def index(self): # Get current authenticated user object. user = User.by_id(self.user_id) username = user.username full_name = user.full_name language = get_locale_name(self.request) session_expired = False if user.session_id and user.last_login: elapsed_time = datetime.now() - user.last_login if elapsed_time >= timedelta(minutes=31): session_expired = True if session_expired: login_url = route_url('logout', self.request) headers = forget(self.request) return HTTPFound(location=login_url, headers=headers) return {'username': username, 'name': full_name, 'language': language, 'model': None, 'global_vars': get_global_vars()}
def login(self): # basic auth/login for the application ixiacrlogger.debug('Entering: login') session = self.request.session remote_addr = self.request.headers.get('Remote-Eu', '127.0.0.1') username = self.request.params.get('username', None) password = self.request.params.get('password', None) remember_me = self.request.params.get('remember_me', None) invoke_override = self.request.params.get('override_user', None) message = '' cred_message = _('Please check your login credentials and try again.') error_message = _('User "${user}" is currently logged in from host address: "${address}" ' 'Please wait, or override this user to continue.') try: if username and password: user = User.by_username(username) if user and user.validate_password(password): headers = remember(self.request, user.id) elapsed_time = datetime.now() - user.last_login another_user_logged_in = ( user.session_id and elapsed_time < timedelta(minutes=31) and user.remote_addr != remote_addr) if another_user_logged_in: if not invoke_override: ixiacrlogger.warn("Someone is already logged in, " "so sending back to login.") message = self.localizer.translate( error_message, mapping={'user': user.username, 'address': user.remote_addr}) return {'username': username, 'password': password, 'message': message, 'invoke_override': True, 'global_vars': get_global_vars()} else: ixiacrlogger.warn('User invoking override to login; ' 'user={0}; remote_addr={1}'.format( user.username, user.remote_addr)) if remember_me: session['username'] = username session['password'] = password session.save() cookie = headers[0][1] user.update_session(cookie[cookie.index('=') + 1:cookie.index('!')], remote_addr) transaction.commit() return HTTPFound(location='/', headers=headers) if self.request.method == 'POST': if username and invoke_override: user = User.by_username(username) cm = self.localizer.translate(cred_message) em = self.localizer.translate( error_message, mapping={'user': user.username,'address': user.remote_addr}) message = cm + "<br><br>" + em else: message = self.localizer.translate(cred_message) return {'username': username, 'password': password, 'message': message, 'invoke_override': invoke_override, 'global_vars': get_global_vars()} except Exception, e: ixiacrlogger.exception("Exception: {0}".format(str(e)))