def log(user, operation, result, message): conn = sqlite3.connect(db) cur = conn.cursor() userid = None if user: userid = user['userid'] cur.execute("INSERT INTO log VALUES (?, ?, ?, ?, ?, ?)", [connix.unixtime(), userid, connix.remote_ip(), operation, int(result), message]) conn.commit() conn.close() return
def login(username, password): authkey = None conn = sqlite3.connect(db) cur = conn.cursor() cur.execute("SELECT userid FROM users WHERE username = ? AND password = ?", [username, connix.hash(password)]) rows = cur.fetchall() for row in rows: authkey = connix.guid(64) cur.execute("UPDATE users SET lastlogin = ? WHERE userid = ?", [connix.unixtime(), row[0]]) cur.execute("DELETE FROM sessions WHERE userid = ? AND ip = ?", [row[0], connix.remote_ip()]) cur.execute("INSERT INTO sessions VALUES (?, ?, ?, ?)", [ authkey, row[0], connix.remote_ip(), connix.unixtime() + cfg['authkey_expiry'] * 60 * 60 ]) conn.commit() conn.close() return authkey
def auth_user(authkey): user = None conn = sqlite3.connect(db) cur = conn.cursor() cur.execute("SELECT userid FROM sessions WHERE authkey = ? AND ip = ?", [authkey, connix.remote_ip()]) rows = cur.fetchall() for row in rows: user = user_info(userid=row[0]) if user: banned = get_attr(user['userid'], "_banned") if banned and int(banned) > connix.unixtime(): return None conn.close() return user
def init(): conn = sqlite3.connect(db) cur = conn.cursor() cur.execute( "CREATE TABLE IF NOT EXISTS users (userid TEXT PRIMARY KEY, username TEXT, password TEXT, fullname TEXT, email TEXT, lastlogin INT)" ) cur.execute( "CREATE TABLE IF NOT EXISTS sessions (authkey TEXT PRIMARY KEY, userid TEXT, ip TEXT, expires INT)" ) cur.execute( "CREATE TABLE IF NOT EXISTS groups (groupid TEXT PRIMARY KEY, groupname TEXT, perms TEXT)" ) cur.execute( "INSERT OR REPLACE INTO groups VALUES ('PRODUCT_ADMINS', 'Product Administrators', 'users:*,config:*,misc:*')" ) cur.execute( "CREATE TABLE IF NOT EXISTS groupmembers (groupid TEXT, userid TEXT, time INT)" ) cur.execute( "CREATE TABLE IF NOT EXISTS userattrs (userid TEXT, attribute TEXT, value TEXT)" ) cur.execute("DELETE FROM sessions WHERE expires < ?", [connix.unixtime()]) conn.commit() conn.close()
) conn.commit() conn.close() except: print("Could not write to data/users.db - " + connix.error()) quit(1) print("* Checking log table") try: conn = sqlite3.connect(miscdb) cur = conn.cursor() cur.execute( "CREATE TABLE IF NOT EXISTS log (time INT, userid TEXT, ip TEXT, operation TEXT, result INT, message TEXT)" ) cur.execute("INSERT INTO log VALUES (?, ?, ?, ?, ?, ?)", [connix.unixtime(), None, "console", "setup.py", 0, ""]) conn.commit() conn.close() except: print("Could not write to data/misc.db - " + connix.error()) quit(1) print("Init done.") choice = "-1" while choice != "0": print("* Select a function:") print("0. Exit") print("1. Create admin user") print("2. Set folder permissions") print("3. Create web symlink")