def pwdchange(req, error=0):
if len(req.params) > 2 and "password_old" not in req.params: # user changed to browsing
return buildURL(req)
user = users.getUserFromRequest(req)
if not user.canChangePWD() and not user.isAdmin():
error = 4 # no rights
elif "ChangeSubmit" in req.params:
if user.getName() == config.get("user.guestuser"):
req.request["Location"] = req.makeLink("node", {"id": tree.getRoot("collections").id})
return httpstatus.HTTP_MOVED_TEMPORARILY
else:
if not users.checkLogin(user.getName(), req.params.get("password_old")):
error = 1 # old pwd does not match
elif req.params.get("password_new1") != req.params.get("password_new2"):
error = 2 # new pwds do not match
else:
user.setPassword(req.params.get("password_new2"))
req.request["Location"] = req.makeLink("node", {"id": tree.getRoot("collections").id})
return httpstatus.HTTP_MOVED_TEMPORARILY
navframe = frame.getNavigationFrame(req)
navframe.feedback(req)
contentHTML = req.getTAL(theme.getTemplate("login.html"), {"error": error, "user": user}, macro="change_pwd")
navframe.write(req, contentHTML)
return httpstatus.HTTP_OK
def has_user(self, username, password):
if username == self.user and (hashlib.md5(password).hexdigest() == self.passwd or password == self.passwd):
return collection_ftpserver(self.basecontainer, port=self.port, debug="athana")
else:
user = users.checkLogin(username, password)
if user:
self.setUser(username, password, users.getUploadDir(user))
return collection_ftpserver(self.basecontainer, port=self.port, debug="athana")
return None
def has_user(self, username, password):
if username == self.user and (hashlib.md5(password).hexdigest()
== self.passwd
or password == self.passwd):
return collection_ftpserver(self.basecontainer,
port=self.port,
debug="athana")
else:
user = users.checkLogin(username, password)
if user:
self.setUser(username, password, users.getUploadDir(user))
return collection_ftpserver(self.basecontainer,
port=self.port,
debug="athana")
return None
def pwdchange(req, error=0):
if len(
req.params
) > 2 and "password_old" not in req.params: # user changed to browsing
return buildURL(req)
user = users.getUserFromRequest(req)
if not user.canChangePWD() and not user.isAdmin():
error = 4 # no rights
elif "ChangeSubmit" in req.params:
if user.getName() == config.get("user.guestuser"):
req.request["Location"] = req.makeLink(
"node", {"id": tree.getRoot("collections").id})
return httpstatus.HTTP_MOVED_TEMPORARILY
else:
if not users.checkLogin(user.getName(),
req.params.get("password_old")):
error = 1 # old pwd does not match
elif req.params.get("password_new1") != req.params.get(
"password_new2"):
error = 2 # new pwds do not match
else:
user.setPassword(req.params.get("password_new2"))
req.request["Location"] = req.makeLink(
"node", {"id": tree.getRoot("collections").id})
return httpstatus.HTTP_MOVED_TEMPORARILY
navframe = frame.getNavigationFrame(req)
navframe.feedback(req)
contentHTML = req.getTAL(theme.getTemplate("login.html"), {
"error": error,
"user": user
},
macro="change_pwd")
navframe.write(req, contentHTML)
return httpstatus.HTTP_OK
def login(req):
if len(req.params
) > 2 and "user" not in req.params: # user changed to browsing
return buildURL(req)
error = 0
username = req.params.get("user", config.get("user.guestuser"))
password = req.params.get("password", "")
if username == "" and "user" in req.params: # empty username
error = 1
elif "LoginSubmit" in req.params: # try given values
user = users.checkLogin(username, password, req=req)
if user:
if "contentarea" in req.session:
del req.session["contentarea"]
req.session["user"] = user
logging.getLogger('usertracing').info(user.name + " logged in")
if user.getUserType() == "users":
if user.stdPassword():
return pwdchange(req, 3)
else:
x = users.getExternalAuthentificator(user.getUserType())
if x and x.stdPassword(user):
return pwdchange(req, 3)
if req.session.get('return_after_login'):
req.request['Location'] = req.session['return_after_login']
elif config.get("config.ssh", "") == "yes":
req.request["Location"] = ''.join([
"https://",
config.get("host.name"), "/node?id=",
tree.getRoot("collections").id
])
else:
req.request["Location"] = ''.join(
["/node?id=", tree.getRoot("collections").id])
return httpstatus.HTTP_MOVED_TEMPORARILY
else:
error = 1
referer = next((h.split(":", 1)[1].strip()
for h in req.header if h.startswith("Referer:")), None)
if referer is None or any(uri in referer
for uri in ('/login', '/logout', '/pwdforgotten',
'/pwdchange', '/pnode')):
req.session['return_after_login'] = False
else:
if '/edit' in referer:
# returns the user to /edit/ instead of /edit/edit_content?id=604993, which has no sidebar
req.session['return_after_login'] = '******'.join(
referer.split('/')[:-1])
else:
req.session['return_after_login'] = referer
# standard login form
user = users.getUserFromRequest(req)
navframe = frame.getNavigationFrame(req)
navframe.feedback(req)
navframe.write(
req,
req.getTAL(theme.getTemplate("login.html"), {
"error": error,
"user": user
},
macro="login"))
return httpstatus.HTTP_OK
def login(req):
if len(req.params) > 2 and "user" not in req.params: # user changed to browsing
return buildURL(req)
error = 0
username = req.params.get("user", config.get("user.guestuser"))
password = req.params.get("password", "")
if username == "" and "user" in req.params: # empty username
error = 1
elif "LoginSubmit" in req.params: # try given values
user = users.checkLogin(username, password, req=req)
if user:
if "contentarea" in req.session:
del req.session["contentarea"]
req.session["user"] = user
logging.getLogger('usertracing').info(user.name + " logged in")
if user.getUserType() == "users":
if user.stdPassword():
return pwdchange(req, 3)
else:
x = users.getExternalAuthentificator(user.getUserType())
if x and x.stdPassword(user):
return pwdchange(req, 3)
if req.session.get('return_after_login'):
req.request['Location'] = req.session['return_after_login']
elif config.get("config.ssh", "") == "yes":
req.request["Location"] = ''.join(["https://",
config.get("host.name"),
"/node?id=",
tree.getRoot("collections").id])
else:
req.request["Location"] = ''.join(["/node?id=",
tree.getRoot("collections").id])
return httpstatus.HTTP_MOVED_TEMPORARILY
else:
error = 1
referer = next((h.split(":", 1)[1].strip() for h in req.header if h.startswith("Referer:")), None)
if referer is None or any(uri in referer for uri in ('/login', '/logout', '/pwdforgotten', '/pwdchange', '/pnode')):
req.session['return_after_login'] = False
else:
if '/edit' in referer:
# returns the user to /edit/ instead of /edit/edit_content?id=604993, which has no sidebar
req.session['return_after_login'] = '******'.join(referer
.split('/')[:-1])
else:
req.session['return_after_login'] = referer
# standard login form
user = users.getUserFromRequest(req)
navframe = frame.getNavigationFrame(req)
navframe.feedback(req)
navframe.write(req, req.getTAL(theme.getTemplate("login.html"), {"error": error, "user": user}, macro="login"))
return httpstatus.HTTP_OK
