def dashboard_group_login(request, username, password, sign, **kwargs):
# cur_time = str(time.time()).split(".")[0]
if not hashlib.md5(username + password).hexdigest() == sign:
raise PermissionDenied
auto_login_permit = MyVariable().get_var(
"custom", "dashboard_login") if MyVariable().get_var(
"custom", "dashboard_login") else "no"
if not auto_login_permit == "yes":
raise PermissionDenied
referer = request.META.get('HTTP_REFERER')
host = urlparse(referer).netloc
domain = host.split('.')[0]
logger = logging.getLogger("yottaweb.audit")
param = {"domain": domain, "name": username, "passwd": password}
# print password
# user info for yottaD
req = BackendRequest.login(param)
es_check = req['result']
token = ""
if es_check:
token = req.get('token', "")
request.session['user_name'] = username
request.session['user_pwd'] = password
request.session['user_tkn'] = token
request.session['user_id'] = req.get('owner_id', "")
to_log = {
"timestamp": time.strftime("%Y-%m-%d %H:%M:%S", time.localtime()),
"action": "login",
"user_name": username,
"user_id": req.get('owner_id', ""),
"domain": domain,
"result": "success"
}
cookie_string = hashlib.md5(username + ',' + domain + ',' +
token).hexdigest()
request.session['user_yottac'] = cookie_string
request.session.set_expiry(259200)
logger.info(json.dumps(to_log))
return HttpResponseRedirect('/dashboard/')
else:
#0: server error, 1:password or user wrong
to_log = {
"timestamp": time.strftime("%Y-%m-%d %H:%M:%S", time.localtime()),
"action": "login",
"user_name": username,
"user_id": req.get('owner_id', ""),
"domain": domain,
"result": "error",
"msg": req['error']
}
logger.info(json.dumps(to_log))
return HttpResponseRedirect('/auth/login/')
def auth_login(self, request, **kwargs):
self.method_check(request, allowed=['post'])
username = request.POST['username']
password = request.POST['password']
password = hashlib.md5(password).hexdigest()
referer = request.META.get('HTTP_REFERER')
host = urlparse(referer).netloc
domain = host.split('.')[0]
audit_logger = logging.getLogger("yottaweb.audit")
param = {"domain": domain, "name": username, "passwd": password}
# print password
# user info for yottaD
req = BackendRequest.login(param)
es_check = req['result']
token = ""
if es_check:
# print user['username']
# request.session['user_id'] = hashlib.md5(user['id']).hexdigest()
token = req.get('token', "")
request.session['user_name'] = username
request.session['user_pwd'] = password
request.session['user_tkn'] = token
request.session['user_id'] = req.get('owner_id', "")
link = ""
res = BackendRequest.list_urls({
"token": token,
"operator": username
})
if res['result']:
for u in [
"dashboard/", "search/", "alerts/", "schedule/", "app/"
]:
if u in res['urls']:
if u == "dashboard/":
link = u
break
elif u == "search/":
link = u
break
elif u == "alerts/":
link = u
break
elif u == "schedule/":
link = u
break
elif u == "app/":
link = u
break
if link == "":
init_page = "account/users/" + str(req.get('owner_id')) + "/"
else:
init_page = link
dummy_data = {
'status': '1',
'location': '/' + init_page,
'ri': req.get('report_info', {})
}
to_log = {
"timestamp": time.strftime("%Y-%m-%d %H:%M:%S",
time.localtime()),
"action": "login",
"module": "login",
"user_name": username,
"user_id": req.get('owner_id', ""),
"domain": domain,
"result": "success"
}
bundle = self.build_bundle(obj=dummy_data,
data=dummy_data,
request=request)
res_data = bundle
else:
#0: server error, 1:password or user wrong
to_log = {
"timestamp": time.strftime("%Y-%m-%d %H:%M:%S",
time.localtime()),
"action": "login",
"module": "login",
"user_name": username,
"user_id": req.get('owner_id', ""),
"domain": domain,
"result": "error",
"msg": req['error']
}
data = err_data.build_error(req)
data["ri"] = req.get('report_info', {}),
dummy_data = data
bundle = self.build_bundle(obj=dummy_data,
data=dummy_data,
request=request)
res_data = bundle
audit_logger.info(json.dumps(to_log))
resp = self.create_response(request, res_data)
if es_check:
cookie_string = hashlib.md5(username + ',' + domain + ',' +
token).hexdigest()
request.session['user_yottac'] = cookie_string
request.session.set_expiry(259200)
# resp.set_cookie('yottac', value=cookie_string, max_age=None, expires=None, path='/', domain='.rizhiyi.com',
# secure=None, httponly=True)
return resp
def login_with_password(domain, username, password, init_page):
password = hashlib.md5(password).hexdigest()
param = {"domain": domain, "name": username, "passwd": password}
# print password
# user info for yottaD
req = BackendRequest.login(param)
es_check = req['result']
token = ""
session_data = {}
if es_check:
# print user['username']
# request.session['user_id'] = hashlib.md5(user['id']).hexdigest()
token = req.get('token', "")
dummy_data = {
'status': '1',
'location': '/' + init_page,
'ri': req.get('report_info', {})
}
to_log = {
"timestamp": time.strftime("%Y-%m-%d %H:%M:%S", time.localtime()),
"action": "login",
"user_name": username,
"user_id": req.get('owner_id', ""),
"domain": domain,
"result": "success"
}
cookie_string = hashlib.md5(username + ',' + domain + ',' +
token).hexdigest()
session_data['user_yottac'] = cookie_string
session_data['user_name'] = username
session_data['user_pwd'] = password
session_data['user_tkn'] = token
session_data['user_id'] = req.get('owner_id', "")
else:
# 0: server error, 1:password or user wrong
to_log = {
"timestamp": time.strftime("%Y-%m-%d %H:%M:%S", time.localtime()),
"action": "login",
"user_name": username,
"user_id": req.get('owner_id', ""),
"domain": domain,
"result": "error",
"msg": req['error']
}
err_code = "1" if req['error'] == "non existed user" else "0"
if req['error'] == 'passwd is invalid':
err_code = "2"
if re.search('not activate', req['error'], re.IGNORECASE):
err_code = "3"
if re.search('non existed domain', req['error'], re.IGNORECASE):
err_code = "4"
dummy_data = {
'status': '0',
'err_code': err_code,
'ri': req.get('report_info', {}),
'msg': 'username or password is not right',
}
return dummy_data, session_data, to_log