def createSession(user):
salt = Salt()
timestamp = str(int(math.floor(time.time())))
sessionPassword = salt.hash(str(user['uid']) + "|" + timestamp)
session = UserSession(uid=user['uid'], session_password=sessionPassword)
session.save()
return sessionPassword
def auth(request):
response_data = {}
success = 0
if request.method == 'POST':
uemail = request.POST['email']
# TODO: Encrypt PIN.
upin = request.POST['pin']
try:
u = User.objects.get(email__iexact=uemail, pin=upin)
existing_session = UserSession.objects.filter(user=u)
if len(existing_session) == 0:
sessionid = str(uuid.uuid4())
us = UserSession()
us.user = u
us.session_id = sessionid
us.save()
response_data['sessionid'] = sessionid
response_data['userid'] = u.sysid
else:
response_data['sessionid'] = existing_session[0].session_id
response_data['userid'] = u.sysid
success = 1
except User.DoesNotExist:
pass # TODO: Log failure
response_data['success'] = success
return render_to_json(response_data)
def login_view(request):
if request.method == 'POST':
login_form = LoginForm(request.POST)
if login_form.is_valid():
user = UserProfile.objects.filter(username=login_form.cleaned_data['username']).first()
if user:
if check_password(login_form.cleaned_data['password'], user.password):
session = UserSession(user=user)
session.create_session_token()
session.save()
response = redirect('/feed/')
response.set_cookie(key='session_token', value=session.session_token)
return response
else:
ctypes.windll.user32.MessageBoxW(0, u"Password does not match.Please try again", u"Error", 0)
login_form = SignUpForm()
else:
ctypes.windll.user32.MessageBoxW(0, u"User does not exit.Please signup", u"Error", 0)
login_form = SignUpForm()
elif request.method == 'GET':
login_form = LoginForm()
return render(request, 'login.html', {'form': login_form})
def saveUserSession(self, user_id, session_id, feedback_level, feedback):
userSession = UserSession(user_id = user_id, session_id = session_id, feedback_level = feedback_level, feedback = feedback)
userSession.save()