def authuser(request):
login_url = request.current_route_url()
referrer = request.url
login = '******'
if referrer == login_url:
referrer = '/manager'
came_from = request.params.get('came_from', referrer)
if 'submit' in request.POST:
new_accesslog(request.client_addr)
if not get_accesslog_badlogin(request.client_addr):
loginerror = login + '/whaittime'
return HTTPFound(location=loginerror)
loginerror = login + '/noverifyuser'
username = request.POST.get('username', '')
passwd = request.POST.get('password', '')
user = get_user(username)
if user and user.check_password(passwd):
loginerror = login + '/noverifypermission'
ps = userpermission(user)
if 2 in ps[0]:
new_accesslog(request.client_addr, 2, user.id)
headers = remember(request, user.id)
return HTTPFound(location=came_from, headers=headers)
else:
#Нет прав доступа
return HTTPFound(location=loginerror)
else:
#Нет такого пользователя
return HTTPFound(location=loginerror)
#Переход не через форму авторизации
return HTTPFound(location=login)
def get_permissions(request):
if request.authenticated_userid:
user = get_user(request.authenticated_userid)
ps = userpermission(user)
result = {'userid': user.id, 'username': user.username, 'permissions': ps[0]}
if user.profiles.avatar1 != '' or user.profiles.avatar1 != None:
result['hasavatar'] = True
else:
result = {'userid': 0, 'username': '******', 'permissions': []}
return result
def ajaxbaselogin(request):
post = request.json_body
user = get_user2(post['username'])
if user and user.check_password(post['password']):
ps = userpermission(user)
if 1 in ps[0]:
headers = remember(request, user.id)
result = {'userid': user.id, 'username': user.username, 'permissions': ps[0], 'headers': headers}
if user.profiles.avatar1 != '' or user.profiles.avatar1 != None:
result['hasavatar'] = True
else:
result = {'auth': False}
else:
result = {'user':False}
return result
