def login(context, request): login_url = request.resource_url(request.context, 'login') referrer = request.url if referrer == login_url: referrer = '/' # never use the login form itself as came_from came_from = request.params.get('came_from', referrer) message = '' login = '' password = '' who_api = get_whoapi(request.environ) if 'form.submitted' in request.params: creds = { 'login':request.params['login'], 'password': request.params['password'], 'max_age': request.registry.settings['pysiphae'].get('cookie_max_age', 3600) } authenticated, headers = who_api.login(creds) if authenticated: return HTTPFound(location='/', headers=headers) request.flash_message('error', 'Invalid username or password') _, headers = who_api.login({}) request.response_headerlist = headers if 'REMOTE_USER' in request.environ: del request.environ['REMOTE_USER'] return dict( url = request.application_url + '/login', came_from = came_from, login = login, password = password, )
def changepass(context, request): if 'form.cancelled' in request.params: return HTTPFound(location='/') if 'form.submitted' in request.params: old = request.params.get('old-password', '') new = request.params.get('new-password', '') confirm = request.params.get('confirm-password','x') who_api = get_whoapi(request.environ) user = request.getAuthenticatedUser() authenticated, headers = who_api.login({'login': user['userid'], 'password': old}) if not authenticated: request.flash_message('error', 'Invalid password') return {} if new != confirm: request.flash_message('error', 'Passwords does not match') return {} resp = requests.post( 'https://ipa01.drsa.mampu.gov.my/ipa/session/change_password', verify=False, data={'user': user['userid'], 'old_password': old, 'new_password': new}) if not 'Password change successful' in resp.text: request.flash_message('error', resp.text) return {} request.flash_message('success', 'Password Changed') return HTTPFound(location='/') return {}
def changepass(context, request): if 'form.cancelled' in request.params: return HTTPFound(location='/') if 'form.submitted' in request.params: old = request.params.get('old-password', '') new = request.params.get('new-password', '') confirm = request.params.get('confirm-password', 'x') who_api = get_whoapi(request.environ) user = request.getAuthenticatedUser() authenticated, headers = who_api.login({ 'login': user['userid'], 'password': old }) if not authenticated: request.flash_message('error', 'Invalid password') return {} if new != confirm: request.flash_message('error', 'Passwords does not match') return {} resp = requests.post( 'https://ipa01.drsa.mampu.gov.my/ipa/session/change_password', verify=False, data={ 'user': user['userid'], 'old_password': old, 'new_password': new }) if not 'Password change successful' in resp.text: request.flash_message('error', resp.text) return {} request.flash_message('success', 'Password Changed') return HTTPFound(location='/') return {}
def login(context, request): login_url = request.resource_url(request.context, 'login') referrer = request.url if referrer == login_url: referrer = '/' # never use the login form itself as came_from came_from = request.params.get('came_from', referrer) message = '' login = '' password = '' who_api = get_whoapi(request.environ) if 'form.submitted' in request.params: creds = { 'login': request.params['login'], 'password': request.params['password'], 'max_age': request.registry.settings['pysiphae'].get('cookie_max_age', 3600) } authenticated, headers = who_api.login(creds) if authenticated: return HTTPFound(location='/', headers=headers) request.flash_message('error', 'Invalid username or password') _, headers = who_api.login({}) request.response_headerlist = headers if 'REMOTE_USER' in request.environ: del request.environ['REMOTE_USER'] return dict( url=request.application_url + '/login', came_from=came_from, login=login, password=password, )
def logout(context, request): who_api = get_whoapi(request.environ) headers = who_api.logout() url = request.resource_url(request.context) return HTTPFound(location=url, headers=headers)
def logout(context, request): who_api = get_whoapi(request.environ) headers = who_api.logout() url = request.resource_url(request.context) return HTTPFound(location=url,headers=headers)