Beispiel #1
0
                'navLinks':
                sshtml.buildNavLinks(),
                'accountLinks':
                sshtml.buildAccountLinks(False),
                'body':
                sshtml.buildBody(data=data, aside=ASIDE, mobile=MOBILE)
            }
            sshttp.send200(sshtml.buildContainerPage(replace))

        elif sshttp.is_post():
            parameters = dict()
            if redirect:
                parameters['redirect'] = redirect
            if 'email' not in args:
                parameters['noemail'] = 1
                sshttp.send302(sshttp.build_uri('/signin.py', parameters))
            elif 'password' not in args:
                parameters['nopassword'] = 1
                sshttp.send302(sshttp.build_uri('/signin.py', parameters))
            else:
                users = userstable.SSUsers(DATABASE)
                ssids = sessionstable.SSSessions(DATABASE)

                email = args.getvalue('email').lower()
                password = args.getvalue('password')

                if not users.validate_user(email, password):
                    parameters['invalid'] = 1
                    sshttp.send302(sshttp.build_uri('/signin.py', parameters))

                else:
Beispiel #2
0
							users[user[0]] = user
					import json, secretsanta
					from secretsanta import SSRule, SSRuleType, SSMatchType
					rules = list()
					if 'rules[]' in args:
						for rulejson in args.getlist('rules[]'):
							rule = json.loads(rulejson)
							if 'left' in rule and 'match' in rule and 'right' in rule:
								if rule['match'] == 0:
									rules.append(SSRule(SSRuleType.DIFFERS, SSMatchType.LITERAL, 'uid', rule['left'], rule['right']))
								if rule['match'] == 1:
									rules.append(SSRule(SSRuleType.MATCHES, SSMatchType.LITERAL, 'uid', rule['left'], rule['right']))
					assignment = secretsanta.assign_partners(users, rules)
					if assignment:
						groupsdb.set_partners(gid, assignment)
						sshttp.send302(sshttp.build_uri('/groups.py', {'gid' : gid}))
					else:
						parameters = dict()
						parameters['gid'] = gid
						parameters['failed'] = 1
						sshttp.send302(sshttp.build_uri('/ssctl.py', parameters))

			# Invalid http method
			else:
				sshttp.senderror(405);

		# Invalid request (no gid)
		else:
			sshttp.senderror(400)

	# Unauthorized
Beispiel #3
0
                sshtml.buildAccountLinks(False),
                'body':
                sshtml.buildBody(data=DATA.format(formatting),
                                 aside=ASIDE,
                                 mobile=MOBILE)
            }
            sshttp.send200(sshtml.buildContainerPage(replace))

        elif sshttp.is_post():
            EMAIL_MATCH = re.compile(
                r"(^[a-zA-Z0-9_.+-]+@[a-zA-Z0-9-]+\.[a-zA-Z0-9-.]+$)")

            parameters = dict()
            if 'email' not in args:
                parameters['noemail'] = 1
                sshttp.send302(sshttp.build_uri('/register.py', parameters))
            elif 'password' not in args:
                parameters['nopassword'] = 1
                sshttp.send302(sshttp.build_uri('/register.py', parameters))
            elif 'retype' not in args:
                parameters['noretype'] = 1
                sshttp.send302(sshttp.build_uri('/register.py', parameters))
            elif 'name' not in args:
                parameters['noname'] = 1
                sshttp.send302(sshttp.build_uri('/register.py', parameters))
            elif not EMAIL_MATCH.fullmatch(args.getvalue('email')):
                parameters['bademail'] = 1
                sshttp.send302(sshttp.build_uri('/register.py', parameters))
            elif args.getvalue('password') != args.getvalue('retype'):
                parameters['passwordmismatch'] = 1
                sshttp.send302(sshttp.build_uri('/register.py', parameters))
Beispiel #4
0
                    sshtml.buildDesktopNavLinks(),
                    'navLinks':
                    sshtml.buildNavLinks(),
                    'accountLinks':
                    sshtml.buildAccountLinks(True),
                    'body':
                    sshtml.buildBody(data=DATA.format(formatting),
                                     aside=ASIDE,
                                     mobile=MOBILE)
                }
                sshttp.send200(sshtml.buildContainerPage(replace))

            # Unauthorized
            else:
                sshttp.send302(
                    sshttp.build_redirect_uri('/getacc.py',
                                              '/groupctl.py?creategroup=1'))

        # No function provided
        else:
            sshttp.senderror(400)

    # POST method
    elif sshttp.is_post():
        if sessions.session_is_valid():
            NAME_MATCH = re.compile(
                r'^[a-zA-Z0-9 .,/<>?-_+"\'\[\]\\|!@#$%^&*()]+$')
            parameters = dict()

            # Create group
            if 'creategroup' in args:
Beispiel #5
0
# @email [email protected]
#

from env import *
import datetime
import sshttp

try:
    import sessions

    args = sshttp.get_parameters()
    redirect = sshttp.get_redirect()

    if sessions.session_is_valid():
        if redirect:
            sshttp.send302(redirect)
        else:
            sshttp.send302('/')
    elif sshttp.has_cookies():
        sshttp.send302(sshttp.build_redirect_uri('/signin.py', redirect),
                       headers={
                           'Set-Cookie':
                           'ssid=expired; Secure; Expires="{}"'.format(
                               datetime.datetime.utcfromtimestamp(0))
                       })
    else:
        sshttp.send302(sshttp.build_redirect_uri('/signin.py', redirect))
except:
    sshttp.senderror(500)
    import sys, traceback
    traceback.print_exc(file=sys.stderr)
Beispiel #6
0
#

from env import *
import datetime
import sessions, sshttp

try:
    sessions.delete_session()

    args = sshttp.get_parameters()
    redirect = sshttp.get_redirect()

    if redirect:
        sshttp.send302(redirect,
                       headers={
                           'Set-Cookie':
                           'ssid=expired; Secure; Expires="{}"'.format(
                               datetime.datetime.utcfromtimestamp(0))
                       })
    else:
        sshttp.send302('/',
                       headers={
                           'Set-Cookie':
                           'ssid=expired; Secure; Expires="{}"'.format(
                               datetime.datetime.utcfromtimestamp(0))
                       })

except:
    sshttp.senderror(500)
    import sys, traceback
    traceback.print_exc(file=sys.stderr)