def do_post(**kwargs):
"""
Check if user is logged
"""
_db = get_db()
tk = kwargs['auth_token']
from base_common.dbatokens import get_user_by_token
dbuser = get_user_by_token(_db, tk)
d = dbuser.dump_user()
d['token'] = tk
if hasattr(apphooks, 'extend_user_check'):
_extend_res = apphooks.extend_user_check(dbuser)
if _extend_res == False:
log.critical('Error user check extending')
return base_common.msg.error(msgs.ERROR_POST_CHECK)
if isinstance(_extend_res, dict):
d.update(_extend_res)
apphooks.action_log_hook(dbuser.id_user, kwargs['r_ip'], 'check', 'user {} successfuly checked status'.format(dbuser.username))
return base_common.msg.post_ok(d)
def do_post(**kwargs):
"""
Logout user
"""
_db = get_db()
dbc = _db.cursor()
request = kwargs['request_handler']
tk = request.auth_token
dbuser = get_user_by_token(_db, tk)
if not close_session_by_token(dbc, tk):
log.warning("Closing session with token {}".format(tk))
return base_common.msg.error(msgs.CLOSE_USER_SESSION)
_db.commit()
apphooks.action_log_hook(dbuser.id_user, kwargs['r_ip'], 'logout', 'user {} successfuly logged out'.format(dbuser.username))
return base_common.msg.post_ok()
def do_post(username, password, **kwargs):
"""
User login
"""
_db = get_db()
dbc = _db.cursor()
log.info('User {} trying to login'.format(username))
username = username.lower()
q = apphooks.prepare_login_query(username)
ip = kwargs['r_ip']
dbc.execute(q)
if dbc.rowcount != 1:
msg = '{} user not found: {}'.format(username, dbc.rowcount)
log.critical(msg)
apphooks.action_log_hook(None, ip, 'login', msg)
return base_common.msg.error(msgs.USER_NOT_FOUND)
us = dbc.fetchone()
u_id = us['id']
u_pwd = us['password']
upwd = None
try:
with open('/tmp/upwd.base') as f:
upwd = f.read()
except Exception as e:
pass
if not upwd or upwd != password:
if not check_password(u_pwd, username, password):
msg = 'Username {} wrong password: {}'.format(username, password)
log.critical(msg)
apphooks.action_log_hook(None, ip, 'login', msg)
return base_common.msg.error(msgs.USER_NOT_FOUND)
if hasattr(apphooks, 'login_expansion') and not apphooks.login_expansion(us):
return base_common.msg.error(msgs.ERROR_LOGIN_USER)
# ASSIGN TOKEN
tk = get_token(u_id, dbc)
if not tk:
return base_common.msg.error(msgs.ERROR_LOGIN_USER)
_db.commit()
res = {'token': tk}
if hasattr(apphooks, 'post_login_digest'):
post_d = apphooks.post_login_digest(_db, u_id, username, password, tk)
if post_d == False:
log.critical('Error user post login digest')
return base_common.msg.error(msgs.ERROR_POST_LOGIN)
if isinstance(post_d, dict):
res.update(post_d)
apphooks.action_log_hook(u_id,ip, 'login', 'user {} successfuly logged in'.format(username))
log.info('User {} successfully logged in'.format(username))
return base_common.msg.post_ok(res)