def post(self): request = self.validate_message(self.request.content.read(), requests.TokenAuthDesc) tid = int(request['tid']) if tid == 0: tid = self.request.tid delay = random_login_delay() if delay: yield deferred_sleep(delay) session = Sessions.get(request['token']) if session is None or session.tid != tid: Settings.failed_login_attempts += 1 raise errors.InvalidAuthentication connection_check(self.request.client_ip, tid, session.user_role, self.request.client_using_tor) session = Sessions.regenerate(session.id) log.debug("Login: Success (%s)" % session.user_role) if tid != self.request.tid: returnValue({ 'redirect': 'https://%s/#/login?token=%s' % (State.tenant_cache[tid].hostname, session.id) }) returnValue(session.serialize())
def post(self): request = self.validate_message(self.request.content.read(), requests.TokenAuthDesc) yield login_delay(self.request.tid) self.state.tokens.use(request['token']) session = Sessions.get(request['authtoken']) if session is None or session.tid != self.request.tid: login_failure(self.request.tid, 0) connection_check(self.request.tid, self.request.client_ip, session.user_role, self.request.client_using_tor) session = Sessions.regenerate(session.id) returnValue(session.serialize())