Example #1
0
def main():
    if platform.system() == 'Windows':
        os.system("title PoGoStick - Pokemon Go API")
        os.system("cls")
    elif platform.system() == 'Linux' or 'Darwin':
        sys.stdout.write("\x1b]2;PoGoStick - Pokemon Go API\x07")
        os.system("clear")
    else:
        os.system("clear")
        print("[!] Running on untested operating system.  Your mileage may vary.")

    parser = argparse.ArgumentParser()
    parser.add_argument("-a", "--auth", help="\"Google\" or \"PTC\" for authentication", required=True)
    parser.add_argument("-u", "--username", help="Username", default=None)
    parser.add_argument("-p", "--password", help="Password", default=None)
    args = parser.parse_args()
    if args.auth.lower() == "google":
        args.auth = "Google"
    elif args.auth.lower() == "ptc":
        args.auth = "PTC"
    else:
        print("[*] %s is not a valid authentication type.  Select Google or PTC." % args.auth)
        sys.exit(-1)

    if not args.username:
        args.username = raw_input("Username: "******"Password: ")

    # Begin Flow
    auth.authenticate(args.username, args.password, args.auth)
    api.get_api_endpoint()
    actions.enumerate_profile()
Example #2
0
def authenticate():
    if len(Author.select().where(
            Author.is_editor)) == 0:  # first run, no authors yet
        return redirect(url_for('author.create_author'))
    if request.method == 'GET':
        return render_template('login.html')
    elif request.method == 'POST':
        try:
            auth.authenticate(request.form['username'],
                              request.form['password'])
        except ValueError as e:
            return render_template('login.html', error=e.args[0]), 401
        return redirect(url_for('index'))
Example #3
0
    def process_view(self, request, callback, callback_args, callback_kwargs):
        """
        Proces_view work before view rendering. Verify usere's ticket (from cookie or ticket attribute)
        """
        request.META['NEW_VPH_TKT_COOKIE'] = False

        try:
            #FROM COOKIE
            #Check user's cookie  if validate ticket is ok, update ticket timestamp else session expire.
            if request.session.get('vph-tkt'):
                try:
                    client_address = request.META['REMOTE_ADDR']
                    user, tkt64 = authenticate(ticket=request.session['vph-tkt'], cip=client_address)
                except:
                    logout(request)
                    request.META['VPH_TKT_COOKIE'] = True
                    request.ticket = None
                    return

                if user is None:
                    logout(request)
                    request.META['VPH_TKT_COOKIE'] = True
                    request.ticket = None
                    return
                request.ticket = tkt64
                request.META['VPH_TKT_COOKIE'] = tkt64

            else:

                if request.user.is_authenticated() and not request.user.username == 'admin':
                    logout(request)
                    request.ticket = None
                    request.META['VPH_TKT_COOKIE'] = True
                    return

            #FROM GET ATTRIBUTE
            #if validate ticket is ok, open new session and set ticket cookie only for super user , not avlid under api.

            if request.GET.get('ticket') and not request.path.count('api') and request.user.is_superuser:
                try:
                    ticket = binascii.a2b_base64(request.GET['ticket'])
                except :
                    return
                user, tkt64 = authenticate(ticket=request.GET['ticket'])
                if  user is not None :
                    login(request,user)
                    request.META['VPH_TKT_COOKIE'] = tkt64

        except KeyError:
            pass  # use default urlconf (settings.ROOT_URLCONF)
Example #4
0
def login():
    if request.method == 'POST':
        try:
            authenticate(request.form['username'], request.form['password'])
        except ValueError as e:
            return render_template('login.html', error=str(e))
        else:
            flash('You were logged in')
            return redirect(url_for('index'))
    else:
        if g.current_user:
            return redirect(url_for('index'))
        else:
            return render_template('login.html')
def main():
    # read configuration from file.
    read_config()
    
    # Execute app authentication. Must be set CLIENT_ID and CLIENT_SECRET into settings.ini.
    if OTHER_PORT:
        oauth, _, _ = authenticate(CLIENT_ID, CLIENT_SECRET, use_port=OTHER_PORT)
    else:
        oauth, _, _ = authenticate(CLIENT_ID, CLIENT_SECRET)

    # execute restore files.
    run_examples(oauth)
    printlog(app_consts.ENDED)
    
    os._exit(0)
Example #6
0
def create_album(album_title):
    """create an album for registered user in imgur.com"""
    album_config = {
    'title': album_title,
    'description': 'images of menus {0}'.format(datetime.now())
    }
    # client = authenticate()
    # check if titled album already exist
    client = authenticate()
    albums = client.get_account_albums('me')
    print "albums:", albums
    no_album = True
    album_id = None
    for a in albums:
        print "album", a.id, a.title
        if a.title == album_title:
            album_id = a.id
            no_album = False
            print ("album already exist, id is %s" % album_id)
            return album_id # need to return id!!
    # print "album1", album #works
    if no_album:
        album=client.create_album(album_config)
        after_albums = client.get_account_albums('me')
        for a in after_albums:
            if a.title == album_title:
                album_id = a.id
                return album_id
Example #7
0
def get_autolab_grades():
    s = authenticate('https://autolab.cs.cmu.edu')

    main = s.get('https://autolab.cs.cmu.edu').content
    d = pq(main)
    current_courses = d('#content > ul > li > a')
    grades = {}

    for course in current_courses:
        course_page = s.get('https://autolab.cs.cmu.edu%s/gradebook/student' %
                            d(course).attr('href')).content
        course_name = d(course).text()
        cd = pq(course_page)

        grades[course_name] = {}

        assignments = cd('.grades tr')
        for assgn in assignments:
            if d(assgn).attr('class') == 'header': continue
            grade = d(assgn).text()
            matches = re.search('^([\D\s]*) \d ([\d\.]+) / ([\d\.]+)$', grade)

            if matches is not None:
                name = matches.group(1)
                score = float(matches.group(2))
                total = float(matches.group(3))

                grades[course_name][name] = [score, total]

    return grades
Example #8
0
def get_sio():
    ''' get information from SIO
    TODO: parse GWT response
    '''

    s = authenticate('https://s3.as.cmu.edu/sio/index.html')
    s.headers['Origin'] = 'https://s3.as.cmu.edu'
    s.headers['Referer'] = 'https://s3.as.cmu.edu/sio/index.html'
    s.headers['X-GWT-Module-Base'] = 'https://s3.as.cmu.edu/sio/sio/'
    s.headers['DNT'] = '1'
    s.headers['Content-Type'] = 'text/x-gwt-rpc; charset=UTF-8'

    siojs = s.get('https://s3.as.cmu.edu/sio/sio/sio.nocache.js').content
    permutation = re.search("Ub='([^']+)'", siojs).group(1)
    s.headers['X-GWT-Permutation'] = permutation

    page_name = 'https://s3.as.cmu.edu/sio/sio/%s.cache.html' % (permutation)
    cachehtml = s.get(page_name).content

    auth_key = re.search("vLi='([^']+)'", cachehtml).group(1)
    context_key = re.search("cHi='([^']+)'", cachehtml).group(1)
    content_key = re.search("BMi='([^']+)'", cachehtml).group(1)
    
    # info in user context: full name, major/school
    s.post('https://s3.as.cmu.edu/sio/sio/userContext.rpc', 
           data=('7|0|4|https://s3.as.cmu.edu/sio/sio/|%s|edu.cmu.s3.ui.common.client.serverproxy.user.UserContextService|initUserContext|1|2|3|4|0|' % context_key))

    s.post('https://s3.as.cmu.edu/sio/sio/authorization.rpc', 
                 data=('7|0|4|https://s3.as.cmu.edu/sio/sio/|%s|edu.cmu.s3.ui.sio.common.client.serverproxy.AuthorizationService|initLoggedInAsStudent|1|2|3|4|0|' % auth_key))

    s.post('https://s3.as.cmu.edu/sio/sio/bioinfo.rpc',
                 data=('7|0|4|https://s3.as.cmu.edu/sio/sio/|%s|edu.cmu.s3.ui.sio.student.client.serverproxy.bio.StudentBioService|fetchStudentSMCBoxInfo|1|2|3|4|0|' % content_key)).content
Example #9
0
    def clean(self):
        username = self.cleaned_data.get('username')
        password = self.cleaned_data.get('password')
        message = ERROR_MESSAGE

        if username and password:
            self.user_cache = authenticate(username=username,
                                           password=password)
            if self.user_cache is None:
                if u'@' in username:
                    # Mistakenly entered e-mail address instead of username? Look it up.
                    try:
                        user = User.objects.get(email=username)
                    except (User.DoesNotExist, User.MultipleObjectsReturned):
                        # Nothing to do here, moving along.
                        pass
                    else:
                        if user.check_password(password):
                            message = _(
                                "Your e-mail address is not your username."
                                " Try '%s' instead.") % user.username
                raise forms.ValidationError(message)
            elif not self.user_cache.is_active or not self.user_cache.is_staff:
                raise forms.ValidationError(message)
        self.check_for_test_cookie()
        return self.cleaned_data
Example #10
0
def login():
    error = None
    policy = re.compile('^\D{4,}\d{3}$')
    if request.method == 'POST':
        user = request.form['username'].lower()
        pwd = request.form['password']
        if policy.match(user) is None:
            return render_template('login.html', error=u'用户名格式错误')
        if not pwd:
            return render_template('login.html', error=u'密码不能为空')
        au_status = authenticate(user, pwd)
        if au_status == 'super':
            return redirect(url_for('backdoor'))
        elif au_status:
            ainfo = DB(user).search()
            if ainfo is None:
                session['otp_info'] = u'未绑定'
            else:
                if ainfo[4] is 1:
                    session['otp_info'] = u'已绑定'
                else:
                    session['otp_info'] = u'已禁用'
            session['user'] = user
            session['pwd'] = pwd
            session['logged_in'] = True
            return redirect(url_for('userinfo'))
        else:
            return render_template('login.html', error=u'用户名或密码错误')
    else:
        return render_template('login.html', error=error)
Example #11
0
def upload():
    client = authenticate()
    urllist = upload_kitten(client)

    print urllist

    return urllist
Example #12
0
def postSimpleMessage():

    postdata = request.body.read().decode("utf-8")

    message = "<Result><StatusCode>FAILED</StatusCode><Text>Authentication failed.</Text></Result>"

    tree = xmlParser.fromstring(postdata)

    userNameFromRequest, passwordFromRequest = auth.extractAuth(tree)

    if (auth.handleCommunityAuth(userNameFromRequest, passwordFromRequest)):

        message = "<Result><StatusCode>OK</StatusCode><Text></Text></Result>"
        handleAlerts(tree, True)

    elif auth.authenticate(userNameFromRequest, passwordFromRequest, mongohost, mongoport):

        message = "<Result><StatusCode>OK</StatusCode><Text></Text></Result>"
        handleAlerts(tree, False)
    else:
        print("Authentication failed....")

    response = {}
    headers = {'Content-type': 'application/html'}
    response['status'] = "Success"
    raise HTTPResponse(message, status=200, headers=headers)
Example #13
0
def login(request, template='auth/userlogin.html', redirect_field_name=REDIRECT_FIELD_NAME):
    if request.GET.has_key('admin'):
        template = 'auth/adminlogin.html'

    if request.method == 'POST':
        redirect_to = request.REQUEST.get(redirect_field_name, '')
        loginname = request.POST.get('loginname', None)
        password = request.POST.get('password', None)

        user = authenticate(loginname = loginname, password = password)

        if user:

#            if user.is_alias():
#                __user = user
#                user = __user.alias_user
#                user.backend = __user.backend

            from auth import login
            login(request, user)

            if not redirect_to:
                redirect_to = settings.LOGIN_REDIRECT_URL

            if request.is_ajax():
                return render_to_response_json({"location": redirect_to, "errcode":0})

            return HttpResponseRedirect(redirect_to)

        if request.is_ajax():
            return render_to_response_json({"errcode":101})

    redirect_to =  request.META.get('HTTP_REFERER', "")
    return render_to_response(request, template, {redirect_field_name: redirect_to})
Example #14
0
def postSimpleMessage():

    postdata = request.body.read().decode("utf-8")

    message = "<Result><StatusCode>FAILED</StatusCode><Text>Authentication failed.</Text></Result>"

    tree = xmlParser.fromstring(postdata)

    userNameFromRequest, passwordFromRequest = auth.extractAuth(tree)

    if (auth.handleCommunityAuth(userNameFromRequest, passwordFromRequest)):

        message = "<Result><StatusCode>OK</StatusCode><Text></Text></Result>"
        handleAlerts(tree, True)

    elif auth.authenticate(userNameFromRequest, passwordFromRequest, mongohost,
                           mongoport):

        message = "<Result><StatusCode>OK</StatusCode><Text></Text></Result>"
        handleAlerts(tree, False)
    else:
        print("Authentication failed....")

    response = {}
    headers = {'Content-type': 'application/html'}
    response['status'] = "Success"
    raise HTTPResponse(message, status=200, headers=headers)
Example #15
0
def login():
	data = request.json
	encoded = authenticate(data['email'], data['password'])
	if encoded:
		return encoded
	else:
		return HTTPResponse(status=401, body="Nao autorizado.")
Example #16
0
def get_autolab_grades():
    s = authenticate('https://autolab.cs.cmu.edu')
    
    main = s.get('https://autolab.cs.cmu.edu').content
    d = pq(main)
    current_courses = d('#content > ul > li > a')
    grades = {}

    for course in current_courses:
        course_page = s.get('https://autolab.cs.cmu.edu%s/gradebook/student' % d(course).attr('href')).content
        course_name = d(course).text()
        cd = pq(course_page)

        grades[course_name] = {}

        assignments = cd('.grades tr')
        for assgn in assignments:
            if d(assgn).attr('class') == 'header': continue
            grade = d(assgn).text()
            matches = re.search('^([\D\s]*) \d ([\d\.]+) / ([\d\.]+)$', grade)

            if matches is not None:
                name = matches.group(1)
                score = float(matches.group(2))
                total = float(matches.group(3))

                grades[course_name][name] = [score, total]
                

    return grades
def login(error=None):
    if request.method=="GET":
        print 'ewargehstrdggrzhtfddf'
        print error
        err=''
        if error:
            err=auth.getError()
            if 'username' in session:
                session.pop('username',None)
        #if 'username' in session:
        #    return session['username'] +' is already logged in.'
        #else:
        
        return render_template('login.html', err=err)
    else:
        id_token=request.form['id']
        if auth.authenticate(id_token):
            user=auth.getName(id_token)
            session['username']=user
            #print session['username']
            #print 'authenticated'
            return render_template('index.html', user=session['username']), 200
        #msg=request.form['msg']
        #print msg
        #return redirect('/test')
        else:
            #print 'not logged in'
            error=auth.getError()
            print error
            return render_template('login.html'), 401 
Example #18
0
 def share_write(self, username, password, path, recipient):
     if auth.authenticate(username, password):
         abspath = ROOTDIR + '/' + path
         if auth.isOwner(username, abspath):
             auth.add_write(recipient, abspath)
             return True
         return False
def login(request):
    from auth import authenticate, login
    
    if request.method == 'POST':
        username = request.POST['username']
        password = request.POST['password']
        user = authenticate(username=username, password=password)
        if user is not None:
            if user.is_active:
                login(request, user)
                next = request.POST.get('next', reverse("market_home"))
                return HttpResponseRedirect(next)
            else:
                request.flash['message'] = _("Your account is inactive... You must confirm your account before login.")
                request.flash['severity'] = "error"
        else:
            request.flash['message'] = _("You entered an invalid username or password. Please try again")
            request.flash['severity'] = "error"
            
        return render_to_response('%s/buy/login.html'% request.marketplace.template_prefix, 
                                  {'next': request.POST.get('next', None)},
                                  RequestContext(request))
    
    return render_to_response('%s/buy/login.html'% request.marketplace.template_prefix, 
                              {'next': request.GET.get('next', None)},
                              RequestContext(request))
Example #20
0
def client():
    got_message = 0
    authenicated = False

    while(authenicated == False):
        name = input("Введите имя:")
        password = input("Введите пароль:")
        reply = authenticate(name, password)
        authenicated = reply.json()["reply"]

    print("name", name)
    print("pass", password)



    while(True):
        print("\n\n")
        command = input('Введите команду(send - для отправки сообщения, get - для получения новых)')
        if command == 'send':
            text = input("Введите сообщение:")
            send_message(name, text)
        elif command == 'get':
            data = recieve_message(got_message)
            messages = data["messages"]
            print(messages)
            last_message = messages.pop()
            got_message = last_message["id"]
        else:
            print("Команда не найдена")
    return
 def process_request(self, request):
     # AuthenticationMiddleware is required so that request.user exists.
     if not hasattr(request, 'user'):
         raise ImproperlyConfigured(
             "The Django remote user auth middleware requires the"
             " authentication middleware to be installed.  Edit your"
             " MIDDLEWARE_CLASSES setting to insert"
             " 'django.contrib.auth.middleware.AuthenticationMiddleware'"
             " before the RemoteUserMiddleware class.")
     try:
         username = request.META[self.header]
     except KeyError:
         # If specified header doesn't exist then return (leaving
         # request.user set to AnonymousUser by the
         # AuthenticationMiddleware).
         return
     # If the user is already authenticated and that user is the user we are
     # getting passed in the headers, then the correct user is already
     # persisted in the session and we don't need to continue.
     if request.user.is_authenticated():
         if request.user.username == self.clean_username(username, request):
             return
     # We are seeing this user for the first time in this session, attempt
     # to authenticate the user.
     user = auth.authenticate(remote_user=username)
     if user:
         # User is valid.  Set request.user and persist user in the session
         # by logging the user in.
         request.user = user
         auth.login(request, user)
Example #22
0
 def process_request(self, request):
     # AuthenticationMiddleware is required so that request.user exists.
     if not hasattr(request, 'user'):
         raise ImproperlyConfigured(
             "The Django remote user auth middleware requires the"
             " authentication middleware to be installed.  Edit your"
             " MIDDLEWARE_CLASSES setting to insert"
             " 'django.contrib.auth.middleware.AuthenticationMiddleware'"
             " before the RemoteUserMiddleware class.")
     try:
         username = request.META[self.header]
     except KeyError:
         # If specified header doesn't exist then return (leaving
         # request.user set to AnonymousUser by the
         # AuthenticationMiddleware).
         return
     # If the user is already authenticated and that user is the user we are
     # getting passed in the headers, then the correct user is already
     # persisted in the session and we don't need to continue.
     if request.user.is_authenticated():
         if request.user.username == self.clean_username(username, request):
             return
     # We are seeing this user for the first time in this session, attempt
     # to authenticate the user.
     user = auth.authenticate(remote_user=username)
     if user:
         # User is valid.  Set request.user and persist user in the session
         # by logging the user in.
         request.user = user
         auth.login(request, user)
Example #23
0
    def on_post(self, req, resp):
        validRequest = authenticate(req)

        if not validRequest:
            resp.body = "Invalid username/password"
            resp.status = falcon.HTTP_401
            return

        session = Session(engine)
        valueDict = getJson(req)

        signatureQuery = getSignatureQuery(req, session)

        message = "Unable to add Signature"
        resp.status = falcon.HTTP_400

        if "Signature" in valueDict.keys() and signatureQuery is None:
            signatureRow = createSignatureRow(session, valueDict)
            message = "Unable to create signature row"
            if signatureRow is not None:
                session.add(signatureRow)
                message = "Added signature to database: {}".format(
                    signatureRow.PrimaryKey)
                resp.status = falcon.HTTP_200

        elif "Signature" in valueDict.keys():
            message = "Unable to add Signature, already exists in database"

        resp.body = message
        print(message)

        session.commit()
        session.close()
Example #24
0
    def RPC__User__login(self, username, password, remember=True):
        """Log in a user to the system using a username and password. """
        try:
            User.objects.get(username=username)
        except User.DoesNotExist:
            self.return_api_error('username')
            return

        user = auth.authenticate(username=username, password=password)

        if self.config.auth and username == 'lab':
            user = None

        if user is None:
            self.return_api_error('password')
            return

        if not user.is_active:
            self.return_api_error('disabled')
            return

        if not remember:
            self.session.set_expiry(0)

        self.login(user)
        self.return_api_result()
Example #25
0
    def outer_wrapper(func):
        user = authenticate(email, password)

        @wraps(func)
        def wrapper():
            current_datetime = datetime.now()
            current_date = current_datetime.strftime('%d/%m/%Y')
            current_time = current_datetime.strftime('%H:%M:%S')
            if user:
                if user['role'] in ["admin", "superadmin"]:
                    with open('access_granted.txt',
                              'a') as access_granted_file:
                        access_granted_file.write(
                            f'{user["role"].capitalize()} {user["first_name"]} {user["last_name"]} viewed company resources on {current_date} at {current_time}\n'
                        )
                    return func()
                else:
                    with open('access_denied.txt', 'a') as access_denied_file:
                        access_denied_file.write(
                            f'{user["role"].capitalize()} {user["first_name"]} {user["last_name"]} tried to view company most valuable resource on {current_date} at {current_time}\n'
                        )
                    return f'You are not authorized to view this'
            else:
                return f"Only staff can access this resource"

        return wrapper
Example #26
0
def do_login():
    oauth, _, _ = authenticate()
    client = Client(oauth)

    # 'me' is a handy value to get info on the current authenticated user.
    me = client.user(user_id='me').get(fields=['login'])
    redirect('/message/' + me['login'])
def login(request):
    from auth import authenticate, login

    if request.method == 'POST':
        username = request.POST['username']
        password = request.POST['password']
        user = authenticate(username=username, password=password)
        if user is not None:
            if user.is_active:
                login(request, user)
                next = request.POST.get('next', reverse("market_home"))
                return HttpResponseRedirect(next)
            else:
                request.flash['message'] = _(
                    "Your account is inactive... You must confirm your account before login."
                )
                request.flash['severity'] = "error"
        else:
            request.flash['message'] = _(
                "You entered an invalid username or password. Please try again"
            )
            request.flash['severity'] = "error"

        return render_to_response(
            '%s/buy/login.html' % request.marketplace.template_prefix,
            {'next': request.POST.get('next', None)}, RequestContext(request))

    return render_to_response(
        '%s/buy/login.html' % request.marketplace.template_prefix,
        {'next': request.GET.get('next', None)}, RequestContext(request))
Example #28
0
def get_autolab_grades():
    #Autolab has their SSL certificates misconfigured, so we won't verify them
    s = authenticate('https://autolab.cs.cmu.edu/auth/users/auth/shibboleth',{"verify":False})

    main = s.get('https://autolab.cs.cmu.edu').content
    d = pq(main)
    current_courses = d('#content > .rolodex > .course > h1 > a')
    grades = {}

    for course in current_courses:
        page_1 = s.get('https://autolab.cs.cmu.edu%s/assessments' % d(course).attr('href')).content
        gradebook = pq(pq(page_1)('.action-links > li > a')[1]).attr('href')

        course_page = s.get('https://autolab.cs.cmu.edu%s' % gradebook).content
        course_name = d(course).text()
        cd = pq(course_page)

        grades[course_name] = {}

        assignments = cd('.grades tr')
        for assgn in assignments:
            if d(assgn).attr('class') == 'header': continue

            name = cd(assgn).find("td > span > a").text()
            score = cd(assgn).find("td > a").text()
            total = cd(assgn).find("span.max_score").text()

	    if name is not None and score is not None and total is not None:
	        grades[course_name][name] = [float(score), float(total)]


    return grades
Example #29
0
 def send_file_to_client(self, username, password, path):
     if auth.authenticate(username, password):
         if auth.has_read(username, ROOTDIR + '/' + path):
             with open(ROOTDIR + path, "rb") as handle:
                 return xmlrpc.client.Binary(handle.read())
         else:
             return False
Example #30
0
 def decorated(*args, **kwargs):
     token = request.headers.get('token')
     print token
     if (authenticate(token) == False):
         res = {'success': False, 'message': 'Invalid token'}
         return json.dumps(res)
     return f(*args, **kwargs)
Example #31
0
def test_wrong_name_wrong_password():
    salt = auth.get_salt()
    password = '******'
    pwdb = {'real_name': (auth.pwhash(password, salt), salt)}
    username = '******'
    pass_text = 'wrong_password'
    assert not auth.authenticate(username, pass_text, pwdb)
Example #32
0
def get_sio():
    ''' get information from SIO
    TODO: figure out how to parse shit like the finances response
    '''

    s = authenticate('https://s3.as.cmu.edu/sio/index.html')
    s.headers['Content-Type'] = 'text/x-gwt-rpc; charset=UTF-8'

    siojs = s.get('https://s3.as.cmu.edu/sio/sio/sio.nocache.js').content
    permutation = re.search("Rb='([^']+)'", siojs).group(1)

    page_name = 'https://s3.as.cmu.edu/sio/sio/%s.cache.html' % (permutation)
    cachehtml = s.get(page_name).content

    # to successfully do RPC with SIO, you have to find the correct keys
    # for each different kind of RPC you're doing and send them with the request
    def get_key(key):
        var_name = re.search("'%s',(\w+)," % key, cachehtml).group(1)
        return re.search("%s='([^']+)'" % var_name, cachehtml).group(1)

    context_key = get_key('userContext.rpc')
    content_key = get_key('bioinfo.rpc')

    # GWT returns something that's _almost_ JSON but not quite
    def parse_gwt(gwt_response):
        return json.loads(gwt_response.replace("'", '"').replace("\\", "\\\\")[4:])

    return_data = {}

    # info in user context: full name, major/school
    s.post('https://s3.as.cmu.edu/sio/sio/userContext.rpc',
           data=('7|0|4|https://s3.as.cmu.edu/sio/sio/|%s|edu.cmu.s3.ui.common.client.serverproxy.user.UserContextService|initUserContext|1|2|3|4|0|' % context_key))

    # get mailbox/smc
    gwt_response =  s.post('https://s3.as.cmu.edu/sio/sio/bioinfo.rpc',
                           data=('7|0|4|https://s3.as.cmu.edu/sio/sio/|%s|edu.cmu.s3.ui.sio.student.client.serverproxy.bio.StudentBioService|fetchStudentSMCBoxInfo|1|2|3|4|0|' % content_key)).content
    sio_json = parse_gwt(gwt_response)

    return_data['smc'] = sio_json[5][2]
    return_data['mailbox_combo'] = sio_json[5][1]

    # get schedule
    now = datetime.now()
    currSemester = ('F' if now.month > 6 else 'S') + str(now.year % 100)
    cal = Calendar.from_string(s.get('https://s3.as.cmu.edu/sio/secure/export/schedule/%s_semester.ics?semester=%s' % (currSemester, currSemester)).content)
    day_map = {'MO': 1, 'TU': 2, 'WE': 3, 'TH': 4, 'FR': 5}
    return_data['schedule'] = []
    for event in cal.walk():
        if event.name != 'VEVENT': continue

        return_data['schedule'].append({
            'days': map(lambda day: day_map[day], event.get('rrule').get('byday')),
            'location': event.get('location').strip(),
            'summary': event.get('summary').strip(),
            'start_time': event.get('dtstart').dt,
            'end_time': event.get('dtend').dt
        })

    return return_data
Example #33
0
    def RPC__User__authenticate(self, password):
        """Verify a password provided by the logged-in user. """
        user = auth.authenticate(username=self.user.username, password=password)

        if user is not None:
            self.return_api_result()
        else:
            self.return_api_error('invalid-password')
def login():
    user_profile = authenticate(request.get_json())
    if user_profile is False:
        response = jsonify(message="Unauthorized")
        response.status_code = 401
        return response
    response = jsonify(user_profile)
    return response, 201
Example #35
0
def login_url(request, loginname, ts, authcode, template = "auth/redirect.html"):
    user = authenticate(loginname = loginname, ts = ts, authcode = authcode)
    if user:
        from auth import login
        login(request, user)
        redirect = request.REQUEST.get(REDIRECT_FIELD_NAME, "")
        return render_to_response(request, template, {REDIRECT_FIELD_NAME: redirect})
    return HttpResponseForbidden
Example #36
0
def auth(ws, data):
    user = authenticate(username=data['username'], password=data['password'])
    data = {
        'token': None
    }
    if user is not None:
        data['token'] = login(user)
    ws.send(json.dumps(data))
Example #37
0
 def rm(self, username, password, filename):
     if auth.authenticate(username, password):
         print('authenticated')
         path = os.path.abspath(ROOTDIR + '/' + filename)
         if auth.isOwner(username, path):
             os.remove(path)
             return True
     return False
Example #38
0
def test_authenticate_valid():

    salt = "SALT"

    hash_ = au.pwhash("password", salt)

    res = au.authenticate("John Doe", "password", {"John Doe": [hash_, salt]})

    assert res
Example #39
0
 def process_request(self, request):
     username = request.COOKIES.get(ERL_SESSION_KEY, None)
     token = request.COOKIES.get(ERL_SESSION_TOKEN, None)
     user = auth.authenticate(username=username, token=token) if username and token else None
     if user:
         request.user = user
         auth.login(request, user)
     else:
         request.user = auth.AnonymousUser()
Example #40
0
 def __init__(self, username, queue, apikey=None, token=None):
     self.endpoint = "https://iad.queues.api.rackspacecloud.com/"
     self.queue = queue
     self.username = username
     self.apikey = apikey
     if token : 
         self.token = token
     else:
         self.token = authenticate(username, apikey)
Example #41
0
def login(form_arguments):
    uid = form_arguments["username"]
    password = form_arguments["password"]
    success = auth.authenticate(uid, password)
    if success:
        success["success"] = True
        return success
    else:
        return {"success": False, "error": 0}
Example #42
0
def post_user():

    user = request.form.get('iUser', None)
    if (auth.authenticate(user, None)):
        session['innlogget'] = True
        session['user'] = user
        session['last_request'] = time.time()

    return redirect(url_for('input_url'))
Example #43
0
def test_authenticate_wrong_pass():

    salt = "SALT"

    hash_ = au.pwhash("qwerty", salt)

    res = au.authenticate("John Doe", "1234", {"John Doe": [hash_, salt]})

    assert not res
Example #44
0
def config():
    auth_result = authenticate(app)
    if not (isinstance(auth_result, str) and auth_result == "Authorized!"):
        return auth_result

    with connect_db() as db:
        gscope: List[Tuple[str, str]] = db(
            "SELECT name, gs_code FROM gscope",
            [],
        ).fetchall()
        adjustments: List[Tuple[str, str, str]] = db(
            "SELECT hashed, url, sheet FROM adjustments",
            [],
        ).fetchall()

    return html(
        """
    <h1>Grade Display Config</h1>
    <p>
        Add a Gradescope assignment:
        """
        + make_row(
            """<input name="name" placeholder="Shortname (no spaces!)" />
            <input name="gs_code" placeholder="Gradescope code" />
        """,
            url_for("create_assign"),
            "Submit",
        )
        + """
    </p>
    <p>
        Add an adjustments sheet:
        """
        + make_row(
            """<input name="url" placeholder="Full URL" />
            <input name="sheet" placeholder="Sheet Name" />
        """,
            url_for("add_adjustments"),
            "Submit",
        )
        + """
    </p>
    """
        + "".join(
            "<p>" + make_row(f"{name} ({gs_code})", url_for("delete_assign", name=name))
            for name, gs_code in gscope
        )
        + "".join(
            "<p>"
            + make_row(
                f"Adjustments: {url} ({sheet})",
                url_for("delete_adjustments", hashed=hashed),
            )
            for hashed, url, sheet in adjustments
        )
    )
Example #45
0
    def get(self, request, format=None):
        # first authenticate and get access token if needed
        if self.access_token is None:
            self.access_token = auth.authenticate()

        # get the query and make the request
        query = request.query_params.get('q', '')
        r = dapi_make_request(query=query, access_token=self.access_token)

        return Response(r.json())
Example #46
0
    def get(self, request, format=None):
        # first authenticate and get access token if needed
        if self.access_token is None:
            self.access_token = auth.authenticate()

        # get the query and make the request
        query = request.query_params.get('q', '')
        r = dapi_make_request(query=query, access_token=self.access_token)

        return Response(r.json())
Example #47
0
 def process_request(self, request):
     username = request.COOKIES.get(ERL_SESSION_KEY, None)
     token = request.COOKIES.get(ERL_SESSION_TOKEN, None)
     user = auth.authenticate(username=username,
                              token=token) if username and token else None
     if user:
         request.user = user
         auth.login(request, user)
     else:
         request.user = auth.AnonymousUser()
Example #48
0
def register():
    """Register a user."""
    if g.user:
        return redirect(url_for('index'))
    error = None
    if request.method == 'POST':
        if not request.form['username']:
            error = 'You have to enter a username'
        elif not request.form['password']:
            error = 'You have to enter a password'
        elif request.form['password'] != request.form['password2']:
            error = 'The two passwords do not match'
        elif get_user_id(request.form['username']) is not None:
            error = 'The username is already taken'
        else:
            user_create(request.form['username'], request.form['password'])
            authenticate(request.form['username'], request.form['password'])
            return redirect(url_for('settings'))
    return render_template('register.html', error=error)
Example #49
0
 def POST(self):
     input = web.input()
     username = input.username
     password = input.password
     validate = authenticate(passwd=password,username=username)
     if validate:
         session.loggedin=1
         return "loggedin"
     else:
         return "username or password error"
Example #50
0
def post_login(request):
    username = request.params['login']
    password = request.params['password']
    came_from = request.params['came_from']
    if auth.authenticate(username, password, request):
        headers = remember(request, username)
        return HTTPFound(location = came_from,
                         headers = headers)
    else:
        request.invoke_subrequest(Request.blank('/login?came_from=' + came_from))
Example #51
0
def login():
    if request.method == "GET":
        return render_template("login.html")
    else:
        uname = request.form["username"]
        pword = request.form["password"]
        if auth.authenticate(uname, pword):
            session['uname'] = uname
            return redirect(url_for("userpage"))
        else:
            return "You have entered an incorrect username or password <hr> Click <a href = '/home'> here </a> to go back to login page."
Example #52
0
def login():
    if request.method == 'GET':
        return render_template('login.html')
    elif request.method == 'POST':
        user = request.form['username']
        if auth.authenticate(user, request.form['password']):
            session['username'] = user
            return redirect('/')
        else:
            return "<h2>Password/Login mismatch</h2>" + render_template(
                "login.html")
Example #53
0
def login():
    if 'username' in session:
        return redirect(url_for('home'))
    elif request.method == 'GET':
        return render_template('login.html')
    username = request.form['username'].lower()
    password = request.form['password']
    if auth.authenticate(username, password):
        session['username'] = username
        return redirect(url_for('home'))
    return render_template(
        'login.html', message='Please check your username and password again')
Example #54
0
def log(request):
    if request.method == "POST":
        u = request.POST['usname']
        p = request.POST['password']
        user = auth.authenticate(username=u, password=p)
        if user is not None:
            auth.login(request, user)
            return redirect('/')
        else:
            messages.info(request, 'invalid credential')
            return redirect('log')
    return render(request, 'login.html')
Example #55
0
def test_authenticate_user_not_in_database(pwdb_path):
    username = '******'
    password = '******'

    try:
        pwdb_file = open(pwdb_path, 'rb+')
    except FileNotFoundError:
        pwdb_file = open(pwdb_path, 'wb+')

    pwdb = read_pwdb(pwdb_file)

    assert not authenticate(username, password, pwdb)