class Ticket(object): ''' Manages tickets & ticketing save/loading Right now, uses cache as backend ''' def __init__(self, key=None, data=None): self.uuidGenerator = lambda: (cryptoManager().uuid() + cryptoManager().uuid()).replace('-', '') self.cache = Cache(TICKET_OWNER) self.data = data self.key = key if key is not None: self.load() else: self.key = self.uuidGenerator() def save(self, data=None, validity=Cache.DEFAULT_VALIDITY): ''' Stores data inside ticket, and make data persistent (store in db) ''' if data is not None: self.data = data self.cache.put(self.key, self.data, validity) return self.key def load(self): ''' Load data (if still valid) for a ticket ''' self.data = self.cache.get(self.key, None) return self.data def delete(self): ''' Removes a ticket from storage (db) ''' self.cache.remove(self.key) def __unicode__(self): return "Ticket: {}, {}".format(self.key, self.data)
class Ticket(object): ''' Manages tickets & ticketing save/loading Right now, uses cache as backend ''' def __init__(self, key=None, data=None): self.uuidGenerator = lambda: (cryptoManager().uuid() + cryptoManager(). uuid()).replace('-', '') self.cache = Cache(TICKET_OWNER) self.data = data self.key = key if key is not None: self.load() else: self.key = self.uuidGenerator() def save(self, data=None, validity=Cache.DEFAULT_VALIDITY): ''' Stores data inside ticket, and make data persistent (store in db) ''' if data is not None: self.data = data self.cache.put(self.key, self.data, validity) return self.key def load(self): ''' Load data (if still valid) for a ticket ''' self.data = self.cache.get(self.key, None) return self.data def delete(self): ''' Removes a ticket from storage (db) ''' self.cache.remove(self.key) def __unicode__(self): return "Ticket: {}, {}".format(self.key, self.data)
def login(request, tag=None): ''' View responsible of logging in an user :param request: http request :param tag: tag of login auth ''' # request.session.set_expiry(GlobalConfig.USER_SESSION_LENGTH.getInt()) host = request.META.get('HTTP_HOST') or request.META.get('SERVER_NAME') or 'auth_host' # Last one is a placeholder in case we can't locate host name # Get Authenticators limitation logger.debug('Host: {0}'.format(host)) if GlobalConfig.DISALLOW_GLOBAL_LOGIN.getBool(True) is True: if tag is None: try: Authenticator.objects.get(small_name=host) tag = host except Exception: try: tag = Authenticator.objects.order_by('priority')[0].small_name except Exception: # There is no authenticators yet, simply allow global login to nowhere.. :-) tag = None logger.debug('Tag: {0}'.format(tag)) logger.debug(request.method) if request.method == 'POST': if 'uds' not in request.COOKIES: logger.debug('Request does not have uds cookie') return errors.errorView(request, errors.COOKIES_NEEDED) # We need cookies to keep session data request.session.cycle_key() form = LoginForm(request.POST, tag=tag) if form.is_valid(): os = OsDetector.getOsFromUA(request.META.get('HTTP_USER_AGENT')) try: authenticator = Authenticator.objects.get(pk=form.cleaned_data['authenticator']) except Exception: authenticator = Authenticator() userName = form.cleaned_data['user'] cache = Cache('auth') cacheKey = str(authenticator.id) + userName tries = cache.get(cacheKey) if tries is None: tries = 0 if authenticator.getInstance().blockUserOnLoginFailures is True and tries >= GlobalConfig.MAX_LOGIN_TRIES.getInt(): form.add_form_error('Too many authentication errors. User temporarily blocked.') authLogLogin(request, authenticator, userName, 'Temporarily blocked') else: user = authenticate(userName, form.cleaned_data['password'], authenticator) logger.debug('User: {}'.format(user)) if user is None: logger.debug("Invalid credentials for user {0}".format(userName)) tries += 1 cache.put(cacheKey, tries, GlobalConfig.LOGIN_BLOCK.getInt()) form.add_form_error('Invalid credentials') authLogLogin(request, authenticator, userName, 'Invalid credentials') else: logger.debug('User {} has logged in'.format(userName)) cache.remove(cacheKey) # Valid login, remove cached tries response = HttpResponseRedirect(reverse('uds.web.views.index')) webLogin(request, response, user, form.cleaned_data['password']) # Add the "java supported" flag to session request.session['OS'] = os authLogLogin(request, authenticator, user.name) return response else: form = LoginForm(tag=tag) response = render_to_response(theme.template('login.html'), {'form': form, 'customHtml': GlobalConfig.CUSTOM_HTML_LOGIN.get(True)}, context_instance=RequestContext(request)) getUDSCookie(request, response) return response
def login(request, tag=None): ''' View responsible of logging in an user :param request: http request :param tag: tag of login auth ''' # request.session.set_expiry(GlobalConfig.USER_SESSION_LENGTH.getInt()) host = request.META.get('HTTP_HOST') or request.META.get('SERVER_NAME') or 'auth_host' # Last one is a placeholder in case we can't locate host name # Get Authenticators limitation logger.debug('Host: {0}'.format(host)) if GlobalConfig.DISALLOW_GLOBAL_LOGIN.getBool(False) is True: if tag is None: try: Authenticator.objects.get(small_name=host) tag = host except Exception: try: tag = Authenticator.objects.order_by('priority')[0].small_name except Exception: # There is no authenticators yet, simply allow global login to nowhere.. :-) tag = None logger.debug('Tag: {0}'.format(tag)) logger.debug(request.method) if request.method == 'POST': if 'uds' not in request.COOKIES: logger.debug('Request does not have uds cookie') return errors.errorView(request, errors.COOKIES_NEEDED) # We need cookies to keep session data request.session.cycle_key() form = LoginForm(request.POST, tag=tag) if form.is_valid(): os = request.os try: authenticator = Authenticator.objects.get(pk=form.cleaned_data['authenticator']) except Exception: authenticator = Authenticator() userName = form.cleaned_data['user'] if GlobalConfig.LOWERCASE_USERNAME.getBool(True) is True: userName = userName.lower() cache = Cache('auth') cacheKey = str(authenticator.id) + userName tries = cache.get(cacheKey) if tries is None: tries = 0 if authenticator.getInstance().blockUserOnLoginFailures is True and tries >= GlobalConfig.MAX_LOGIN_TRIES.getInt(): form.add_error(None, 'Too many authentication errors. User temporarily blocked.') authLogLogin(request, authenticator, userName, 'Temporarily blocked') else: password = form.cleaned_data['password'] user = None if password == '': password = '******' user = authenticate(userName, password, authenticator) logger.debug('User: {}'.format(user)) if user is None: logger.debug("Invalid credentials for user {0}".format(userName)) tries += 1 cache.put(cacheKey, tries, GlobalConfig.LOGIN_BLOCK.getInt()) form.add_error(None, ugettext('Invalid credentials')) authLogLogin(request, authenticator, userName, 'Invalid credentials') else: logger.debug('User {} has logged in'.format(userName)) cache.remove(cacheKey) # Valid login, remove cached tries response = HttpResponseRedirect(reverse('uds.web.views.index')) webLogin(request, response, user, form.cleaned_data['password']) # Add the "java supported" flag to session request.session['OS'] = os if form.cleaned_data['logouturl'] != '': logger.debug('The logoout url will be {}'.format(form.cleaned_data['logouturl'])) request.session['logouturl'] = form.cleaned_data['logouturl'] authLogLogin(request, authenticator, user.name) return response else: logger.info('Invalid form received') else: form = LoginForm(tag=tag) response = render_to_response( theme.template('login.html'), { 'form': form, 'customHtml': GlobalConfig.CUSTOM_HTML_LOGIN.get(True), 'version': VERSION }, context_instance=RequestContext(request) ) getUDSCookie(request, response) return response
def checkLogin(request, form, tag=None): host = request.META.get('HTTP_HOST') or request.META.get('SERVER_NAME') or 'auth_host' # Last one is a placeholder in case we can't locate host name # Get Authenticators limitation logger.debug('Host: {0}'.format(host)) if GlobalConfig.DISALLOW_GLOBAL_LOGIN.getBool(False) is True: if tag is None: try: Authenticator.objects.get(small_name=host) tag = host except Exception: try: tag = Authenticator.objects.order_by('priority')[0].small_name except Exception: # There is no authenticators yet, simply allow global login to nowhere.. :-) tag = None logger.debug('Tag: {0}'.format(tag)) if 'uds' not in request.COOKIES: logger.debug('Request does not have uds cookie') return (None, errors.COOKIES_NEEDED) if form.is_valid(): os = request.os try: authenticator = Authenticator.objects.get(uuid=processUuid(form.cleaned_data['authenticator'])) except Exception: authenticator = Authenticator() userName = form.cleaned_data['user'] if GlobalConfig.LOWERCASE_USERNAME.getBool(True) is True: userName = userName.lower() cache = Cache('auth') cacheKey = str(authenticator.id) + userName tries = cache.get(cacheKey) if tries is None: tries = 0 if authenticator.getInstance().blockUserOnLoginFailures is True and tries >= GlobalConfig.MAX_LOGIN_TRIES.getInt(): authLogLogin(request, authenticator, userName, 'Temporarily blocked') return (None, _('Too many authentication errrors. User temporarily blocked')) else: password = form.cleaned_data['password'] user = None if password == '': password = '******' # Random string, in fact, just a placeholder that will not be used :) user = authenticate(userName, password, authenticator) logger.debug('User: {}'.format(user)) if user is None: logger.debug("Invalid user {0} (access denied)".format(userName)) tries += 1 cache.put(cacheKey, tries, GlobalConfig.LOGIN_BLOCK.getInt()) authLogLogin(request, authenticator, userName, 'Access denied (user not allowed by UDS)') return (None, _('Access denied')) else: request.session.cycle_key() logger.debug('User {} has logged in'.format(userName)) cache.remove(cacheKey) # Valid login, remove cached tries # Add the "java supported" flag to session request.session['OS'] = os if form.cleaned_data['logouturl'] != '': logger.debug('The logoout url will be {}'.format(form.cleaned_data['logouturl'])) request.session['logouturl'] = form.cleaned_data['logouturl'] authLogLogin(request, authenticator, user.name) return (user, form.cleaned_data['password']) logger.info('Invalid form received') return (None, _('Invalid data'))
def checkLogin(request, form, tag=None): host = request.META.get('HTTP_HOST') or request.META.get( 'SERVER_NAME' ) or 'auth_host' # Last one is a placeholder in case we can't locate host name # Get Authenticators limitation logger.debug('Host: {0}'.format(host)) if GlobalConfig.DISALLOW_GLOBAL_LOGIN.getBool(False) is True: if tag is None: try: Authenticator.objects.get(small_name=host) tag = host except Exception: try: tag = Authenticator.objects.order_by( 'priority')[0].small_name except Exception: # There is no authenticators yet, simply allow global login to nowhere.. :-) tag = None logger.debug('Tag: {0}'.format(tag)) if 'uds' not in request.COOKIES: logger.debug('Request does not have uds cookie') return (None, errors.COOKIES_NEEDED) if form.is_valid(): os = request.os try: authenticator = Authenticator.objects.get( uuid=processUuid(form.cleaned_data['authenticator'])) except Exception: authenticator = Authenticator() userName = form.cleaned_data['user'] if GlobalConfig.LOWERCASE_USERNAME.getBool(True) is True: userName = userName.lower() cache = Cache('auth') cacheKey = str(authenticator.id) + userName tries = cache.get(cacheKey) if tries is None: tries = 0 if authenticator.getInstance( ).blockUserOnLoginFailures is True and tries >= GlobalConfig.MAX_LOGIN_TRIES.getInt( ): authLogLogin(request, authenticator, userName, 'Temporarily blocked') return ( None, _('Too many authentication errrors. User temporarily blocked')) else: password = form.cleaned_data['password'] user = None if password == '': password = '******' # Random string, in fact, just a placeholder that will not be used :) user = authenticate(userName, password, authenticator) logger.debug('User: {}'.format(user)) if user is None: logger.debug( "Invalid user {0} (access denied)".format(userName)) tries += 1 cache.put(cacheKey, tries, GlobalConfig.LOGIN_BLOCK.getInt()) authLogLogin(request, authenticator, userName, 'Access denied (user not allowed by UDS)') return (None, _('Access denied')) else: request.session.cycle_key() logger.debug('User {} has logged in'.format(userName)) cache.remove(cacheKey) # Valid login, remove cached tries # Add the "java supported" flag to session request.session['OS'] = os if form.cleaned_data['logouturl'] != '': logger.debug('The logoout url will be {}'.format( form.cleaned_data['logouturl'])) request.session['logouturl'] = form.cleaned_data[ 'logouturl'] authLogLogin(request, authenticator, user.name) return (user, form.cleaned_data['password']) logger.info('Invalid form received') return (None, _('Invalid data'))