def rpc_login(username, password):
""" *login* method
This method get username and password from request form and validate it.
If they are valid create a ticket for the current user using a SECRET_KEY shared with plone. After
is create a cookie with the ticket and domain linked to came_from.
Return response.
"""
if not username and not password:
return False
else:
validate_user = validate_username(username)
validate_bt = validate_to_biomedtown(username, password)
if validate_bt is False:
return False
else:
if validate_user is not True:
ins = usersTable.insert().values(name=username).execute()
lastid = ins.last_inserted_ids()[0]
USERS[lastid] = User(username, lastid)
USER_NAMES[username] = USERS[lastid]
# user_data = [ud for ud in validate_bt.values()]
user_data = [validate_bt['nickname'],
validate_bt['fullname'],
validate_bt['email'],
validate_bt['language'],
validate_bt['country'],
validate_bt['postcode'],
validate_bt['institution'],
validate_bt['department'],
validate_bt['institutionalrole']
]
cip = str(request.remote_addr)
validuntil = int(time.time()) + TIMEOUT
ticket = TICKET.createTkt(username, tokens=(), user_data=user_data, cip=cip, validuntil=validuntil)
#ticket = createTicket(app.config['SECRET_KEY'], username, tokens=(), user_data=user_data)
ticket_b64 = base64.b64encode(ticket)
return ticket_b64
def login():
""" *login* method
This method get username and password from request form and validate it.
If they are valid create a ticket for the current user using a SECRET_KEY shared with plone. After
is create a cookie with the ticket and domain linked to came_from.
Return response.
"""
error = None
if request.method == 'POST':
username = request.form['username']
password = request.form['password']
domain = request.args.get("domain", "")
if not username and not password:
return render_template('login.html', error='Insert username and password!')
else:
validate_user = validate_username(username)
validate_bt = validate_to_biomedtown(username, password)
if validate_bt is False:
return render_template('login.html', error='Invalid password!', username=username)
else:
if validate_user is not True:
ins = usersTable.insert().values(name=username).execute()
lastid = ins.last_inserted_ids()[0]
USERS[lastid] = User(username, lastid)
USER_NAMES[username] = USERS[lastid]
# user_data = [ud for ud in validate_bt.values()]
user_data = [validate_bt['nickname'],
validate_bt['fullname'],
validate_bt['email'],
validate_bt['language'],
validate_bt['country'],
validate_bt['postcode']
]
remember = request.form.get("remember", "no") == "yes"
if login_user(USER_NAMES[username], remember=remember):
flash("Logged in!")
cip = str(request.remote_addr)
validuntil = int(time.time()) + TIMEOUT
ticket = TICKET.createTkt(request.form['username'], tokens=(), user_data=user_data, cip=cip,
validuntil=validuntil)
#ticket = createTicket(app.config['SECRET_KEY'], request.form['username'], tokens=(), user_data=user_data)
ticket_b64 = binascii.b2a_base64(ticket).rstrip()
if str(domain).lower().count("vphshare"):
# we have to retrive the user roles from the MI
validate_tkt_response = requests.get(
app.config['MASTERINTERFACE_VALIDATE_TKT_SERVICE'] % ticket_b64,
verify = False
)
mi_user_data = json.loads(validate_tkt_response.text)
tokens = mi_user_data.get('role', [])
ticket = TICKET.createTkt(validate_bt['nickname'], tokens=tokens, user_data=user_data, cip=cip, validuntil=validuntil)
ticket_b64 = binascii.b2a_base64(ticket).rstrip()
if request.args.get("came_from"):
came_from = request.args.get("came_from")
#iif came_from.count("physiomespace"):
came_from = "%s?ticket=%s" % ( came_from, ticket_b64 )
response = redirect(came_from, 302)
else:
response = app.make_response(render_template('index.html'))
response.set_cookie('bt-tkt', ticket_b64, domain='.biomedtown.org')
response.set_cookie('bt-tkt', ticket_b64, domain='.vph-share.eu')
return response
elif request.method == 'GET' and request.args.get("came_from") and current_user.is_authenticated():
# incoming request from mod auth ticket third party
ticket_b64 = request.cookies.get('bt-tkt')
ticket = binascii.a2b_base64(str(ticket_b64))
domain = request.args.get("domain", "")
#if validateTicket(app.config['SECRET_KEY'], ticket, timeout=app.config['TIME_OUT']) is not None:
try:
cip = str(request.remote_addr)
if isinstance(TICKET, SignedTicket):
data = ticket
else:
data = ticket, cip
if TICKET.validateTkt(data) is not None:
flash("Logged in!")
userid, tocken, userdata, validuntil = TICKET.validateTkt(data)
validuntil = int(time.time()) + TIMEOUT
if str(domain).lower().count("vphshare"):
# we have to retrive the user roles from the MI
validate_tkt_response = requests.get(
app.config['MASTERINTERFACE_VALIDATE_TKT_SERVICE'] % ticket_b64,
verify = False
)
mi_user_data = json.loads(validate_tkt_response.text)
tokens = mi_user_data.get('role', [])
ticket = TICKET.createTkt(userid, tokens=tokens, user_data=userdata, cip=cip, validuntil=validuntil)
ticket_b64 = binascii.b2a_base64(ticket).rstrip()
came_from = request.args.get("came_from")
target_domain = ".%s" % ".".join(came_from.replace("http://", "").split(".")[1:]).split("/")[0]
#if came_from.count("physiomespace"):
came_from = "%s?ticket=%s" % (came_from, ticket_b64)
# redirect return a response object
response = redirect(came_from, 307)
response.set_cookie('bt-tkt', ticket_b64, domain=target_domain)
return response
else:
logout_user()
except Exception, e:
pass
def user_login():
""" *login* method
This method get username and password from request form and validate it.
If they are valid create a ticket for the current user using a SECRET_KEY shared with plone. After
is create a cookie with the ticket and domain linked to came_from.
Return response.
"""
import urllib
if request.method == 'GET':
username = request.args.get("username")
password = urllib.unquote(request.args.get("password"))
domain = request.args.get("domain", "")
elif request.method == 'POST':
username = request.form['username']
password = urllib.unquote(request.form['password'])
domain = request.form.get("domain", "")
else:
return abort(403)
if not username and not password:
return abort(403)
else:
validate_user = validate_username(username)
validate_bt = validate_to_biomedtown(username, password)
if validate_bt is False:
return abort(403)
else:
if validate_user is not True:
ins = usersTable.insert().values(name=username).execute()
lastid = ins.last_inserted_ids()[0]
USERS[lastid] = User(username, lastid)
USER_NAMES[username] = USERS[lastid]
# user_data = [ud for ud in validate_bt.values()]
user_data = [validate_bt['nickname'],
validate_bt['fullname'],
validate_bt['email'],
validate_bt['language'],
validate_bt['country'],
validate_bt['postcode']
]
cip = str(request.remote_addr)
validuntil = int(time.time()) + TIMEOUT
ticket = TICKET.createTkt(validate_bt['nickname'], tokens=(), user_data=user_data, cip=cip, validuntil=validuntil)
#ticket = createTicket(app.config['SECRET_KEY'], request.form['username'], tokens=(), user_data=user_data)
ticket_b64 = binascii.b2a_base64(ticket).rstrip()
if str(domain).lower().count("vphshare"):
# we have to retrive the user roles from the MI
validate_tkt_response = requests.get(
app.config['MASTERINTERFACE_VALIDATE_TKT_SERVICE'] % ticket_b64,
verify = False
)
mi_user_data = json.loads(validate_tkt_response.text)
tokens = mi_user_data.get('role', [])
ticket = TICKET.createTkt(validate_bt['nickname'], tokens=tokens, user_data=user_data, cip=cip, validuntil=validuntil)
ticket_b64 = binascii.b2a_base64(ticket).rstrip()
return app.make_response(ticket_b64)
