コード例 #1
0
ファイル: views.py プロジェクト: geocollections/sarv
def login_with_password (request):        
    username = request.POST['username']
    password = request.POST['password']
    redirect_path = request.META['HTTP_REFERER']

    #Test validity of given login information
    from django.contrib.auth import authenticate, login 
    user = authenticate(username = username, password = password)
    
    if user is not None and user.is_active:
        user.backend = "django.contrib.auth.backends.ModelBackend"
        login(request, user)
    else:
        return HttpResponseRedirect(redirect_path+'?e=login')
            
    request.__class__.user = user

    #Set sarvuser session variables
    sarvuser = None
    try:
        sarvuser = SarvUser.objects.using('sarv').get(username=username)
    except SarvUser.DoesNotExist:
        return HttpResponse("Ei ole lubatud seda lehte vaadata %s" % get_database())    
    request.session['sarvuser_id'] = sarvuser.id
    request.session['database'] = sarvuser.db

    #Set user rights per page session variables
    from apps.acl.views import Acl as vAcl
    request.session['acl'] = vAcl().get_all_user_rights(request)

    return HttpResponseRedirect(redirect_path.replace("?e=login", ""))
コード例 #2
0
def login_with_password(request):
    username = request.POST['username']
    password = request.POST['password']
    redirect_path = request.META['HTTP_REFERER']

    #Test validity of given login information
    from django.contrib.auth import authenticate, login
    user = authenticate(username=username, password=password)

    if user is not None and user.is_active:
        user.backend = "django.contrib.auth.backends.ModelBackend"
        login(request, user)
    else:
        return HttpResponseRedirect(redirect_path + '?e=login')

    request.__class__.user = user

    #Set sarvuser session variables
    sarvuser = None
    try:
        sarvuser = SarvUser.objects.using('sarv').get(username=username)
    except SarvUser.DoesNotExist:
        return HttpResponse("Ei ole lubatud seda lehte vaadata %s" %
                            get_database())
    request.session['sarvuser_id'] = sarvuser.id
    request.session['database'] = sarvuser.db

    #Set user rights per page session variables
    from apps.acl.views import Acl as vAcl
    request.session['acl'] = vAcl().get_all_user_rights(request)

    return HttpResponseRedirect(redirect_path.replace("?e=login", ""))
コード例 #3
0
ファイル: views.py プロジェクト: geocollections/sarv
def login(request):
    if not request.is_secure():
        return HttpResponse("Seda lehte saab näha ainult üle https protokolli.")
    name = request.__class__.__name__
    if name == "WSGIRequest":
        env = request.environ
    elif name == "ModPythonRequest":
        env = request._req.subprocess_env
    else:
        return HttpResponse("Antud serveri konfiguratsiooniga ei õnnestu seda lehte kasutada.")
    
    verified = env.get("SSL_CLIENT_VERIFY", None)
    if verified is None \
    or verified != "SUCCESS":
        return HttpResponse("Vale PIN") # seda ei tohiks juhtuda, kui on SSLClientVerify require
    
    personal_code = env.get("SSL_CLIENT_S_DN_CN", "").split(",")[2]
    sarvuser = None
    try:
        sarvuser = SarvUser.objects.get(isikukood = personal_code)
        if "username" in request.GET.dict() \
        and sarvuser.pk in PROJECT_ADMINS:
            try:
                sarvuser = SarvUser.objects \
                    .get(username = request.GET.dict()["username"])
            except SarvUser.DoesNotExist:
                return HttpResponse("Kasutajat ei eksisteeri")
    except SarvUser.DoesNotExist:
        return HttpResponse("Ei ole lubatud seda lehte vaadata %s" % get_database())

    request.session["sarvuser_id"] = sarvuser.id
    request.session["database"] = sarvuser.db
    request.session["sarvuser"] = sarvuser.username
    request.session["database_id"] = sarvuser.database_id
    request.session["agent_id"] = sarvuser.id
   
    try:
        Session.objects.filter(user=sarvuser.username,active=1) \
            .update(active=0,session_end=datetime.now())
    except Exception as e:
        print(e)
    try:
        from django.db.models import Q
        Session.objects.filter((Q(user=sarvuser.username) & Q(active=1)))
        Session.objects.create(
                user=sarvuser.username,
                active=1,
                session_start=datetime.now(),
                database_id=sarvuser.database_id,
                )
    except Exception as e:
        print (e)

    """
    Set user rights per page session variables
    """
    from apps.acl.views import Acl as vAcl
    urights = vAcl().get_all_user_rights(request)

    if len(urights) > 0:
        request.session["acl"] = urights

    return HttpResponseRedirect("/")
コード例 #4
0
def login(request):
    if not request.is_secure():
        return HttpResponse(
            "Seda lehte saab näha ainult üle https protokolli.")
    name = request.__class__.__name__
    if name == "WSGIRequest":
        env = request.environ
    elif name == "ModPythonRequest":
        env = request._req.subprocess_env
    else:
        return HttpResponse(
            "Antud serveri konfiguratsiooniga ei õnnestu seda lehte kasutada.")

    verified = env.get("SSL_CLIENT_VERIFY", None)
    if verified is None \
    or verified != "SUCCESS":
        return HttpResponse(
            "Vale PIN"
        )  # seda ei tohiks juhtuda, kui on SSLClientVerify require

    personal_code = env.get("SSL_CLIENT_S_DN_CN", "").split(",")[2]
    sarvuser = None
    try:
        sarvuser = SarvUser.objects.get(isikukood=personal_code)
        if "username" in request.GET.dict() \
        and sarvuser.pk in PROJECT_ADMINS:
            try:
                sarvuser = SarvUser.objects \
                    .get(username = request.GET.dict()["username"])
            except SarvUser.DoesNotExist:
                return HttpResponse("Kasutajat ei eksisteeri")
    except SarvUser.DoesNotExist:
        return HttpResponse("Ei ole lubatud seda lehte vaadata %s" %
                            get_database())

    request.session["sarvuser_id"] = sarvuser.id
    request.session["database"] = sarvuser.db
    request.session["sarvuser"] = sarvuser.username
    request.session["database_id"] = sarvuser.database_id
    request.session["agent_id"] = sarvuser.id

    try:
        Session.objects.filter(user=sarvuser.username,active=1) \
            .update(active=0,session_end=datetime.now())
    except Exception as e:
        print(e)
    try:
        from django.db.models import Q
        Session.objects.filter((Q(user=sarvuser.username) & Q(active=1)))
        Session.objects.create(
            user=sarvuser.username,
            active=1,
            session_start=datetime.now(),
            database_id=sarvuser.database_id,
        )
    except Exception as e:
        print(e)
    """
    Set user rights per page session variables
    """
    from apps.acl.views import Acl as vAcl
    urights = vAcl().get_all_user_rights(request)

    if len(urights) > 0:
        request.session["acl"] = urights

    return HttpResponseRedirect("/")