def get_current_user(self):
"""Attempts to load user information from cookie. If that
fails, it looks for credentials as arguments.
It then attempts auth with the found credentials by checking for that in
the database.
"""
user = None
# Try loading credentials from secure cookie
user_id = self.get_cookie('user_id',
secret=self.application.cookie_secret)
logging.debug(user_id)
# If secure cookies yields username, load it
if user_id:
user = load_user(self.db_conn, username=user_id)
return user
# If not, check POST args and attempt load
else:
username = self.get_argument('username')
password = self.get_argument('password')
if username:
user = load_user(self.db_conn, username=username)
if not user or (user and user.username != username):
logging.error('Auth fail: bad username')
return
if not user.check_password(password):
logging.error('Auth fail: bad password')
return
logging.debug('Access granted for user: %s' % user.username)
return user
def get_current_user(self):
"""Attempts to load user information from cookie. If that
fails, it looks for credentials as arguments.
It then attempts auth with the found credentials by checking for that in
the database.
"""
user = None
# Try loading credentials from secure cookie
user_id = self.get_cookie("user_id", secret=self.application.cookie_secret)
logging.debug(user_id)
# If secure cookies yields username, load it
if user_id:
user = load_user(self.db_conn, username=user_id)
return user
# If not, check POST args and attempt load
else:
username = self.get_argument("username")
password = self.get_argument("password")
if username:
user = load_user(self.db_conn, username=username)
if not user or (user and user.username != username):
logging.error("Auth fail: bad username")
return
if not user.check_password(password):
logging.error("Auth fail: bad password")
return
logging.debug("Access granted for user: %s" % user.username)
return user
def __init__(self, generate=False, **kwargs):
self._drop = {}
for k, v in kwargs.iteritems():
if k not in self.allowed_attrs:
raise UnknownAttribute(attribute=k)
self._drop[k] = v
if 'canarytoken' not in self._drop:
raise NoCanarytokenPresent()
if 'timestamp' not in self._drop:
self._drop['timestamp'] = datetime.datetime.utcnow()\
.strftime("%s.%f")
if 'imgur_token' in self._drop and not self._drop['imgur_token']:
raise Exception('Missing imgur_token from Canarydrop')
if 'user' not in self._drop or self._drop['user'] in ('None',
'Anonymous'):
self._drop['user'] = AnonymousUser()
else:
self._drop['user'] = load_user(self._drop['user'])
if not self._drop['user']:
raise NoUser()
if 'auth' not in self._drop:
self._drop['auth'] = md5.md5(str(random.SystemRandom()\
.randrange(1,2**128))).hexdigest()
if self._drop.get('browser_scanner_enabled', '') in ('True', True):
self._drop['browser_scanner_enabled'] = True
else:
self._drop['browser_scanner_enabled'] = False
if self._drop.get('alert_email_enabled', '') in ('True', True):
self._drop['alert_email_enabled'] = True
else:
self._drop['alert_email_enabled'] = False
if self._drop.get('alert_webhook_enabled', '') in ('True', True):
self._drop['alert_webhook_enabled'] = True
else:
self._drop['alert_webhook_enabled'] = False
if self._drop.get('alert_sms_enabled', '') in ('True', True):
self._drop['alert_sms_enabled'] = True
else:
self._drop['alert_sms_enabled'] = False
if self._drop.get('web_image_enabled', '') in ('True', True):
self._drop['web_image_enabled'] = True
else:
self._drop['web_image_enabled'] = False
if generate:
self.generate_random_url()
self.generate_random_hostname()
def __init__(self, generate=False, **kwargs):
self._drop = {}
for k, v in kwargs.iteritems():
if k not in self.allowed_attrs:
raise UnknownAttribute(attribute=k)
self._drop[k] = v
if 'canarytoken' not in self._drop:
raise NoCanarytokenPresent()
if 'timestamp' not in self._drop:
self._drop['timestamp'] = datetime.datetime.utcnow()\
.strftime("%s.%f")
if 'imgur_token' in self._drop and not self._drop['imgur_token']['id']:
raise Exception('Missing imgur_token from Canarydrop')
if 'user' not in self._drop or self._drop['user'] in ('None', 'Anonymous'):
self._drop['user'] = AnonymousUser()
else:
self._drop['user'] = load_user(self._drop['user'])
if not self._drop['user']:
raise NoUser()
if 'auth' not in self._drop:
self._drop['auth'] = md5.md5(str(random.SystemRandom()\
.randrange(1,2**128))).hexdigest()
if self._drop.get('browser_scanner_enabled', '') in ('True', True):
self._drop['browser_scanner_enabled'] = True
else:
self._drop['browser_scanner_enabled'] = False
if self._drop.get('alert_email_enabled', '') in ('True', True):
self._drop['alert_email_enabled'] = True
else:
self._drop['alert_email_enabled'] = False
if self._drop.get('alert_webhook_enabled', '') in ('True', True):
self._drop['alert_webhook_enabled'] = True
else:
self._drop['alert_webhook_enabled'] = False
if self._drop.get('alert_sms_enabled', '') in ('True', True):
self._drop['alert_sms_enabled'] = True
else:
self._drop['alert_sms_enabled'] = False
if self._drop.get('web_image_enabled', '') in ('True', True):
self._drop['web_image_enabled'] = True
else:
self._drop['web_image_enabled'] = False
if generate:
self.generate_random_url()
self.generate_random_hostname()