def pwdchange(req, error=0): if len(req.params) > 2 and "password_old" not in req.params: # user changed to browsing return buildURL(req) user = users.getUserFromRequest(req) if not user.canChangePWD() and not user.isAdmin(): error = 4 # no rights elif "ChangeSubmit" in req.params: if user.getName() == config.get("user.guestuser"): req.request["Location"] = req.makeLink("node", {"id": tree.getRoot("collections").id}) return httpstatus.HTTP_MOVED_TEMPORARILY else: if not users.checkLogin(user.getName(), req.params.get("password_old")): error = 1 # old pwd does not match elif req.params.get("password_new1") != req.params.get("password_new2"): error = 2 # new pwds do not match else: user.setPassword(req.params.get("password_new2")) req.request["Location"] = req.makeLink("node", {"id": tree.getRoot("collections").id}) return httpstatus.HTTP_MOVED_TEMPORARILY navframe = frame.getNavigationFrame(req) navframe.feedback(req) contentHTML = req.getTAL(theme.getTemplate("login.html"), {"error": error, "user": user}, macro="change_pwd") navframe.write(req, contentHTML) return httpstatus.HTTP_OK
def has_user(self, username, password): if username == self.user and (hashlib.md5(password).hexdigest() == self.passwd or password == self.passwd): return collection_ftpserver(self.basecontainer, port=self.port, debug="athana") else: user = users.checkLogin(username, password) if user: self.setUser(username, password, users.getUploadDir(user)) return collection_ftpserver(self.basecontainer, port=self.port, debug="athana") return None
def pwdchange(req, error=0): if len( req.params ) > 2 and "password_old" not in req.params: # user changed to browsing return buildURL(req) user = users.getUserFromRequest(req) if not user.canChangePWD() and not user.isAdmin(): error = 4 # no rights elif "ChangeSubmit" in req.params: if user.getName() == config.get("user.guestuser"): req.request["Location"] = req.makeLink( "node", {"id": tree.getRoot("collections").id}) return httpstatus.HTTP_MOVED_TEMPORARILY else: if not users.checkLogin(user.getName(), req.params.get("password_old")): error = 1 # old pwd does not match elif req.params.get("password_new1") != req.params.get( "password_new2"): error = 2 # new pwds do not match else: user.setPassword(req.params.get("password_new2")) req.request["Location"] = req.makeLink( "node", {"id": tree.getRoot("collections").id}) return httpstatus.HTTP_MOVED_TEMPORARILY navframe = frame.getNavigationFrame(req) navframe.feedback(req) contentHTML = req.getTAL(theme.getTemplate("login.html"), { "error": error, "user": user }, macro="change_pwd") navframe.write(req, contentHTML) return httpstatus.HTTP_OK
def login(req): if len(req.params ) > 2 and "user" not in req.params: # user changed to browsing return buildURL(req) error = 0 username = req.params.get("user", config.get("user.guestuser")) password = req.params.get("password", "") if username == "" and "user" in req.params: # empty username error = 1 elif "LoginSubmit" in req.params: # try given values user = users.checkLogin(username, password, req=req) if user: if "contentarea" in req.session: del req.session["contentarea"] req.session["user"] = user logging.getLogger('usertracing').info(user.name + " logged in") if user.getUserType() == "users": if user.stdPassword(): return pwdchange(req, 3) else: x = users.getExternalAuthentificator(user.getUserType()) if x and x.stdPassword(user): return pwdchange(req, 3) if req.session.get('return_after_login'): req.request['Location'] = req.session['return_after_login'] elif config.get("config.ssh", "") == "yes": req.request["Location"] = ''.join([ "https://", config.get("host.name"), "/node?id=", tree.getRoot("collections").id ]) else: req.request["Location"] = ''.join( ["/node?id=", tree.getRoot("collections").id]) return httpstatus.HTTP_MOVED_TEMPORARILY else: error = 1 referer = next((h.split(":", 1)[1].strip() for h in req.header if h.startswith("Referer:")), None) if referer is None or any(uri in referer for uri in ('/login', '/logout', '/pwdforgotten', '/pwdchange', '/pnode')): req.session['return_after_login'] = False else: if '/edit' in referer: # returns the user to /edit/ instead of /edit/edit_content?id=604993, which has no sidebar req.session['return_after_login'] = '******'.join( referer.split('/')[:-1]) else: req.session['return_after_login'] = referer # standard login form user = users.getUserFromRequest(req) navframe = frame.getNavigationFrame(req) navframe.feedback(req) navframe.write( req, req.getTAL(theme.getTemplate("login.html"), { "error": error, "user": user }, macro="login")) return httpstatus.HTTP_OK
def login(req): if len(req.params) > 2 and "user" not in req.params: # user changed to browsing return buildURL(req) error = 0 username = req.params.get("user", config.get("user.guestuser")) password = req.params.get("password", "") if username == "" and "user" in req.params: # empty username error = 1 elif "LoginSubmit" in req.params: # try given values user = users.checkLogin(username, password, req=req) if user: if "contentarea" in req.session: del req.session["contentarea"] req.session["user"] = user logging.getLogger('usertracing').info(user.name + " logged in") if user.getUserType() == "users": if user.stdPassword(): return pwdchange(req, 3) else: x = users.getExternalAuthentificator(user.getUserType()) if x and x.stdPassword(user): return pwdchange(req, 3) if req.session.get('return_after_login'): req.request['Location'] = req.session['return_after_login'] elif config.get("config.ssh", "") == "yes": req.request["Location"] = ''.join(["https://", config.get("host.name"), "/node?id=", tree.getRoot("collections").id]) else: req.request["Location"] = ''.join(["/node?id=", tree.getRoot("collections").id]) return httpstatus.HTTP_MOVED_TEMPORARILY else: error = 1 referer = next((h.split(":", 1)[1].strip() for h in req.header if h.startswith("Referer:")), None) if referer is None or any(uri in referer for uri in ('/login', '/logout', '/pwdforgotten', '/pwdchange', '/pnode')): req.session['return_after_login'] = False else: if '/edit' in referer: # returns the user to /edit/ instead of /edit/edit_content?id=604993, which has no sidebar req.session['return_after_login'] = '******'.join(referer .split('/')[:-1]) else: req.session['return_after_login'] = referer # standard login form user = users.getUserFromRequest(req) navframe = frame.getNavigationFrame(req) navframe.feedback(req) navframe.write(req, req.getTAL(theme.getTemplate("login.html"), {"error": error, "user": user}, macro="login")) return httpstatus.HTTP_OK