def indivo_api_call_get(request):
"""
take the call, forward it to the Indivo server with oAuth signature using
the session-stored oAuth tokens
"""
if DEBUG:
utils.log('indivo_api_call_get: ' + request.path)
if not tokens_p(request):
utils.log(
'indivo_api_call_get: No oauth_token or oauth_token_secret... sending to login'
)
return HttpResponseRedirect('/login')
# update the IndivoClient object with the tokens stored in the django
# session
api = get_api(request)
# strip the leading /indivoapi, do API call, and return result
if request.method == "POST":
data = dict((k, v) for k, v in request.POST.iteritems())
elif request.method == "GET":
data = dict((k, v) for k, v in request.GET.iteritems())
else:
data = {}
return HttpResponse(api.call(request.method,
request.path[10:],
options={'data': data}),
mimetype="application/xml")
def indivo_api_call_delete_record_app(request):
"""
sort of like above but for app delete
"""
if request.method != HTTP_METHOD_POST:
return HttpResponseRedirect('/')
if DEBUG:
utils.log('indivo_api_call_delete_record_app: ' + request.path + ' ' +
request.POST['app_id'] + ' ' + request.POST['record_id'])
if not tokens_p(request):
utils.log(
'indivo_api_call_delete_record_app: No oauth_token or oauth_token_secret.. sending to login'
)
return HttpResponseRedirect('/login')
# update the IndivoClient object with the tokens stored in the django
# session
api = get_api(request)
# get the app id from the post, and return to main
status = api.delete_record_app(
record_id=request.POST['record_id'],
app_id=request.POST['app_id']).response['response_status']
return HttpResponse(str(status))
def indivo_api_call_delete_record_app(request):
"""
sort of like above but for app delete
"""
if request.method != HTTP_METHOD_POST:
return HttpResponseRedirect('/')
if DEBUG:
utils.log('indivo_api_call_delete_record_app: ' + request.path + ' ' +
request.POST['app_id'] + ' ' + request.POST['record_id'])
if not tokens_p(request):
utils.log('indivo_api_call_delete_record_app: No oauth_token or oauth_token_secret.. sending to login')
return HttpResponseRedirect('/login')
# update the IndivoClient object with the tokens stored in the django
# session
api = get_api(request)
# get the app id from the post, and return to main
status = api.delete_record_app(
record_id=request.POST['record_id'],
app_id=request.POST['app_id']
).response['response_status']
return HttpResponse(str(status))
def indivo_api_call_get(request):
"""
take the call, forward it to the Indivo server with oAuth signature using
the session-stored oAuth tokens
"""
if DEBUG:
utils.log('indivo_api_call_get: ' + request.path)
if not tokens_p(request):
utils.log('indivo_api_call_get: No oauth_token or oauth_token_secret... sending to login')
return HttpResponseRedirect('/login')
# update the IndivoClient object with the tokens stored in the django
# session
api = get_api(request)
# strip the leading /indivoapi, do API call, and return result
if request.method == "POST":
data = dict((k, v) for k, v in request.POST.iteritems())
elif request.method == "GET":
data = dict((k, v) for k, v in request.GET.iteritems())
else:
data = {}
return HttpResponse(
api.call(request.method, request.path[10:], options={'data': data}),
mimetype="application/xml")
def tokens_get_from_server(request, username, password):
# aks - hack! re-init IndivoClient here
api = get_api()
tmp = api.create_session({'username': username, 'user_pass': password})
if not tmp and DEBUG:
utils.log('error: likely a bad username/password, or incorrect tokens from UI server to backend server.')
return False
request.session['username'] = username
request.session['oauth_token_set'] = tmp
request.session['account_id'] = urllib.unquote(tmp['account_id'])
if DEBUG:
utils.log('oauth_token: %(oauth_token)s outh_token_secret: %(oauth_token_secret)s' % request.session['oauth_token_set'])
return True
def login(request, info="", template=LOGIN_PAGE):
"""
clear tokens in session, show a login form, get tokens from indivo_server, then redirect to index
FIXME: make note that account will be disabled after 3 failed logins!!!
"""
# generate a new session
request.session.flush()
# set up the template
errors = {'missing': 'Either the username or password is missing. Please try again',
'incorrect' : 'Incorrect username or password. Please try again.',
'disabled' : 'This account has been disabled/locked.'}
FORM_USERNAME = '******'
FORM_PASSWORD = '******'
FORM_RETURN_URL = 'return_url'
# process form vars
if request.method == HTTP_METHOD_GET:
return_url = request.GET.get(FORM_RETURN_URL, '/')
if (return_url.strip()==""): return_url='/'
template_data = {FORM_RETURN_URL: return_url}
return utils.render_template(template,
template_data
)
if request.method == HTTP_METHOD_POST:
return_url = request.POST.get(FORM_RETURN_URL, '/')
if (return_url.strip()==""): return_url='/'
if request.POST.has_key(FORM_USERNAME) and request.POST.has_key(FORM_PASSWORD):
username = request.POST[FORM_USERNAME]
password = request.POST[FORM_PASSWORD]
else:
# Also checked initially in js
return utils.render_template(template, {'error': errors['missing'], FORM_RETURN_URL: return_url})
else:
utils.log('error: bad http request method in login. redirecting to /')
return HttpResponseRedirect('/')
# get tokens from the backend server and save in this user's django session
ret = tokens_get_from_server(request, username, password)
if not ret:
return utils.render_template(LOGIN_PAGE, {'error': errors['incorrect'], FORM_RETURN_URL: return_url})
return HttpResponseRedirect(return_url)
def tokens_get_from_server(request, username, password):
# aks - hack! re-init IndivoClient here
api = get_api()
tmp = api.create_session({'username': username, 'user_pass': password})
if not tmp and DEBUG:
utils.log(
'error: likely a bad username/password, or incorrect tokens from UI server to backend server.'
)
return False
request.session['username'] = username
request.session['oauth_token_set'] = tmp
request.session['account_id'] = urllib.unquote(tmp['account_id'])
if DEBUG:
utils.log(
'oauth_token: %(oauth_token)s outh_token_secret: %(oauth_token_secret)s'
% request.session['oauth_token_set'])
return True
def login(request, status=None, info="", template=LOGIN_PAGE):
"""
clear tokens in session, show a login form, get tokens from indivo_server,
then redirect to return_url or index
FIXME: make note that account will be disabled after 3 failed logins!!!
"""
# carry over login_return_url should we still have it
return_url = request.session.get('login_return_url')
request.session.flush()
# generate a new session and get return_url
if 'return_url' in request.POST:
return_url = request.POST['return_url']
elif 'return_url' in request.GET:
return_url = request.GET['return_url']
# save return_url and set up the template
params = {'SETTINGS': settings}
if return_url:
request.session['login_return_url'] = return_url
params['RETURN_URL'] = return_url
else:
return_url = '/'
if 'did_logout' == status:
params['MESSAGE'] = "You were logged out"
errors = {
'missing':
"Either the username or password is missing. Please try again.",
'incorrect': "Incorrect username or password. Please try again.",
'disabled': "This account has been disabled/locked."
}
username = None
# GET, simply return the login form
if request.method == HTTP_METHOD_GET:
return utils.render_template(template, params)
# credentials were posted, try to login
if request.method == HTTP_METHOD_POST:
if 'username' in request.POST and 'password' in request.POST:
username = request.POST['username']
password = request.POST['password']
else:
# Also checked initially in js
params['ERROR'] = errors['missing']
return utils.render_template(template, params)
else:
utils.log('error: bad http request method in login. redirecting to /')
return HttpResponseRedirect('/')
# get tokens from the backend server and save in this user's django session
ret, reason = tokens_get_from_server(request, username, password)
if not ret:
params['ERROR'] = errors[reason] if reason in errors else reason
params['ACCOUNT'] = username
return utils.render_template(LOGIN_PAGE, params)
return HttpResponseRedirect(return_url)
tmp = None
api = get_api()
try:
tmp = api.create_session({'username': username, 'user_pass': password})
except Exception, e:
if 'Socket Error' == e.message:
reason = "The server is currently not available. Please try again in a few minutes"
else:
reason = e.message
if tmp:
success = True
reason = ''
elif DEBUG:
utils.log(
'error: likely a bad username/password, or incorrect tokens from UI server to backend server.'
)
request.session['username'] = username
request.session['oauth_token_set'] = tmp
request.session['account_id'] = urllib.unquote(
tmp.get('account_id', '') if tmp else '')
if tmp and DEBUG:
utils.log(
'oauth_token: %(oauth_token)s outh_token_secret: %(oauth_token_secret)s'
% request.session['oauth_token_set'])
return (success, reason)
def login(request, status=None, info="", template=LOGIN_PAGE):
"""
clear tokens in session, show a login form, get tokens from indivo_server,
then redirect to return_url or index
FIXME: make note that account will be disabled after 3 failed logins!!!
"""
# carry over login_return_url should we still have it
return_url = request.session.get('login_return_url')
request.session.flush()
# generate a new session and get return_url
if 'return_url' in request.POST:
return_url = request.POST['return_url']
elif 'return_url' in request.GET:
return_url = request.GET['return_url']
# save return_url and set up the template
params = {'SETTINGS': settings}
if return_url:
request.session['login_return_url'] = return_url
params['RETURN_URL'] = return_url
else:
return_url = '/'
if 'did_logout' == status:
params['MESSAGE'] = "You were logged out"
errors = {
'missing': "Either the username or password is missing. Please try again.",
'incorrect': "Incorrect username or password. Please try again.",
'disabled': "This account has been disabled/locked."
}
username = None
# GET, simply return the login form
if request.method == HTTP_METHOD_GET:
return utils.render_template(template, params)
# credentials were posted, try to login
if request.method == HTTP_METHOD_POST:
if 'username' in request.POST and 'password' in request.POST:
username = request.POST['username']
password = request.POST['password']
else:
# Also checked initially in js
params['ERROR'] = errors['missing']
return utils.render_template(template, params)
else:
utils.log('error: bad http request method in login. redirecting to /')
return HttpResponseRedirect('/')
# get tokens from the backend server and save in this user's django session
ret, reason = tokens_get_from_server(request, username, password)
if not ret:
params['ERROR'] = errors[reason] if reason in errors else reason
params['ACCOUNT'] = username
return utils.render_template(LOGIN_PAGE, params)
return HttpResponseRedirect(return_url)
# create a session. This method throws an Exception when the server is down
tmp = None
api = get_api()
try:
tmp = api.create_session({'username': username, 'user_pass': password})
except Exception, e:
if 'Socket Error' == e.message:
reason = "The server is currently not available. Please try again in a few minutes"
else:
reason = e.message
if tmp:
success = True
reason = ''
elif DEBUG:
utils.log('error: likely a bad username/password, or incorrect tokens from UI server to backend server.')
request.session['username'] = username
request.session['oauth_token_set'] = tmp
request.session['account_id'] = urllib.unquote(
tmp.get('account_id', '') if tmp else '')
if tmp and DEBUG:
utils.log('oauth_token: %(oauth_token)s outh_token_secret: %(oauth_token_secret)s' % request.session['oauth_token_set'])
return (success, reason)
def proxy_index(request):
api = get_api()