def validate(self, username: str, password: str, dbname: str = None) -> Tuple[bool, str]: """ Given a username and password, as well as an optional dbname, validate them. - Ensure the fields all have value (if dbname is not None check that too) - Ensure the username / password combo is correct :param username: The username to be validated :param password: The password to be validated :param dbname: The dbname to be validated (optional) """ # Check that all passed fields have value (ignore dbname if it is None) if dbname is None: fields = [username, password] else: fields = [username, password, dbname] if not all(fields): return False, "Please specify all fields." # Check that the username / password combination is correct login_user = login_tools.LoginUser(username, password) if not login_tools.is_correct_password(login_user): return False, f"Wrong username or password for user {username}." if dbname is not None and len(flask.session["username"] + "_" + dbname) > 64: return False, "Database name too long" # We good return True, ""
def dispatch_request(self) -> str: try: user = flask.request.form["username"].lower() # Validate the login request login_user = login_tools.LoginUser(user, flask.request.form["password"]) if not login_tools.is_correct_password(login_user): return flask.render_template( "index.html", page="login", error_message="Username or password was incorrect", ) # Initialise the user's directory if running on leela if not config.FLASK_CONFIG["debug"]: register_tools.initialise_directories( user, flask.request.form["password"]) # Set the session info to reflect that the user is logged in and redirect back to / flask.session[config.LOGGED_IN_KEY] = True flask.session["username"] = user flask.session["admin"] = login_user.is_admin() self.logger.info(f"{flask.session['username']} logged in") except login_tools.UserNotInLDAPException: return flask.render_template( "index.html", page="login", error_message="Username or password was incorrect") return flask.redirect("/")
def dispatch_request(self) -> str: user = flask.request.form["username"].lower() # Validate the login request login_user = login_tools.LoginUser(user, flask.request.form["password"]) if not login_tools.is_correct_password(login_user): return flask.redirect("/?e=i") # Initialise the user's directory if running on leela if not config.FLASK_CONFIG["debug"]: register_tools.initialise_directories( user, flask.request.form["password"]) # Set the session info to reflect that the user is logged in and redirect back to / flask.session[config.LOGGED_IN_KEY] = True flask.session["username"] = user flask.session["admin"] = login_user.is_admin() self.logger.info("user logged in successfuly") if flask.request.args.get("r"): return flask.redirect(flask.request.args.get("r")) return flask.redirect("/tools")
def validate(self, username: str, password: str) -> Tuple[bool, str]: """ Given a username and password validate them. - Ensure the fields all have value - Ensure the username / password combo is correct :param username: The username to be validated :param password: The password to be validated """ # Check that all passed fields have value fields = [username, password] if not all(fields): return False, "Please specify all fields." # Check if correct username supplied if not login_tools.is_user_logged_in(username): return False, "Please enter your own username" # Check that the username / password combination is correct login_user = login_tools.LoginUser(username, password) if not login_tools.is_correct_password(login_user): return False, f"Wrong username or password for user {username}." # We good return True, ""