def set_cookie(session_cookie_name, tuid, redirectUrl):
random_str = '{0}{1}'.format(StrUtil.make_random_str(25),
str(CreateSeq.getSessionIdSeq()).zfill(9))
StrUtil.print_debug('##########random_str:' + random_str)
cst = SvcdbSessionTable(session_cookie_name, random_str, tuid)
db.session.add(cst)
db.session.commit()
if request.method == 'GET':
next_url = request.args.get('next_url')
else:
next_url = request.form['next_url']
if not next_url:
next_url = url_for(redirectUrl)
else:
next_url = urllib.parse.unquote(next_url)
StrUtil.print_debug('next_url:' + next_url)
response = make_response(redirect(next_url))
response.set_cookie(session_cookie_name, random_str)
response.set_cookie("session_id",
random_str,
path=cookie_path(tuid, random_str))
return response
def _get_ymd(date_str, fmt, date_hash):
if fmt == 'YYYY-MM-DD' or fmt == 'YYYY/MM/DD':
match = re.search('^(\d+)[\-\/](\d+)[\-\/](\d+)$', date_str)
if not match:
return 1
date_hash['yyyy'] = match.group(1)
date_hash['mm'] = match.group(2)
date_hash['dd'] = match.group(3)
elif fmt == 'YY/MM/DD':
match = re.search('^(\d{1,2})[\-\/](\d{1,2})[\-\/](\d{1,2})$',
date_str)
if not match:
return 1
if int(match.group(3)) > 50:
date_hash['yyyy'] = 1900 + int(match.group(1))
else:
date_hash['yyyy'] = 2000 + int(match.group(1))
date_hash['mm'] = match.group(2)
date_hash['dd'] = match.group(3)
elif fmt == 'DD/Mon/YY' or fmt == 'DD-Mon-YY':
match = re.search('^(\d+)[\-\/](\w+)[\-\/](\d+)$', date_str)
if not match:
return 1
if int(match.group(3)) > 50:
date_hash['yyyy'] = 1900 + int(match.group(3))
else:
date_hash['yyyy'] = 2000 + int(match.group(3))
date_hash['mm'] = ArrUtil.search_array(DateUtil.MoYs,
match.group(2)) + 1
date_hash['dd'] = match.group(1)
if int(date_hash['mm']) <= 0:
return 1
elif fmt == 'DD/Mon/YYYY' or fmt == 'DD-Mon-YYYY':
match = re.search('^(\d+)[\-\/](\w+)[\-\/](\d+)$', date_str)
if not match:
return 1
date_hash['yyyy'] = int(match.group(3))
date_hash['mm'] = ArrUtil.search_array(DateUtil.MoYs,
match.group(2)) + 1
date_hash['dd'] = match.group(1)
if int(date_hash['mm']) <= 0:
return 1
else:
StrUtil.print_debug("Invalid date format({})".format(fmt))
sys.exit(1)
return 0
def wrapper(*args, **kwargs):
logout_user()
StrUtil.print_debug('adm_login_required. func=[' + func.__name__ +
']')
session_id = flaskr.lib.svcdb_lib.session.get_session_id(
StrUtil.get_safe_config(current_app, 'SVCDB_SYS_COOKIE'))
if session_id:
StrUtil.print_debug(
'login_required. session_cookie_name:{0} session_id:{1}'.
format('ADMIN_SESSION_COOKIE', session_id))
cst = SvcdbSessionTable.get_adm_session_info(session_id)
if cst is None:
flash('invalid user_id or password')
return redirect(url_for('adm_login'))
# 取得したユーザIDでユーザ情報を取得する
user = User.query.filter_by(tuid=cst.user_id).first()
if user is None:
flash('invalid user_id or password')
return redirect(url_for('adm_login'))
# 管理者権限チェック
pkgSvcdbSecurity = PkgSvcdbSecurity()
if not pkgSvcdbSecurity.isAdminUser(user.tuid):
flash('利用権限がありません')
return redirect(
UserAuth._get_redirect_url(url_for('adm_login')))
login_user(user, False)
else:
StrUtil.print_debug('login_required. no session id got.')
return redirect(
UserAuth._get_redirect_url(url_for('adm_login')))
return func(*args, **kwargs)
def sqlExcuter(sqlstr: str, *args, **kwargs):
sqlstr = sqlstr.format(*args, **kwargs)
StrUtil.print_debug(sqlstr)
return db.session.execute(text(sqlstr))
def wrapper(*args, **kwargs):
logout_user()
StrUtil.print_debug('login_required. func=[' + func.__name__ + ']')
"""
db_id = flaskr.lib.svcdb_lib.session.get_db_id()
if not db_id:
flash('[db_id]パラメータが必要です')
return redirect(url_for('login'))
# データベースオブジェクトを取得する
current_db = flaskr.lib.svcdb_lib.session.get_current_db(db_id)
# グローバル変数に設定する
flaskr.lib.svcdb_lib.session.current_db = current_db
if not current_db:
flash('[db_id:{}]情報を取得できません'.format(db_id))
return redirect(url_for('login', db_id=db_id))
StrUtil.print_debug('login_required. cur_db.db_id=[' + str(current_db.db_id) + ']')
# アクセス権限チェック
pkgIpAddrUtil = PkgIpAddrUtil()
id_addr = StrUtil.get_ip_addr()
if not id_addr or not pkgIpAddrUtil.isDbIpAddrVisible(db_id, id_addr):
flash('利用権限がありません')
return redirect(url_for('login', db_id=db_id))
session_id = flaskr.lib.svcdb_lib.session.get_session_id(current_db.session_cookie_name)
"""
session_id = flaskr.lib.svcdb_lib.session.get_session_id(
Const.SESSION_COOKIE_NAME)
if session_id:
StrUtil.print_debug(
'login_required. session_cookie_name:{0} session_id:{1}'.
format(Const.SESSION_COOKIE_NAME, session_id))
# セッションテーブルからユーザIDを取得する(有効期限:一週間)
cst = SvcdbSessionTable.get_session_info(
Const.SESSION_COOKIE_NAME, session_id)
if cst is None:
flash('invalid user_id or password')
return redirect(url_for('login'))
# 取得したユーザIDでユーザ情報を取得する
user = User.query.filter_by(tuid=cst.user_id).first()
if user is None:
flash('invalid user_id or password')
return redirect(url_for('login'))
"""
# 参照権限チェック
pkgSvcdbSecurity = PkgSvcdbSecurity()
if not pkgSvcdbSecurity.isDbVisible(db_id, user.tuid):
flash('このDBを参照する権限がありません')
return redirect(url_for('login', db_id=db_id))
"""
StrUtil.print_debug('login_required. user_id=[' +
str(cst.user_id) + ']')
login_user(user, False)
else:
StrUtil.print_debug('login_required. no session id got.')
return redirect(UserAuth._get_redirect_url(url_for('login')))
return func(*args, **kwargs)