コード例 #1
0
ファイル: session_base.py プロジェクト: huluo/m-huluo-src
 def Process( handler, *args ) :
     #请求前重建Session数据的过程
     try :
         email = handler.get_argument( 'email',default=None )
         passwd = handler.get_argument( 'passwd',default=None )
         rememberme = handler.get_argument( 'rememberme',default=None )
         log.i( 'email=%s , passwd=%s , rememberme=%s' % (email,passwd,rememberme) )
         expires = None
         if rememberme == "on" :
             expires = datetime.datetime.utcnow() + datetime.timedelta(days=365)
         if not email or not passwd:
             log.w( 'empty email or passwd' )
             res = { 'op':False, 'msg':'邮箱和密码不能为空' }
             handler.write( json.dumps(res) )
             handler.finish()
             return
         email = email.strip().lower()
         domain = util.get_domain_from_host( handler.request.host )
         #user = data_user.get_user_by_email( mongo.db_pool[domain].user, email, passwd )
         user = None
         handler.ss_id = None
         if not user:
             log.w( 'no such user' )
             res = { 'op':False, 'msg':'邮箱或密码错误' }
             handler.write( json.dumps(res) )
             handler.finish()
             return
         if passwd != user['pw'] :
             log.w( 'passwd err'+' '+ user['pw'] )
             res = { 'op':False, 'msg':'邮箱或密码错误' }
             handler.write( json.dumps(res) )
             handler.finish()
             return
         if user['ss']['ssid'] :
             old_ss_id = str( user['ss']['ssid'] )
             old_ss_data = handler.ss_store.get( old_ss_id )
             if old_ss_data :
                 log.i( "old session : uid=%s , ssid=%s" % (user['uid'],old_ss_id) )
                 handler.ss_id = old_ss_id
         if not handler.ss_id :
             handler.ss_id = generate_id()
             log.i( "new session : uid=%s , ssid=%s" % (user['uid'],handler.ss_id) )
         handler.ss_id_hmac = generate_hmac( handler.ss_id )
         handler.set_secure_cookie( etc.cookie_name, handler.ss_id, domain=domain, expires=expires )
         handler.set_secure_cookie( etc.cookie_verify, handler.ss_id_hmac, domain=domain, expires=expires )
         #data_user.set_login( mongo.db_pool[domain].user, user['uid'], handler.ss_id )
         handler.ss_user = user
         #执行原本请求的方法
         request( handler, *args )
     except Exception as e :
         log.exp(e)
         res = { 'op':False, 'msg':etc.err_500 }
         handler.write( json.dumps(res) )
         handler.finish()
         return
コード例 #2
0
ファイル: user_guest.py プロジェクト: huluo/m-huluo-src
 def get( self ) :
     try:
         self.clear_all_cookies()
         if self.get_current_user() :
             domain = util.get_domain_from_host( self.request.host )
             #data_user.set_logout( mongo.db_pool[domain].user, self.ss_data['uid'] )
             self.ss_store.delete( self.ss_data.ss_id )
     except Exception as e :
         log.exp( e )
     finally:
         self.ss_data = None
     self.redirect(etc.url['user_home'])
コード例 #3
0
ファイル: session_mc.py プロジェクト: huluo/m-huluo-src
 def get_current_user( self ) :
     try:
         uuid = self.get_cookie( etc.cookie_uuid )
         if not uuid :
             log.i( 'no uuid' )
             expires = datetime.datetime.utcnow() + datetime.timedelta(days=365)
             uuid = generate_uuid()
             domain = util.get_domain_from_host( self.request.host )
             self.set_cookie( etc.cookie_uuid, uuid, domain=domain, expires=expires )
         self.uuid = uuid
         usr_ss_id = self.get_secure_cookie( etc.cookie_name )
         usr_ss_id_hmac = self.get_secure_cookie( etc.cookie_verify )
         if not usr_ss_id or not usr_ss_id_hmac :
             log.i( 'no cookie' )
             self.clear_cookie( etc.cookie_name )
             self.clear_cookie( etc.cookie_verify )
             self.ss_data = None
             return None
         check_hmac = session_base.generate_hmac( usr_ss_id )
         if usr_ss_id_hmac != check_hmac :
             log.w("evil session : %s %s"%(usr_ss_id,usr_ss_id_hmac))
             self.clear_cookie( etc.cookie_name )
             self.clear_cookie( etc.cookie_verify )
             self.ss_data = None
             return None
         old_ss_data = self.ss_store.get( usr_ss_id )
         if old_ss_data == None :
             log.i("session expired")
             self.clear_cookie( etc.cookie_name )
             self.clear_cookie( etc.cookie_verify )
             self.ss_data = None
             return None
         self.ss_data = old_ss_data
         return self.ss_data
     except Exception as e :
         log.exp(e)
         self.clear_cookie( etc.cookie_name )
         self.clear_cookie( etc.cookie_verify )
         self.ss_data = None
         return self.ss_data
コード例 #4
0
ファイル: user_guest.py プロジェクト: huluo/m-huluo-src
 def get( self ) :
     try:
         vid = self.get_argument( 'vid', default=None )
         log.i('vid=%s' % vid)
         domain = util.get_domain_from_host( self.request.host )
         #reset = data_user.get_reset( mongo.db_pool[domain].reset, vid )
         reset = NOne
         if not reset:
             log.w('no such reset pwd')
             return self.redirect( etc.url['user_main'] )
         else:
             log.i( 'verify success' )
             return self.render( "user_reset_pwd.html",
                     p_url = etc.url,
                     p_session = self.ss_data,
                     p_pwsecret = etc.pw_secret,
                     p_next = None,
                     p_email = reset['email'],
                     p_vid = reset['vid'],
                 )
     except Exception as e :
         log.exp( e )
         self.redirect( etc.url['user_main'] )