def do_POST(self): ctype, pdict = cgi.parse_header(self.headers.getheader('content-type')) length = int(self.headers.getheader('content-length')) if ctype == 'multipart/form-data': postvars = cgi.parse_multipart(self.rfile, pdict) elif ctype == 'application/x-www-form-urlencoded': postvars = cgi.parse_qs(self.rfile.read(length), keep_blank_values=1) else: postvars = {} if self.path == '/Forms/login_security_1.html': auth = Auth() if auth.http_client_auth(postvars): credentials = auth.get_credentials() self.send_response(303) self.send_header('Location', '/rpSys.html') self.send_header('Set-Cookie', 'C0=' + credentials['user'] + '; path=/') self.send_header('Set-Cookie', 'C1=' + credentials['pass'] + '; path=/') self.end_headers() self.log_http(303, postvars) else: self.do_GET() self.log_http(200, postvars) else: self.send_response(200) self.send_header('Content-Type', 'text/html') self.end_headers() self.log_http(200, postvars)
def get_session(self): auth = Auth() credentials = auth.get_credentials() cookie = Cookie.SimpleCookie(self.headers.getheader('Cookie')) session = False if cookie.has_key('C0') and cookie.has_key('C1'): if cookie['C0'].value == credentials['user'] and cookie['C1'].value == credentials['pass']: session = True return session