def _on_get(self, req, resp, **kwargs):
set_cookie(resp, USER_AUTH_COOKIE_NAME, "")
redirect_to = get_url_format(FRT_ROUTE_ROLE.USER_AUTH)
if 'referer' in req.headers:
redirect_to = req.headers['referer']
self.redirect(redirect_to)
return
def on_success_login(self, req, resp, conn, users_id, auth_token):
ip_address = get_client_ip(req)
headers = get_hashed_headers(req)
csrf_token = gen_csrf_token()
delta = timedelta(seconds=settings.USER_AUTH_COOKIE_EXPIRES)
utc_expiry = datetime.utcnow() + delta
values = {
"users_id": users_id,
"ip_address": ip_address,
"headers": headers,
"csrf_token": csrf_token,
"cookie_expiry": utc_expiry
}
db_utils.update(conn,
"users_logins",
values={"cookie_expiry": datetime.utcnow()},
where={
"users_id": users_id,
"ip_address": ip_address,
"headers": headers,
"cookie_expiry__gt": datetime.utcnow()
})
db_utils.insert(conn, "users_logins", values=values)
# set cookie
expiry = gen_cookie_expiry(utc_expiry)
auth_cookie = make_auth_cookie(expiry, csrf_token, auth_token,
users_id)
set_cookie(resp, USER_AUTH_COOKIE_NAME, auth_cookie, expiry=expiry)
self._set_basket_data(req, resp, users_id)
def _on_get(self, req, resp, **kwargs):
data = super(OrderAuthResource, self)._on_get(req, resp, **kwargs)
data['succ_redirect_to'] = get_url_format(FRT_ROUTE_ROLE.ORDER_ADDR)
basket_key, basket_data = get_basket(req, resp)
if basket_key and basket_data \
and basket_key != get_cookie_value(req, CURR_USER_BASKET_COOKIE_NAME):
set_cookie(resp, CURR_USER_BASKET_COOKIE_NAME, basket_key)
return data
def cookie_verify(conn, req, resp):
""" Verify cookie to check if user is in login status, update csrf
token if pass cookie verification.
Checked:
* MAC
* Auth, IP, request headers, csrf(for post request)
conn: database connection.
req: request.
resp: response will send to client.
"""
cookie = get_cookie(req)
if not cookie:
raise ValidationError('LOGIN_REQUIRED_ERR_UNSET_COOKIE')
# 'USER_AUTH' should be in the cookie.
required_fields = [USER_AUTH_COOKIE_NAME]
for field in required_fields:
if not cookie.has_key(field):
raise ValidationError('LOGIN_REQUIRED_ERR_EMPTY_COOKIE')
# authenticated information should be contained in 'USER_AUTH'
auth_fields = ['exp', 'csrf', 'auth', 'digest', 'users_id']
user_auth = cookie.get(USER_AUTH_COOKIE_NAME).value
user_auth = _parse_auth_cookie(user_auth)
for field in auth_fields:
if not user_auth.has_key(field):
raise ValidationError('LOGIN_REQUIRED_ERR_MISSING_DATA: %s' %
field)
# check if the cookie has been tampered with before going any further
_hmac_verify(user_auth)
users_id = user_auth['users_id']
ip = get_client_ip(req)
headers = get_hashed_headers(req)
login_id = _user_verify(conn, users_id, user_auth, ip, headers)
if req.method == 'POST':
# set new csrf to cookie and database.
csrf_token = gen_csrf_token()
auth_cookie = make_auth_cookie(user_auth['exp'], csrf_token,
user_auth['auth'], users_id)
db_utils.update(conn,
'users_logins',
values={'csrf_token': csrf_token},
where={'id': login_id})
conn.commit()
set_cookie(resp,
USER_AUTH_COOKIE_NAME,
auth_cookie,
expiry=user_auth['exp'])
return users_id
def __set(_sid):
_exp = __gen_session_expiry()
session = "sid@%s&exp@%s" % (_sid, _exp)
set_cookie(resp,
SESSION_COOKIE_NAME,
session)
name = 'SID:%s' % _sid
cli = get_redis_cli(ping=True)
if not cli: return
cli.setex(name,
self.users_id or "",
settings.SESSION_EXP_TIME)
def clear_basket(req, resp, basket_key, basket_data):
# called after the order placed successfully
redis_cli = get_redis_cli()
if basket_key == get_cookie_value(req, USER_BASKET_COOKIE_NAME):
redis_cli.set(basket_key, ujson.dumps({}))
elif basket_key == get_cookie_value(req, CURR_USER_BASKET_COOKIE_NAME):
redis_cli.delete(basket_key)
prev_basket_key, prev_basket_data = get_basket(req, resp, USER_BASKET_COOKIE_NAME)
[prev_basket_data.pop(item) for item in basket_data
if item in prev_basket_data]
redis_cli.set(prev_basket_key, ujson.dumps(prev_basket_data))
set_cookie(resp, CURR_USER_BASKET_COOKIE_NAME, "")
def get_basket(req, resp, cookie_name=None):
basket_key = None
basket_data = None
if cookie_name:
iternames = [cookie_name]
else:
iternames = [CURR_USER_BASKET_COOKIE_NAME, USER_BASKET_COOKIE_NAME]
for c_name in iternames:
basket_key = get_cookie_value(req, c_name)
try:
if basket_key:
basket_data = get_redis_cli().get(basket_key)
if basket_data: break
except:
pass
if not basket_key:
basket_key = USER_BASKET % generate_random_key()
set_cookie(resp, USER_BASKET_COOKIE_NAME, basket_key)
basket_data = ujson.loads(basket_data) if basket_data else {}
return basket_key, basket_data
def _set_basket_data(self, req, resp, users_id):
redis_cli = get_redis_cli()
old_basket_key = redis_cli.get(LOGIN_USER_BASKET_KEY % users_id)
old_basket_data = redis_cli.get(
old_basket_key) if old_basket_key else None
old_basket_data = ujson.loads(
old_basket_data) if old_basket_data else {}
basket_key = get_cookie_value(req, USER_BASKET_COOKIE_NAME)
basket_data = redis_cli.get(basket_key) if basket_key else None
basket_data = ujson.loads(basket_data) if basket_data else {}
if old_basket_key:
if basket_key and basket_key != old_basket_key:
old_basket_data.update(basket_data)
redis_cli.set(old_basket_key, ujson.dumps(old_basket_data))
set_cookie(resp, USER_BASKET_COOKIE_NAME, old_basket_key)
elif basket_key:
redis_cli.set(LOGIN_USER_BASKET_KEY % users_id, basket_key)
else:
pass