def dashboard_group_login(request, username, password, sign, **kwargs): # cur_time = str(time.time()).split(".")[0] if not hashlib.md5(username + password).hexdigest() == sign: raise PermissionDenied auto_login_permit = MyVariable().get_var( "custom", "dashboard_login") if MyVariable().get_var( "custom", "dashboard_login") else "no" if not auto_login_permit == "yes": raise PermissionDenied referer = request.META.get('HTTP_REFERER') host = urlparse(referer).netloc domain = host.split('.')[0] logger = logging.getLogger("yottaweb.audit") param = {"domain": domain, "name": username, "passwd": password} # print password # user info for yottaD req = BackendRequest.login(param) es_check = req['result'] token = "" if es_check: token = req.get('token', "") request.session['user_name'] = username request.session['user_pwd'] = password request.session['user_tkn'] = token request.session['user_id'] = req.get('owner_id', "") to_log = { "timestamp": time.strftime("%Y-%m-%d %H:%M:%S", time.localtime()), "action": "login", "user_name": username, "user_id": req.get('owner_id', ""), "domain": domain, "result": "success" } cookie_string = hashlib.md5(username + ',' + domain + ',' + token).hexdigest() request.session['user_yottac'] = cookie_string request.session.set_expiry(259200) logger.info(json.dumps(to_log)) return HttpResponseRedirect('/dashboard/') else: #0: server error, 1:password or user wrong to_log = { "timestamp": time.strftime("%Y-%m-%d %H:%M:%S", time.localtime()), "action": "login", "user_name": username, "user_id": req.get('owner_id', ""), "domain": domain, "result": "error", "msg": req['error'] } logger.info(json.dumps(to_log)) return HttpResponseRedirect('/auth/login/')
def auth_login(self, request, **kwargs): self.method_check(request, allowed=['post']) username = request.POST['username'] password = request.POST['password'] password = hashlib.md5(password).hexdigest() referer = request.META.get('HTTP_REFERER') host = urlparse(referer).netloc domain = host.split('.')[0] audit_logger = logging.getLogger("yottaweb.audit") param = {"domain": domain, "name": username, "passwd": password} # print password # user info for yottaD req = BackendRequest.login(param) es_check = req['result'] token = "" if es_check: # print user['username'] # request.session['user_id'] = hashlib.md5(user['id']).hexdigest() token = req.get('token', "") request.session['user_name'] = username request.session['user_pwd'] = password request.session['user_tkn'] = token request.session['user_id'] = req.get('owner_id', "") link = "" res = BackendRequest.list_urls({ "token": token, "operator": username }) if res['result']: for u in [ "dashboard/", "search/", "alerts/", "schedule/", "app/" ]: if u in res['urls']: if u == "dashboard/": link = u break elif u == "search/": link = u break elif u == "alerts/": link = u break elif u == "schedule/": link = u break elif u == "app/": link = u break if link == "": init_page = "account/users/" + str(req.get('owner_id')) + "/" else: init_page = link dummy_data = { 'status': '1', 'location': '/' + init_page, 'ri': req.get('report_info', {}) } to_log = { "timestamp": time.strftime("%Y-%m-%d %H:%M:%S", time.localtime()), "action": "login", "module": "login", "user_name": username, "user_id": req.get('owner_id', ""), "domain": domain, "result": "success" } bundle = self.build_bundle(obj=dummy_data, data=dummy_data, request=request) res_data = bundle else: #0: server error, 1:password or user wrong to_log = { "timestamp": time.strftime("%Y-%m-%d %H:%M:%S", time.localtime()), "action": "login", "module": "login", "user_name": username, "user_id": req.get('owner_id', ""), "domain": domain, "result": "error", "msg": req['error'] } data = err_data.build_error(req) data["ri"] = req.get('report_info', {}), dummy_data = data bundle = self.build_bundle(obj=dummy_data, data=dummy_data, request=request) res_data = bundle audit_logger.info(json.dumps(to_log)) resp = self.create_response(request, res_data) if es_check: cookie_string = hashlib.md5(username + ',' + domain + ',' + token).hexdigest() request.session['user_yottac'] = cookie_string request.session.set_expiry(259200) # resp.set_cookie('yottac', value=cookie_string, max_age=None, expires=None, path='/', domain='.rizhiyi.com', # secure=None, httponly=True) return resp
def login_with_password(domain, username, password, init_page): password = hashlib.md5(password).hexdigest() param = {"domain": domain, "name": username, "passwd": password} # print password # user info for yottaD req = BackendRequest.login(param) es_check = req['result'] token = "" session_data = {} if es_check: # print user['username'] # request.session['user_id'] = hashlib.md5(user['id']).hexdigest() token = req.get('token', "") dummy_data = { 'status': '1', 'location': '/' + init_page, 'ri': req.get('report_info', {}) } to_log = { "timestamp": time.strftime("%Y-%m-%d %H:%M:%S", time.localtime()), "action": "login", "user_name": username, "user_id": req.get('owner_id', ""), "domain": domain, "result": "success" } cookie_string = hashlib.md5(username + ',' + domain + ',' + token).hexdigest() session_data['user_yottac'] = cookie_string session_data['user_name'] = username session_data['user_pwd'] = password session_data['user_tkn'] = token session_data['user_id'] = req.get('owner_id', "") else: # 0: server error, 1:password or user wrong to_log = { "timestamp": time.strftime("%Y-%m-%d %H:%M:%S", time.localtime()), "action": "login", "user_name": username, "user_id": req.get('owner_id', ""), "domain": domain, "result": "error", "msg": req['error'] } err_code = "1" if req['error'] == "non existed user" else "0" if req['error'] == 'passwd is invalid': err_code = "2" if re.search('not activate', req['error'], re.IGNORECASE): err_code = "3" if re.search('non existed domain', req['error'], re.IGNORECASE): err_code = "4" dummy_data = { 'status': '0', 'err_code': err_code, 'ri': req.get('report_info', {}), 'msg': 'username or password is not right', } return dummy_data, session_data, to_log