Exemple #1
0
def init_session(req, form=None):
    '''Initiates a session using the cookie session module. If a form is passed in it trys to
    log the user in. The function will return a session dictionary and a user dictionary. If
    the current session has no user information associated with it the user dictionary will be
    empty. Note this function prints the header information, if you need to set custom cookies
    then you cannot currently use this function.'''
    if form is None: form = dict()

    usr_id = verify_login(req, form) #only actually gives you a user_id if you are logging in

    if usr_id is not None: #means you are logging in with good credentials
        update_last_login_time(req, usr_id) #so update the time
        # now invalidate the previous session
        logout_session(req)
        # make a new one
        c, ses_dict = cookie_session.make_new_session(req)
        ses_dict['usr_id'] = usr_id
        req.server.sessions[ses_dict['session_id']] = ses_dict
    else:
        # we are not logging in we just need to get the session
        # initializes the session returns the session dictionary and the cookie to push to browser
        c, ses_dict = cookie_session.init_session(req)

    user_id = ses_dict['usr_id'] #if you are logged in gives you the current user_id
    user_dict = get_user_byid(req, user_id) #get the user dictionary
    return c, ses_dict, user_dict
Exemple #2
0
def verify_login(form,  cookie):
    '''This function takes a form (ie the return value of cgi.FieldStorage()) or an empty dictionary.
    If the dictionary is empty it simply returns None. If there is no user by the name passed in it 
    returns None. If the passwords do not match it returns None. If the username is valid and the 
    password validates then it returns the user_id.'''
    usr_id = None #set a default value for the user_id
    if cookie_session.verify_session(): # check to see if there is a valid session. you cannot 
                                        # log in with out one.
        if form.has_key('email') and form.has_key('passwd'): # see if the correct form info got 
                                                             # passed to the server
            logger.writeln('about to try and log in')
            try:
                email = templater.validators.Email(resolve_domain=True,
                                                 not_empty=True).to_python(form["email"].value)
            except templater.formencode.Invalid, e:
                logger.writeln("email did not pass validation: ")
                c, ses_dict = cookie_session.init_session(cookie, None)
                cookie_session.print_header(c)
                templater.print_error("email: "+str(e))
                sys.exit()
            passwd = form['passwd'].value #get the password
            logger.writeln('    email:', email)
            valid, user_dict = verify_passwd(email, passwd) #verify the password and get the 
                                                            #user_dict as well
            logger.writeln('    valid:', valid)
            
            if valid:
                usr_id = user_dict['usr_id'] #if it is valid grab the user_id from the user_dict
            else:
                logger.writeln("Password or email not correct")
                c, ses_dict = cookie_session.init_session(cookie, None)
                cookie_session.print_header(c)
                templater.print_error("Password or email not correct")
                sys.exit(0)
        elif form.has_key('email') or form.has_key('passwd'):
            logger.writeln("All of the fields were not filled out.")
            c, ses_dict = cookie_session.init_session(cookie, None)
            cookie_session.print_header(c)
            templater.print_error("All fields must be filled out.")
            sys.exit(0)
Exemple #3
0
def logout_session():
    cookie = Cookie.SimpleCookie()
    cookieHdr = os.environ.get("HTTP_COOKIE", "") #get the cookie from the enviroment
    cookie.load(cookieHdr) #load it into a Cookie class
    
    c, ses_dict = cookie_session.init_session(cookie) # initializes the session returns the session 
                                                      # dictionary and the cookie to push to browser
    logger.writeln('logging out -> usr_id:', ses_dict['usr_id'], '   session_id:', ses_dict['session_id'])
    
    con = db.connections.get_con()
    cur = db.DictCursor(con)
    cur.callproc('logout_session', (ses_dict['session_id'],ses_dict['usr_id']))
    cur.close()
    db.connections.release_con(con)
Exemple #4
0
def init_user_session(form={}):
    '''Initiates a session using the cookie session module. If a form is passed in it trys to 
    log the user in. The function will return a session dictionary and a user dictionary. If
    the current session has no user information associated with it the user dictionary will be
    empty. Note this function prints the header information, if you need to set custom cookies
    then you cannot currently use this function.'''
    cookie = Cookie.SimpleCookie()
    cookieHdr = os.environ.get("HTTP_COOKIE", "") #get the cookie from the enviroment
    cookie.load(cookieHdr) #load it into a Cookie class
    
    user_id = verify_login(form, cookie) #only actually gives you a user_id if you are logging in
    c, ses_dict = cookie_session.init_session(cookie, user_id) #initializes the session returns the session dictionary and the cookie to push to browser
    logger.writeln('ses_dict: ', ses_dict)
    cookie_session.print_header(c) #print the header
    
    if user_id == ses_dict['usr_id']: #means you are logging in with good credentials
        logger.writeln('logging in')
        update_last_login_time(user_id) #so update the time
    
    user_id = ses_dict['usr_id'] #if you are logged in gives you the current user_id
    logger.writeln('user_id: ', user_id)
    user_dict = get_user_byid(user_id) #get the user dictionary
    logger.writeln('user_dict: ', user_dict)
    return ses_dict, user_dict
Exemple #5
0
def logout_session(req):
    c, ses_dict = cookie_session.init_session(req)
    session_id = ses_dict['session_id']
    if session_id in req.server.sessions:
        del req.server.sessions[session_id]