def fn(request, secret, *args, **kargs): try: trader_id, trader_has_not_visited_lately = db.get_loginkey_info( hashlib.md5(secret.encode('ascii')).hexdigest()) if trader_id: if trader_has_not_visited_lately and settings.CMBARTER_MAINTAIN_IP_WHITELIST: client_ip = get_client_ip(request) if client_ip: db.insert_whitelist_entry(trader_id, client_ip) # Render the response with some HTTP-headers added. response = view(request, secret, trader_id, *args, **kargs) if 'Cache-Control' not in response: response['Cache-Control'] = 'no-cache, must-revalidate' response['Expires'] = 'Mon, 26 Jul 1997 05:00:00 GMT' response['Last-Modified'] = datetime.datetime.now( pytz.utc).strftime("%d %b %Y %H:%M:%S GMT") response['Pragma'] = 'no-cache' return response else: return login(request, method='GET') except curiousorm.PgError, e: if (getattr(e, 'pgcode', '') == curiousorm.RAISE_EXCEPTION and A_TURN_IS_RUNNING.search(getattr(e, 'pgerror', ''))): return render( request, settings.CMBARTER_TURN_IS_RUNNING_MOBILE_TEMPLATE) else: raise
def fn(request, secret, *args, **kargs): try: trader_id, trader_has_not_visited_lately = db.get_loginkey_info( hashlib.md5(secret.encode('ascii')).hexdigest() ) if trader_id: if trader_has_not_visited_lately and settings.CMBARTER_MAINTAIN_IP_WHITELIST: client_ip = get_client_ip(request) if client_ip: db.insert_whitelist_entry(trader_id, client_ip) # Render the response with some HTTP-headers added. response = view(request, secret, trader_id, *args, **kargs) if 'Cache-Control' not in response: response['Cache-Control'] = 'no-cache, must-revalidate' response['Expires'] = 'Mon, 26 Jul 1997 05:00:00 GMT' response['Last-Modified'] = datetime.datetime.now(pytz.utc).strftime( "%d %b %Y %H:%M:%S GMT") response['Pragma'] = 'no-cache' return response else: return login(request, method='GET') except curiousorm.PgError, e: if (getattr(e, 'pgcode', '')==curiousorm.RAISE_EXCEPTION and A_TURN_IS_RUNNING.search(getattr(e, 'pgerror', ''))): return render(request, settings.CMBARTER_TURN_IS_RUNNING_MOBILE_TEMPLATE) else: raise
def login(request, tmpl='xhtml-mp/login.html', method=None): method = method or request.GET.get('method') or request.method if method == 'POST': form = cmbarter.users.forms.LoginForm(request.POST) if form.is_valid(): username = form.cleaned_data['username'] password_salt = db.get_password_salt(username) password_hash = utils.calc_crypt_hash( password_salt + form.cleaned_data['password']) authentication = db.login_trader(username, password_hash) if (settings.CMBARTER_SHOW_CAPTCHA_ON_REPETITIVE_LOGIN_FAILURE and authentication['needs_captcha']): form.needs_captcha = True elif authentication['is_valid']: # Log the user in and redirect him to his start-page. while 1: secret = base64.urlsafe_b64encode( os.urandom(15)).decode('ascii') if db.replace_loginkey( authentication['trader_id'], hashlib.md5(secret.encode('ascii')).hexdigest()): break if settings.CMBARTER_MAINTAIN_IP_WHITELIST: client_ip = get_client_ip(request) if client_ip: db.insert_whitelist_entry(authentication['trader_id'], client_ip) r = HttpResponseRedirect( reverse(show_shopping_list, args=[secret])) r.set_cookie(key='username', value=base64.b16encode( username.encode('utf-8')).decode('ascii'), max_age=60 * 60 * 24 * 365 * 10) return r else: form.incorrect_login = True else: try: username = base64.b16decode( request.COOKIES.get('username', '').encode('ascii')).decode('utf-8') except: username = u'' form = cmbarter.users.forms.LoginForm(initial={'username': username}) # Render everything. c = {'settings': settings, 'form': form} return render(request, tmpl, c)
def login(request, tmpl='xhtml-mp/login.html', method=None): method = method or request.GET.get('method') or request.method if method == 'POST': form = cmbarter.users.forms.LoginForm(request.POST) if form.is_valid(): username = form.cleaned_data['username'] password_salt = db.get_password_salt(username) password_hash = utils.calc_crypt_hash(password_salt + form.cleaned_data['password']) authentication = db.login_trader(username, password_hash) if (settings.CMBARTER_SHOW_CAPTCHA_ON_REPETITIVE_LOGIN_FAILURE and authentication['needs_captcha']): form.needs_captcha = True elif authentication['is_valid']: # Log the user in and redirect him to his start-page. while 1: secret = base64.urlsafe_b64encode(os.urandom(15)).decode('ascii') if db.replace_loginkey(authentication['trader_id'], hashlib.md5(secret.encode('ascii')).hexdigest()): break if settings.CMBARTER_MAINTAIN_IP_WHITELIST: client_ip = get_client_ip(request) if client_ip: db.insert_whitelist_entry(authentication['trader_id'], client_ip) r = HttpResponseRedirect(reverse(show_shopping_list, args=[secret])) r.set_cookie( key='username', value=base64.b16encode(username.encode('utf-8')).decode('ascii'), max_age=60*60*24*365*10) return r else: form.incorrect_login = True else: try: username = base64.b16decode( request.COOKIES.get('username', '').encode('ascii') ).decode('utf-8') except: username = u'' form = cmbarter.users.forms.LoginForm( initial={'username': username }) # Render everything. c = {'settings': settings, 'form': form } return render(request, tmpl, c)