Esempio n. 1
0
def profile():
    """
    Allows the normal user to change details about the account,
    """

    # security check
    if session['is_locked']:
        return error_permission_denied('Unable to view profile as account locked')

    # auth check
    try:
        db = LvfsDatabase(os.environ)
        db_users = LvfsDatabaseUsers(db)
        item = db_users.get_item(session['username'])
    except CursorError as e:
        return error_internal(str(e))
    if not item:
        return error_internal('Invalid username query')

    # add defaults
    if not item.display_name:
        item.display_name = "Example Name"
    if not item.email:
        item.email = "*****@*****.**"
    return render_template('profile.html',
                           vendor_name=item.display_name,
                           contact_email=item.email,
                           pubkey=item.pubkey)
Esempio n. 2
0
def login():
    """ A login screen to allow access to the LVFS main page """
    if request.method != 'POST':
        return render_template('login.html')

    # auth check
    user = None
    password = _password_hash(request.form['password'])
    try:
        db = LvfsDatabase(os.environ)
        db_users = LvfsDatabaseUsers(db)
        user = db_users.get_item(request.form['username'],
                                 password)
    except CursorError as e:
        return error_internal(str(e))
    if not user:
        # log failure
        _event_log('Failed login attempt for %s' % request.form['username'])
        flash('Incorrect username or password')
        return render_template('login.html')
    if not user.is_enabled:
        # log failure
        _event_log('Failed login attempt for %s (user disabled)' % request.form['username'])
        flash('User account is disabled')
        return render_template('login.html')

    # this is signed, not encrypted
    session['username'] = user.username
    session['qa_capability'] = user.is_qa
    session['qa_group'] = user.qa_group
    session['is_locked'] = user.is_locked
    login_user(user, remember=False)

    # log success
    _event_log('Logged on')
    return redirect(url_for('.index'))
Esempio n. 3
0
def load_user(user_id):
    db = LvfsDatabase(os.environ)
    db_users = LvfsDatabaseUsers(db)
    user = db_users.get_item(user_id)
    return user