def render_link(text, url, target="main", onclick=None): # Convert relative links into absolute links. We have three kinds # of possible links and we change only [3] # [1] protocol://hostname/url/link.py # [2] /absolute/link.py # [3] relative.py if not (":" in url[:10] ) and not url.startswith("javascript") and url[0] != '/': url = config.url_prefix() + "check_mk/" + url return html.render_a(text, href=url, class_="link", target=target or '', onfocus="if (this.blur) this.blur();", onclick=onclick or None)
def _handle_not_authenticated(): if _fail_silently(): # While api call don't show the login dialog raise MKUnauthenticatedException(_('You are not authenticated.')) # Redirect to the login-dialog with the current url as original target # Never render the login form directly when accessing urls like "index.py" # or "dashboard.py". This results in strange problems. if html.myfile != 'login': raise HTTPRedirect( '%scheck_mk/login.py?_origtarget=%s' % (config.url_prefix(), html.urlencode(html.makeuri([])))) # This either displays the login page or validates the information submitted # to the login form. After successful login a http redirect to the originally # requested page is performed. login_page = login.LoginPage() login_page.set_no_html_output(_plain_error()) login_page.handle_page()
def _do_login(self) -> None: """handle the sent login form""" if not html.request.var('_login'): return try: username_var = html.request.get_unicode_input('_username', '') assert username_var is not None username = UserId(username_var.rstrip()) if not username: raise MKUserError('_username', _('No username given.')) password = html.request.var('_password', '') if not password: raise MKUserError('_password', _('No password given.')) default_origtarget = config.url_prefix() + "check_mk/" origtarget = html.get_url_input("_origtarget", default_origtarget) # Disallow redirections to: # - logout.py: Happens after login # - side.py: Happens when invalid login is detected during sidebar refresh if "logout.py" in origtarget or 'side.py' in origtarget: origtarget = default_origtarget # '<user_id>' -> success # False -> failed result = userdb.hook_login(username, password) if result: assert isinstance(result, str) # use the username provided by the successful login function, this function # might have transformed the username provided by the user. e.g. switched # from mixed case to lower case. username = result # When single user session mode is enabled, check that there is not another # active session userdb.ensure_user_can_init_session(username) # reset failed login counts userdb.on_succeeded_login(username) # The login succeeded! Now: # a) Set the auth cookie # b) Unset the login vars in further processing # c) Redirect to really requested page _create_auth_session(username) # Never use inplace redirect handling anymore as used in the past. This results # in some unexpected situations. We simpy use 302 redirects now. So we have a # clear situation. # userdb.need_to_change_pw returns either False or the reason description why the # password needs to be changed change_pw_result = userdb.need_to_change_pw(username) if change_pw_result: raise HTTPRedirect( 'user_change_pw.py?_origtarget=%s&reason=%s' % (html.urlencode(origtarget), change_pw_result)) raise HTTPRedirect(origtarget) userdb.on_failed_login(username) raise MKUserError(None, _('Invalid credentials.')) except MKUserError as e: html.add_user_error(e.varname, e)