Ejemplo n.º 1
0
    def process_login(self, username, password, **kwargs):
        rootURL, local = cherrypy.request.app.config['filelocker']['root_url'], False
        if kwargs.has_key("local") and kwargs['local'] == str(True):
            local = True
        username = strip_tags(username)

        if password is None or password == "":
            raise cherrypy.HTTPRedirect("%s/login?msg=3&local=%s" % (rootURL, str(local)))
        else:
            directory = AccountService.ExternalDirectory(local)
            if directory.authenticate(username, password):
                cherrypy.session['request-origin'] = str(os.urandom(32).encode('hex'))[0:32]
                currentUser = AccountService.get_user(username, True) #if they are authenticated and local, this MUST return a user object
                if currentUser is not None:
                    if not currentUser.authorized:
                        raise cherrypy.HTTPError(403, "You do not have permission to access this system")
                    session.add(AuditLog(cherrypy.session.get("user").id, "Login", "User %s logged in successfully from IP %s" % (currentUser.id, Filelocker.get_client_address())))
                    session.commit()
                    raise cherrypy.HTTPRedirect(rootURL)
                else: #This should only happen in the case of a user existing in the external directory, but having never logged in before
                    try:
                        newUser = directory.lookup_user(username)
                        AccountService.install_user(newUser)
                        currentUser = AccountService.get_user(username, True)
                        if currentUser is not None and currentUser.authorized != False:
                            raise cherrypy.HTTPRedirect(rootURL)
                        else:
                            raise cherrypy.HTTPError(403, "You do not have permission to access this system")
                    except Exception, e:
                        return "Unable to install user: %s" % str(e)
            else:
Ejemplo n.º 2
0
    def process_login(self, username, password, **kwargs):
        rootURL, local = cherrypy.request.app.config['filelocker'][
            'root_url'], False
        if kwargs.has_key("local") and kwargs['local'] == str(True):
            local = True
        username = strip_tags(username)

        if password is None or password == "":
            raise cherrypy.HTTPRedirect("%s/login?msg=3&local=%s" %
                                        (rootURL, str(local)))
        else:
            directory = AccountService.ExternalDirectory(local)
            if directory.authenticate(username, password):
                cherrypy.session['request-origin'] = str(
                    os.urandom(32).encode('hex'))[0:32]
                currentUser = AccountService.get_user(
                    username, True
                )  #if they are authenticated and local, this MUST return a user object
                if currentUser is not None:
                    if not currentUser.authorized:
                        raise cherrypy.HTTPError(
                            403,
                            "You do not have permission to access this system")
                    session.add(
                        AuditLog(
                            cherrypy.session.get("user").id, "Login",
                            "User %s logged in successfully from IP %s" %
                            (currentUser.id, Filelocker.get_client_address())))
                    session.commit()
                    raise cherrypy.HTTPRedirect(rootURL)
                else:  #This should only happen in the case of a user existing in the external directory, but having never logged in before
                    try:
                        newUser = directory.lookup_user(username)
                        AccountService.install_user(newUser)
                        currentUser = AccountService.get_user(username, True)
                        if currentUser is not None and currentUser.authorized != False:
                            raise cherrypy.HTTPRedirect(rootURL)
                        else:
                            raise cherrypy.HTTPError(
                                403,
                                "You do not have permission to access this system"
                            )
                    except Exception, e:
                        return "Unable to install user: %s" % str(e)
            else:
Ejemplo n.º 3
0
                if cherrypy.request.params.has_key("ticket"):
                    valid_ticket, userId = casConnector.validate_ticket(
                        rootURL, cherrypy.request.params['ticket'])
                    if valid_ticket:
                        currentUser = AccountService.get_user(userId, True)
                        cherrypy.session['request-origin'] = str(
                            os.urandom(32).encode('hex'))[0:32]
                        if currentUser is None:
                            currentUser = User(id=userId,
                                               display_name="Guest user",
                                               first_name="Unknown",
                                               last_name="Unknown")
                            cherrypy.log.error(
                                "[%s] [requires_login] [User authenticated, but not found in directory - installing with defaults]"
                                % str(userId))
                            AccountService.install_user(currentUser)
                            currentUser = AccountService.get_user(
                                currentUser.id, True)  #To populate attributes
                        if not currentUser.authorized:
                            raise cherrypy.HTTPError(
                                403,
                                "Your user account does not have access to this system."
                            )
                        session.add(
                            AuditLog(
                                currentUser.id, "Login",
                                "User %s logged in successfully from IP %s" %
                                (currentUser.id, get_client_address())))

                        session.commit()
                        if currentUser.date_tos_accept is None:
Ejemplo n.º 4
0
                casUrl = session.query(ConfigParameter).filter(ConfigParameter.name == "cas_url").one().value
                casConnector = CAS(casUrl)
                if cherrypy.request.params.has_key("ticket"):
                    valid_ticket, userId = casConnector.validate_ticket(rootURL, cherrypy.request.params["ticket"])
                    if valid_ticket:
                        currentUser = AccountService.get_user(userId, True)
                        cherrypy.session["request-origin"] = str(os.urandom(32).encode("hex"))[0:32]
                        if currentUser is None:
                            currentUser = User(
                                id=userId, display_name="Guest user", first_name="Unknown", last_name="Unknown"
                            )
                            cherrypy.log.error(
                                "[%s] [requires_login] [User authenticated, but not found in directory - installing with defaults]"
                                % str(userId)
                            )
                            AccountService.install_user(currentUser)
                            currentUser = AccountService.get_user(currentUser.id, True)  # To populate attributes
                        if not currentUser.authorized:
                            raise cherrypy.HTTPError(403, "Your user account does not have access to this system.")
                        session.add(
                            AuditLog(
                                currentUser.id,
                                "Login",
                                "User %s logged in successfully from IP %s" % (currentUser.id, get_client_address()),
                            )
                        )

                        session.commit()
                        if currentUser.date_tos_accept is None:
                            if format == None:
                                raise cherrypy.HTTPRedirect(rootURL + "/sign_tos")