Beispiel #1
0
def dashboard_group_login(request, username, password, sign, **kwargs):
    # cur_time = str(time.time()).split(".")[0]
    if not hashlib.md5(username + password).hexdigest() == sign:
        raise PermissionDenied
    auto_login_permit = MyVariable().get_var(
        "custom", "dashboard_login") if MyVariable().get_var(
            "custom", "dashboard_login") else "no"
    if not auto_login_permit == "yes":
        raise PermissionDenied
    referer = request.META.get('HTTP_REFERER')
    host = urlparse(referer).netloc
    domain = host.split('.')[0]
    logger = logging.getLogger("yottaweb.audit")
    param = {"domain": domain, "name": username, "passwd": password}
    # print password

    # user info for yottaD
    req = BackendRequest.login(param)
    es_check = req['result']
    token = ""
    if es_check:
        token = req.get('token', "")
        request.session['user_name'] = username
        request.session['user_pwd'] = password
        request.session['user_tkn'] = token
        request.session['user_id'] = req.get('owner_id', "")
        to_log = {
            "timestamp": time.strftime("%Y-%m-%d %H:%M:%S", time.localtime()),
            "action": "login",
            "user_name": username,
            "user_id": req.get('owner_id', ""),
            "domain": domain,
            "result": "success"
        }
        cookie_string = hashlib.md5(username + ',' + domain + ',' +
                                    token).hexdigest()
        request.session['user_yottac'] = cookie_string
        request.session.set_expiry(259200)
        logger.info(json.dumps(to_log))
        return HttpResponseRedirect('/dashboard/')
    else:
        #0: server error, 1:password or user wrong
        to_log = {
            "timestamp": time.strftime("%Y-%m-%d %H:%M:%S", time.localtime()),
            "action": "login",
            "user_name": username,
            "user_id": req.get('owner_id', ""),
            "domain": domain,
            "result": "error",
            "msg": req['error']
        }

        logger.info(json.dumps(to_log))
        return HttpResponseRedirect('/auth/login/')
Beispiel #2
0
    def auth_login(self, request, **kwargs):
        self.method_check(request, allowed=['post'])

        username = request.POST['username']
        password = request.POST['password']
        password = hashlib.md5(password).hexdigest()
        referer = request.META.get('HTTP_REFERER')
        host = urlparse(referer).netloc
        domain = host.split('.')[0]
        audit_logger = logging.getLogger("yottaweb.audit")
        param = {"domain": domain, "name": username, "passwd": password}
        # print password

        # user info for yottaD
        req = BackendRequest.login(param)
        es_check = req['result']
        token = ""
        if es_check:
            # print user['username']
            # request.session['user_id'] = hashlib.md5(user['id']).hexdigest()
            token = req.get('token', "")
            request.session['user_name'] = username
            request.session['user_pwd'] = password
            request.session['user_tkn'] = token
            request.session['user_id'] = req.get('owner_id', "")

            link = ""
            res = BackendRequest.list_urls({
                "token": token,
                "operator": username
            })
            if res['result']:
                for u in [
                        "dashboard/", "search/", "alerts/", "schedule/", "app/"
                ]:
                    if u in res['urls']:
                        if u == "dashboard/":
                            link = u
                            break
                        elif u == "search/":
                            link = u
                            break
                        elif u == "alerts/":
                            link = u
                            break
                        elif u == "schedule/":
                            link = u
                            break
                        elif u == "app/":
                            link = u
                            break
            if link == "":
                init_page = "account/users/" + str(req.get('owner_id')) + "/"
            else:
                init_page = link
            dummy_data = {
                'status': '1',
                'location': '/' + init_page,
                'ri': req.get('report_info', {})
            }
            to_log = {
                "timestamp": time.strftime("%Y-%m-%d %H:%M:%S",
                                           time.localtime()),
                "action": "login",
                "module": "login",
                "user_name": username,
                "user_id": req.get('owner_id', ""),
                "domain": domain,
                "result": "success"
            }
            bundle = self.build_bundle(obj=dummy_data,
                                       data=dummy_data,
                                       request=request)
            res_data = bundle
        else:
            #0: server error, 1:password or user wrong
            to_log = {
                "timestamp": time.strftime("%Y-%m-%d %H:%M:%S",
                                           time.localtime()),
                "action": "login",
                "module": "login",
                "user_name": username,
                "user_id": req.get('owner_id', ""),
                "domain": domain,
                "result": "error",
                "msg": req['error']
            }
            data = err_data.build_error(req)
            data["ri"] = req.get('report_info', {}),
            dummy_data = data

            bundle = self.build_bundle(obj=dummy_data,
                                       data=dummy_data,
                                       request=request)
            res_data = bundle

        audit_logger.info(json.dumps(to_log))

        resp = self.create_response(request, res_data)
        if es_check:
            cookie_string = hashlib.md5(username + ',' + domain + ',' +
                                        token).hexdigest()
            request.session['user_yottac'] = cookie_string
            request.session.set_expiry(259200)

        # resp.set_cookie('yottac', value=cookie_string, max_age=None, expires=None, path='/', domain='.rizhiyi.com',
        #                     secure=None, httponly=True)
        return resp
Beispiel #3
0
def login_with_password(domain, username, password, init_page):
    password = hashlib.md5(password).hexdigest()
    param = {"domain": domain, "name": username, "passwd": password}
    # print password

    # user info for yottaD
    req = BackendRequest.login(param)
    es_check = req['result']
    token = ""
    session_data = {}
    if es_check:
        # print user['username']
        # request.session['user_id'] = hashlib.md5(user['id']).hexdigest()
        token = req.get('token', "")
        dummy_data = {
            'status': '1',
            'location': '/' + init_page,
            'ri': req.get('report_info', {})
        }
        to_log = {
            "timestamp": time.strftime("%Y-%m-%d %H:%M:%S", time.localtime()),
            "action": "login",
            "user_name": username,
            "user_id": req.get('owner_id', ""),
            "domain": domain,
            "result": "success"
        }

        cookie_string = hashlib.md5(username + ',' + domain + ',' +
                                    token).hexdigest()
        session_data['user_yottac'] = cookie_string
        session_data['user_name'] = username
        session_data['user_pwd'] = password
        session_data['user_tkn'] = token
        session_data['user_id'] = req.get('owner_id', "")
    else:
        # 0: server error, 1:password or user wrong
        to_log = {
            "timestamp": time.strftime("%Y-%m-%d %H:%M:%S", time.localtime()),
            "action": "login",
            "user_name": username,
            "user_id": req.get('owner_id', ""),
            "domain": domain,
            "result": "error",
            "msg": req['error']
        }
        err_code = "1" if req['error'] == "non existed user" else "0"
        if req['error'] == 'passwd is invalid':
            err_code = "2"
        if re.search('not activate', req['error'], re.IGNORECASE):
            err_code = "3"
        if re.search('non existed domain', req['error'], re.IGNORECASE):
            err_code = "4"
        dummy_data = {
            'status': '0',
            'err_code': err_code,
            'ri': req.get('report_info', {}),
            'msg': 'username or password is not right',
        }

    return dummy_data, session_data, to_log