def home(): if request.method == "GET": return render_template("home.html")#for when the user opens the page elif storage.authenticate(str(request.form["username"]), str(request.form["password"])):#change names when ready session["username"] = str(request.form["username"]) #logs user in if their username and password were right return redirect(url_for("profile")) return redirect(url_for("loginfailed"))
def authenticate(self, is_first=False): if is_first: self.rsa_pub = self.sock.recv().body self.key = os.urandom(16) encoded_key = crypt.encrypt_rsa(self.rsa_pub, self.key) self.sock.send(encoded_key) self.last_token_update = datetime.datetime.now() if is_first: self.sock.send_string("Enter login:"******"{} trying to authenticate".format(self.username)) self.sock.send_string("Enter password:"******"Invalid login {} supplied. Closing the socket.".format( self.username)) self.sock.send(b'', input_wanted=NO_INPUT, response_code=FORBIDDEN) self.sock.close() return self.sock.send(b'', input_wanted=NO_INPUT, response_code=SUCCESS)
def function_wrapper(func,func_name): """gen new func ,and put a arg as the last argument""" def inner(session,*args): global dbpath_reg try: realargs=[ i for i in args] code = session['code'] #开始鉴权 dbh=storage.Dbh(prepare_sql="set names utf8") dbh.load_yaml("./etc/db.yaml") dbh.connect() except Exception,e: return {"code":510,"msg":" error: db init"+str(e)} try: auth=storage.authenticate(dbh,code) except: return {"code":511,"msg":"error in authenticaate"} try: if auth == None: #查不到该code的信息,返回403 return {'code':403,'msg':"secret code invalid"} if auth.has_key("status"): if auth["status"] != "normal": return {'code':401,'msg':"your code status is "+ auth['status']} try: if func.func_code.co_varnames[0] == "dbpath" : if not args[0] == auth["dbpath"]: return {'code':402,'msg':"this code is not for this database"} if dbpath_reg.match(args[0]) == None: return {'code':406,'msg':"dbpath must match regexp: /0-9a-zA-Z+/"} except: pass else: auth["dbpath"]="-" except Exception,e: #print "error occured while authenticating:",e return {"code":501,"msg":str(e)}