Esempio n. 1
0
    def get(self):
        #Populate the HTTP headers.
        http_header.setDefaults(self.response)
        templates_path = os.path.join(os.path.dirname(__file__), 'templates')
        template_values = {
          'templates': map(lambda t: {
              'name': os.path.splitext(os.path.basename(t))[0],
              'body': open(t).read()
              }, glob.glob(templates_path + '/*.handlebars'))
        }

        path = os.path.join(os.path.dirname(__file__), 'client/index.html')
        self.response.out.write(template.render(path, template_values))
Esempio n. 2
0
 def __init__(self, request, response):
     super(session, self).__init__(request, response)
     http_header.setDefaults(response) 
     #Check if this instance of session had disabled authentication
     if not self.always_allowed:
         if "cid" in self.request.cookies and self.request.cookies["cid"] != "":
             self.session_id=self.request.cookies["cid"]
             #Dont use memcache for anything else.
             #otherwise an attacker could read or delete an arbitrary value.
             user_mem=memcache.get(self.session_id)
             #Is this session active?
             if user_mem is not None and len(user_mem):
                 self.user=pickle.loads(user_mem)
                 #Reset the server-side timeout value for this session.
                 #return as fast as possible because this will affect all load times. 
                 memcache.set(self.session_id,user_mem,7200)
                 #webapp.Request.cookies["cid"]
                 dex=0
                 #This maybe populated differently in the future.
                 self.university_id=self.user['university']
                 self.program_id=None
                 self.program_priv=None
                 #lets populate the program that the user would like
                 #Of course we are making sure that they have access to this program
                 try:
                     for p in self.user['programs']:
                         if p ==  self.request.cookies.multi['program']:
                             self.program_id=self.user['programs'][dex]
                             self.program_priv=self.user['privileges'][dex]                            
                         dex+=1
                 except KeyError:
                     pass                            
                 if  self.program_id is None:
                     self.program_id=self.user['programs'][0]
                     self.program_priv=self.user['privileges'][0]
             else:
                 #session expired
                 self.destroy_session()
                 self.error_msg(403, "SessionExpired")
             #   self.response.out.write("Doesn't work:"+str(self.request.cookies["cid"]))
         else:
             #Not allowed                  
             self.error_msg(403, "SessionExpired")