def post(self): if getStatus(self) == 0: self.finish({'ok': False}) return username = '' password = '' credentials = self.request.body for kvp in credentials.split("&"): kv = kvp.split("=") if kv[0] == "username": username = kv[1] elif kv[0] == "password": password = kv[1] if not username or not password: self.finish({'ok': False}) return #createNewUser(username, password) auth = "%s.txt" % hashlib.sha1(username + getFileSalt()).hexdigest() # if this file exists, try: f = open(os.path.join(user_root, auth), 'rb') ciphertext = f.read() f.close() # decrypt it using supplied password. plaintext = decrypt(ciphertext, password, p_salt=getPasswordSalt()) # if that works, send back plaintext if plaintext is not None: try: if plaintext['admin']: del plaintext['admin'] self.set_secure_cookie(admin_cookie_tag, "true", path="/", expires_days=1) except KeyError as e: pass new_cookie = base64.b64encode(json.dumps(plaintext)) if new_cookie is not None: self.set_secure_cookie(cookie_tag, new_cookie, path="/", expires_days=1) self.finish({'ok': True, 'user': plaintext}) return except IOError as e: print e pass self.finish({'ok': False})
def post(self): if getStatus(self) == 0: self.finish({'ok':False}) return username = '' password = '' credentials = self.request.body for kvp in credentials.split("&"): kv = kvp.split("=") if kv[0] == "username": username = kv[1] elif kv[0] == "password": password = kv[1] if not username or not password: self.finish({'ok':False}) return #createNewUser(username, password) auth = "%s.txt" % hashlib.sha1(username + getFileSalt()).hexdigest() # if this file exists, try: f = open(os.path.join(user_root, auth), 'rb') ciphertext = f.read() f.close() # decrypt it using supplied password. plaintext = decrypt(ciphertext, password, p_salt=getPasswordSalt()) # if that works, send back plaintext if plaintext is not None: try: if plaintext['admin']: del plaintext['admin'] self.set_secure_cookie(admin_cookie_tag, "true", path="/", expires_days=1) except KeyError as e: pass new_cookie = base64.b64encode(json.dumps(plaintext)) if new_cookie is not None: self.set_secure_cookie(cookie_tag, new_cookie, path="/", expires_days=1) self.finish({'ok':True, 'user' : plaintext}) return except IOError as e: print e pass self.finish({'ok':False})
def post(self): if getStatus(self) == 0: self.finish({'ok': False}) return self.clear_cookie(cookie_tag) self.clear_cookie(admin_cookie_tag) if self.request.body != "": try: credentials = json.loads(self.request.body) auth = "%s.txt" % hashlib.sha1(credentials['user']['username'] + getFileSalt()).hexdigest() f = open(os.path.join(user_root, auth), 'rb') ciphertext = f.read() f.close() # decrypt it using supplied password. plaintext = decrypt(ciphertext, credentials['password'], p_salt=getPasswordSalt()) # if that works, encrypt new data if plaintext is not None: new_data = copy.deepcopy(plaintext) new_data['saved_searches'] = credentials['user'][ 'saved_searches'] # also, new_data might have ['default_home'] f = open(os.path.join(user_root, auth), 'wb+') f.write( encrypt(new_data, credentials['password'], iv=getPrivateIV(), p_salt=getPasswordSalt())) f.close() else: self.finish({'ok': False}) return except ValueError as e: print e self.finish({'ok': False}) return except TypeError as e: print e self.finish({'ok': False}) return self.finish({'ok': True})
def post(self): if getStatus(self) == 0: self.finish({'ok':False}) return self.clear_cookie(cookie_tag) self.clear_cookie(admin_cookie_tag) if self.request.body != "": try: credentials = json.loads(self.request.body) auth = "%s.txt" % hashlib.sha1(credentials['user']['username'] + getFileSalt()).hexdigest() f = open(os.path.join(user_root, auth), 'rb') ciphertext = f.read() f.close() # decrypt it using supplied password. plaintext = decrypt(ciphertext, credentials['password'], p_salt=getPasswordSalt()) # if that works, encrypt new data if plaintext is not None: new_data = copy.deepcopy(plaintext) new_data['saved_searches'] = credentials['user']['saved_searches'] # also, new_data might have ['default_home'] f = open(os.path.join(user_root, auth), 'wb+') f.write(encrypt( new_data, credentials['password'], iv=getPrivateIV(), p_salt=getPasswordSalt() )) f.close() else: self.finish({'ok':False}) return except ValueError as e: print e self.finish({'ok':False}) return except TypeError as e: print e self.finish({'ok':False}) return self.finish({'ok':True})