def login(context, request):
login_url = request.resource_url(request.context, 'login')
referrer = request.url
if referrer == login_url:
referrer = '/' # never use the login form itself as came_from
came_from = request.params.get('came_from', referrer)
message = ''
login = ''
password = ''
who_api = get_whoapi(request.environ)
if 'form.submitted' in request.params:
creds = {
'login':request.params['login'],
'password': request.params['password'],
'max_age': request.registry.settings['pysiphae'].get('cookie_max_age', 3600)
}
authenticated, headers = who_api.login(creds)
if authenticated:
return HTTPFound(location='/', headers=headers)
request.flash_message('error', 'Invalid username or password')
_, headers = who_api.login({})
request.response_headerlist = headers
if 'REMOTE_USER' in request.environ:
del request.environ['REMOTE_USER']
return dict(
url = request.application_url + '/login',
came_from = came_from,
login = login,
password = password,
)
def changepass(context, request):
if 'form.cancelled' in request.params:
return HTTPFound(location='/')
if 'form.submitted' in request.params:
old = request.params.get('old-password', '')
new = request.params.get('new-password', '')
confirm = request.params.get('confirm-password','x')
who_api = get_whoapi(request.environ)
user = request.getAuthenticatedUser()
authenticated, headers = who_api.login({'login': user['userid'], 'password':
old})
if not authenticated:
request.flash_message('error', 'Invalid password')
return {}
if new != confirm:
request.flash_message('error', 'Passwords does not match')
return {}
resp = requests.post(
'https://ipa01.drsa.mampu.gov.my/ipa/session/change_password',
verify=False,
data={'user': user['userid'], 'old_password': old, 'new_password':
new})
if not 'Password change successful' in resp.text:
request.flash_message('error', resp.text)
return {}
request.flash_message('success', 'Password Changed')
return HTTPFound(location='/')
return {}
def changepass(context, request):
if 'form.cancelled' in request.params:
return HTTPFound(location='/')
if 'form.submitted' in request.params:
old = request.params.get('old-password', '')
new = request.params.get('new-password', '')
confirm = request.params.get('confirm-password', 'x')
who_api = get_whoapi(request.environ)
user = request.getAuthenticatedUser()
authenticated, headers = who_api.login({
'login': user['userid'],
'password': old
})
if not authenticated:
request.flash_message('error', 'Invalid password')
return {}
if new != confirm:
request.flash_message('error', 'Passwords does not match')
return {}
resp = requests.post(
'https://ipa01.drsa.mampu.gov.my/ipa/session/change_password',
verify=False,
data={
'user': user['userid'],
'old_password': old,
'new_password': new
})
if not 'Password change successful' in resp.text:
request.flash_message('error', resp.text)
return {}
request.flash_message('success', 'Password Changed')
return HTTPFound(location='/')
return {}
def login(context, request):
login_url = request.resource_url(request.context, 'login')
referrer = request.url
if referrer == login_url:
referrer = '/' # never use the login form itself as came_from
came_from = request.params.get('came_from', referrer)
message = ''
login = ''
password = ''
who_api = get_whoapi(request.environ)
if 'form.submitted' in request.params:
creds = {
'login':
request.params['login'],
'password':
request.params['password'],
'max_age':
request.registry.settings['pysiphae'].get('cookie_max_age', 3600)
}
authenticated, headers = who_api.login(creds)
if authenticated:
return HTTPFound(location='/', headers=headers)
request.flash_message('error', 'Invalid username or password')
_, headers = who_api.login({})
request.response_headerlist = headers
if 'REMOTE_USER' in request.environ:
del request.environ['REMOTE_USER']
return dict(
url=request.application_url + '/login',
came_from=came_from,
login=login,
password=password,
)
def logout(context, request):
who_api = get_whoapi(request.environ)
headers = who_api.logout()
url = request.resource_url(request.context)
return HTTPFound(location=url, headers=headers)
def logout(context, request):
who_api = get_whoapi(request.environ)
headers = who_api.logout()
url = request.resource_url(request.context)
return HTTPFound(location=url,headers=headers)