def assertFailure(self, username, password, ip_address):
authenticated_participation, cookie = validate_login(
self.session, self.contest, self.timestamp,
username, password, ipaddress.ip_address(ip_address))
self.assertIsNone(authenticated_participation)
self.assertIsNone(cookie)
def try_user_login(self, user):
try:
# In py2 Tornado gives us the IP address as a native binary
# string, whereas ipaddress wants text (unicode) strings.
ip_address = ipaddress.ip_address(str(self.request.remote_ip))
except ValueError:
logger.info("Invalid IP address provided by Tornado: %s",
self.request.remote_ip)
ip_address = None
_, password = parse_authentication(user.password)
participation, cookie = validate_login(
self.sql_session, self.contest, self.timestamp, user.username,
password, ip_address)
cookie_name = self.contest.name + "_login"
if cookie is None:
self.clear_cookie(cookie_name)
else:
self.set_secure_cookie(cookie_name, cookie, expires_days=None)
if participation is None:
self.redirect_login_error()
else:
self.redirect_next()
def assertFailure(self, username, password, ip_address):
authenticated_participation, cookie = validate_login(
self.session, self.contest, self.timestamp,
username, password, ipaddress.ip_address(ip_address))
self.assertIsNone(authenticated_participation)
self.assertIsNone(cookie)
def setUp(self):
super(TestAuthenticateRequest, self).setUp()
self.timestamp = make_datetime()
self.contest = self.add_contest()
self.user = self.add_user(
username="******", password=build_password("mypass"))
self.participation = self.add_participation(
contest=self.contest, user=self.user)
_, self.cookie = validate_login(
self.session, self.contest, self.timestamp, self.user.username,
"mypass", ipaddress.ip_address("10.0.0.1"))
def assertSuccess(self, username, password, ip_address):
# We had an issue where due to a misuse of contains_eager we ended up
# with the wrong user attached to the participation. This only happens
# if the correct user isn't already in the identity map, which is what
# these lines trigger.
self.session.flush()
self.session.expire(self.user)
self.session.expire(self.contest)
authenticated_participation, cookie = validate_login(
self.session, self.contest, self.timestamp,
username, password, ipaddress.ip_address(ip_address))
self.assertIsNotNone(authenticated_participation)
self.assertIsNotNone(cookie)
self.assertIs(authenticated_participation, self.participation)
self.assertIs(authenticated_participation.user, self.user)
self.assertIs(authenticated_participation.contest, self.contest)
def assertSuccess(self, username, password, ip_address):
# We had an issue where due to a misuse of contains_eager we ended up
# with the wrong user attached to the participation. This only happens
# if the correct user isn't already in the identity map, which is what
# these lines trigger.
self.session.flush()
self.session.expire(self.user)
self.session.expire(self.contest)
authenticated_participation, cookie = validate_login(
self.session, self.contest, self.timestamp,
username, password, ipaddress.ip_address(ip_address))
self.assertIsNotNone(authenticated_participation)
self.assertIsNotNone(cookie)
self.assertIs(authenticated_participation, self.participation)
self.assertIs(authenticated_participation.user, self.user)
self.assertIs(authenticated_participation.contest, self.contest)
def post(self):
error_args = {"login_error": "true"}
next_page = self.get_argument("next", None)
if next_page is not None:
error_args["next"] = next_page
if next_page != "/":
next_page = self.url(*next_page.strip("/").split("/"))
else:
next_page = self.url()
else:
next_page = self.contest_url()
error_page = self.contest_url(**error_args)
username = self.get_argument("username", "")
password = self.get_argument("password", "")
try:
# In py2 Tornado gives us the IP address as a native binary
# string, whereas ipaddress wants text (unicode) strings.
ip_address = ipaddress.ip_address(str(self.request.remote_ip))
except ValueError:
logger.warning("Invalid IP address provided by Tornado: %s",
self.request.remote_ip)
return None
start = time.time()
participation, cookie = validate_login(self.sql_session, self.contest,
self.timestamp, username,
password, ip_address)
end = time.time()
logger.info("@@@@@@@@@@@@@@@@@@@")
logger.info("@@@@@@@@@ %f @@@@@@@", end - start)
logger.info("@@@@@@@@@@@@@@@@@@@")
cookie_name = self.contest.name + "_login"
if cookie is None:
self.clear_cookie(cookie_name)
else:
self.set_secure_cookie(cookie_name, cookie, expires_days=None)
if participation is None:
self.redirect(error_page)
else:
self.redirect(next_page)
def post(self):
error_args = {"login_error": "true"}
next_page = self.get_argument("next", None)
if next_page is not None:
error_args["next"] = next_page
if next_page != "/":
next_page = self.url(*next_page.strip("/").split("/"))
else:
next_page = self.url()
else:
next_page = self.contest_url()
error_page = self.contest_url(**error_args)
username = self.get_argument("username", "")
password = self.get_argument("password", "")
try:
# In py2 Tornado gives us the IP address as a native binary
# string, whereas ipaddress wants text (unicode) strings.
ip_address = ipaddress.ip_address(str(self.request.remote_ip))
except ValueError:
logger.warning("Invalid IP address provided by Tornado: %s",
self.request.remote_ip)
return None
participation, cookie = validate_login(
self.sql_session, self.contest, self.timestamp, username, password,
ip_address)
cookie_name = self.contest.name + "_login"
if cookie is None:
self.clear_cookie(cookie_name)
else:
self.set_secure_cookie(cookie_name, cookie, expires_days=None)
if participation is None:
self.redirect(error_page)
else:
self.redirect(next_page)
def post(self):
error_args = {"login_error": "true"}
next_page = self.get_argument("next", None)
if next_page is not None:
error_args["next"] = next_page
if next_page != "/":
next_page = self.url(*next_page.strip("/").split("/"))
else:
next_page = self.url()
else:
next_page = self.contest_url()
error_page = self.contest_url(**error_args)
username = self.get_argument("username", "")
password = self.get_argument("password", "")
try:
ip_address = ipaddress.ip_address(self.request.remote_ip)
except ValueError:
logger.warning("Invalid IP address provided by Tornado: %s",
self.request.remote_ip)
return None
participation, cookie = validate_login(self.sql_session, self.contest,
self.timestamp, username,
password, ip_address)
cookie_name = self.contest.name + "_login"
if cookie is None:
self.clear_cookie(cookie_name)
else:
self.set_secure_cookie(cookie_name, cookie, expires_days=None)
if participation is None:
self.redirect(error_page)
else:
self.redirect(next_page)
