument("p")
			action = self.get_argument("a").strip().lower()

			# IP for session check
			ip = self.getRequestIP()

			# Login and ban check
			userID = userUtils.getID(username)
			if userID == 0:
				raise exceptions.loginFailedException(MODULE_NAME, userID)
			if not userUtils.checkLogin(userID, password, ip):
				raise exceptions.loginFailedException(MODULE_NAME, username)
			if userUtils.check2FA(userID, ip):
				raise exceptions.need2FAException(MODULE_NAME, userID, ip)
			if userUtils.isBanned(userID):
				raise exceptions.userBannedException(MODULE_NAME, username)

			# Action (depends on 'action' parameter, not on HTTP method)
			if action == "get":
				self.write(self._getComments())
			elif action == "post":
				self._addComment()
		except (exceptions.loginFailedException, exceptions.need2FAException, exceptions.userBannedException):
			self.write("error: no")
Beispiel #2
0
    def asyncGet(self):
        try:
            # Get request ip
            ip = self.getRequestIP()

            # Argument check
            if not requestsManager.checkArguments(self.request.arguments,
                                                  ["u", "h"]):
                raise exceptions.invalidArgumentsException(self.MODULE_NAME)

            # Get user ID
            username = self.get_argument("u")
            userID = userUtils.getID(username)
            if userID is None:
                raise exceptions.loginFailedException(self.MODULE_NAME,
                                                      username)

            # Check login
            log.info("{} ({}) wants to connect".format(username, userID))
            if not userUtils.checkLogin(userID, self.get_argument("h"), ip):
                raise exceptions.loginFailedException(self.MODULE_NAME,
                                                      username)

            # Ban check
            if userUtils.isBanned(userID):
                raise exceptions.userBannedException(self.MODULE_NAME,
                                                     username)

            # Lock check
            if userUtils.isLocked(userID):
                raise exceptions.userLockedException(self.MODULE_NAME,
                                                     username)

            # 2FA check
            if userUtils.check2FA(userID, ip):
                raise exceptions.need2FAException(self.MODULE_NAME, username,
                                                  ip)

            # Update latest activity
            userUtils.updateLatestActivity(userID)

            # Get country and output it
            country = glob.db.fetch(
                "SELECT country FROM users_stats WHERE id = %s",
                [userID])["country"]
            self.write(country)
        except exceptions.invalidArgumentsException:
            pass
        except exceptions.loginFailedException:
            self.write("error: pass\n")
        except exceptions.userBannedException:
            pass
        except exceptions.userLockedException:
            pass
        except exceptions.need2FAException:
            self.write("error: verify\n")