Exemple #1
0
def load_user(user_id):
    """
    user loader
    hier wird beim aufruf von login.required dekorierten punkten
    der in der session gespeicherte benutzer geladen wenn vorhanden

    Args:
        user_id:

    Returns:

    """
    if user_id > 0:
        user = BeUser()
        user.set("id", user_id)
        user.load()
        session = Session()
        session.set_user_id(user.get_id())
        if session.load():
            session_user = user.create_session_user()
            ip_address = get_real_ip()
            session_user.ip_address = ip_address
            session_user.user_agent = request.user_agent
            session_user.token = session.get_token()
            session_user.timestamp = session.get_timestamp()
            hash = session.get_user_hash_string(session_user)

            if session.is_valid(session.encryption.get_generic_hash(hash)):
                return session_user
            else:
                debug_logger.debug("session nicht valid")
                session.delete()
    return SessionUser()
Exemple #2
0
def login():
    """
    Login Endpunkt

    Returns:
        Rendert das Login Template oder leitet an das Dashboard weiter nach erfolgreichem Login

    """
    form = LoginForm()

    ip_address = get_real_ip()

    if request.method == "POST":
        if form.validate_on_submit():
            be_user = BeUser()
            be_user.set("username", escape(request.form["username"]))
            be_user.temp_password = escape(request.form["password"])
            if be_user.validate_login():
                be_user.load()
                session = Session()
                session.set_user_id(be_user.get_id())
                if session.session_exists():
                    session.delete()
                    session = Session()
                    session.set_user_id(be_user.get_id())

                ip_address = escape(ip_address)
                user_agent = escape(request.user_agent)
                token = session.encryption.create_random_token(32)

                session.set_ip_address(ip_address)
                session.set_user_agent(user_agent)
                session.set_token(token)
                time = datetime.now()
                session.set_timestamp(time)

                if session.save() is not False:
                    session_user = be_user.create_session_user()
                    if login_user(session_user):
                        debug_logger.log(
                            10, "User mit der ID {0} eingeloggt".format(
                                session_user.get_id()))
                        return redirect(url_for("backend.dashboard"))
            else:
                failed_login_record = FailedLoginRecord()
                failed_login_record.set_user_id(be_user.get_id())
                failed_login_record.set_username(be_user.get_username())
                failed_login_record.set_ip_address(request.remote_addr)
                failed_login_record.set_user_agent(str(request.user_agent))
                failed_login_record.save()
        else:
            flash(form.errors)
    return render_template("login.html", form=form)
Exemple #3
0
def delete_user(user_id):
    try:
        result = False
        sess = Session()
        user = sess.query(User).get(user_id)
        if user:
            sess.delete(user)
            sess.commit()
            result = True
    except Exception:
        result = False
    return result
Exemple #4
0
def delete_book(book_id):
    try:
        result = False
        sess = Session()
        book = sess.query(Book).get(book_id)
        if book:
            sess.delete(book)
            sess.commit()
            result = True
    except Exception:
        result = False
    return result
Exemple #5
0
def logout():
    """

    Returns:

    """
    user = current_user
    session = Session()
    session.set_user_id(user.get_id())
    session.load()
    session.delete()
    if logout_user():
        flash("Erfolgreich abgemeldet", "success")
        return redirect(url_for("backend.login"))
Exemple #6
0
def post_new_class(new_class_name):
    session = Session()
    new_class_obj = ClassName(class_name=new_class_name)
    session.add(new_class_obj)
    session.commit()
    archives = session.query(Archive).filter_by(class_id=new_class_obj.id)
    [session.delete(archive) for archive in archives]
    session.commit()
    session.close()

    response = create_schedules_data()

    return response