def auth_login(request):
'''
Base Login Function. This function is what will handle all of the
authentication for the API and the UI. While both behave differently as
they are different interfaces into the data, they both handle authentication
the same way.
:prarm request: The request object for the given page.
:prarm db: The SQLAlchemy session object from the page.
:type request: request object
:type db: Session object
:return: bool
'''
s = SettingSession()
loggedin = False
if not auth(request):
username = request.forms.get('username')
password = request.forms.get('password')
#try:
user = s.query(User).filter_by(name=username).one()
#except:
# pass
#else:
if user.check(password):
loggedin = True
s.close()
return loggedin
def auth_login(request):
'''
Base Login Function. This function is what will handle all of the
authentication for the API and the UI. While both behave differently as
they are different interfaces into the data, they both handle authentication
the same way.
:prarm request: The request object for the given page.
:prarm db: The SQLAlchemy session object from the page.
:type request: request object
:type db: Session object
:return: bool
'''
s = SettingSession()
loggedin = False
if not auth(request):
username = request.forms.get('username')
password = request.forms.get('password')
#try:
user = s.query(User).filter_by(name=username).one()
#except:
# pass
#else:
if user.check(password):
loggedin = True
s.close()
return loggedin
def setting(name):
'''
Retreives the specified setting object from the database. By abstracting
this out, we can save a lot of menotinous code.
:param name: Setting name
:param s: Session object
:type name: str
:type s: Session Object
:return: Setting Object
'''
s = SettingSession()
item = s.query(Setting).filter_by(name=name).one()
s.close()
return item
def setting(name):
'''
Retreives the specified setting object from the database. By abstracting
this out, we can save a lot of menotinous code.
:param name: Setting name
:param s: Session object
:type name: str
:type s: Session Object
:return: Setting Object
'''
s = SettingSession()
item = s.query(Setting).filter_by(name=name).one()
s.close()
return item
def auth(request):
'''
Authentication Check. Returns True or False based on if the account
cookie is set.
:prarm request: The request object for the given page.
:prarm db: The SQLAlchemy session object from the page.
:type request: request object
:type db: Session object
:return: bool
'''
s = SettingSession()
name = request.get_cookie('user', secret=setting('cookie_key').value)
try:
sensor = s.query(User).filter_by(name=name).one()
value = True
except:
value = False
s.close()
return value
def auth(request):
'''
Authentication Check. Returns True or False based on if the account
cookie is set.
:prarm request: The request object for the given page.
:prarm db: The SQLAlchemy session object from the page.
:type request: request object
:type db: Session object
:return: bool
'''
s = SettingSession()
name = request.get_cookie('user', secret=setting('cookie_key').value)
try:
sensor = s.query(User).filter_by(name=name).one()
value = True
except:
value = False
s.close()
return value
def update_settings(settings):
'''
Settings Updater
'''
s = SettingSession()
for item in settings:
if item == 'database':
config.update(settings[item])
else:
settingobj = setting(item)
if item == 'server_password':
if settings[item] != '1234567890':
settingobj.value = settings[item]
else:
settingobj.value = settings[item]
s.merge(settingobj)
s.commit()
s.close()
common.log_to_console()
common.log_to_file()
monitor.autostart()
def update_settings(settings):
'''
Settings Updater
'''
s = SettingSession()
for item in settings:
if item == 'database':
config.update(settings[item])
else:
settingobj = setting(item)
if item == 'server_password':
if settings[item] != '1234567890':
settingobj.value = settings[item]
else:
settingobj.value = settings[item]
s.merge(settingobj)
s.commit()
s.close()
common.log_to_console()
common.log_to_file()
monitor.autostart()
def settings_post(db):
'''
Settings Update Handler.
'''
s = SettingSession()
if auth(request):
for item in request.forms:
settingobj = setting(item)
if item == 'server_password':
if request.forms['server_password'] != '1234567890':
settingobj.value = request.forms[item]
else:
settingobj.value = request.forms[item]
s.merge(settingobj)
s.commit()
s.close()
common.log_to_console()
common.log_to_file()
monitor.autostart()
return get_settings_page(auth(request), note='Settings Updated')
else:
return get_settings_page(auth(request),
error='Must be Authenticated to Change Settings')
def user_settings(db):
'''
User Management Page
'''
s = SettingSession()
if auth(request) and request.method == 'POST':
username = request.forms.get('username')
password = request.forms.get('password')
action = request.forms.get('action')
if action == 'Create':
s.add(User(username, password))
if action == 'Update':
user = s.query(User).filter_by(name=username).one()
user.update(password)
s.merge(user)
if action == 'Remove' and username != 'admin':
user = s.query(User).filter_by(name=username).one()
s.delete(user)
s.commit()
users = s.query(User).all()
s.close()
return env.get_template('settings_users.html').render(
auth=auth(request),
users=users
)
def user_settings(db):
'''
User Management Page
'''
s = SettingSession()
if auth(request) and request.method == 'POST':
username = request.forms.get('username')
password = request.forms.get('password')
action = request.forms.get('action')
if action == 'Create':
s.add(User(username, password))
if action == 'Update':
user = s.query(User).filter_by(name=username).one()
user.update(password)
s.merge(user)
if action == 'Remove' and username != 'admin':
user = s.query(User).filter_by(name=username).one()
s.delete(user)
s.commit()
users = s.query(User).all()
s.close()
return env.get_template('settings_users.html').render(auth=auth(request),
users=users)
