def check_auth():
# get cookie data
ckie = myCookie.myCookie()
ssin = ckie.getcookie("session")
if ssin == None:
# nothing cookie, next check user/pass
a = check_user_pass()
if a == None:
return None
k = a.hhhh
else:
# check session time
(t, k) = ssin.split(',')
if int(t) < int(time.time()):
# timeout, next check user/pass
a = check_user_pass()
if a == None:
return None
k = a.hhhh
else:
a = myAccount.myAccount(k)
# update session
t = str(int(time.time()) + 60 * 30)
ckie.setcookie("session", t + "," + k)
print ckie.output()
return a
def check_user_pass():
# get form data
form = cgi.FieldStorage()
if "user" not in form or "pass" not in form:
return None
user = form.getvalue("user")
pswd = form.getvalue("pass")
# check the account info
a = myAccount.myAccount()
a.login_account(user, pswd)
if a.isexist() == 0:
return None
return a
def makecode(sid):
magic = "DQ8"
tmp = hashlib.sha1(magic + sid).hexdigest()
return hashlib.sha1(magic + tmp + sid).hexdigest()
def checkcode(idnt, code):
if makecode(idnt) != code:
return 1
return 0
if __name__ == "__main__":
a = myAccount.myAccount()
form = cgi.FieldStorage()
# make code routine
if "sid" in form:
auth.html(makecode(form.getvalue("sid")))
# regist routine
# check code and idnt
if "idnt" not in form or "code" not in form:
auth.html("err")
idnt = form.getvalue("idnt")
code = form.getvalue("code")
if checkcode(idnt, code) == 1:
auth.html("err")
def makecode(sid):
magic = "DQ8"
tmp = hashlib.sha1(magic + sid).hexdigest()
return hashlib.sha1(magic + tmp + sid).hexdigest()
def checkcode(idnt, code):
if makecode(idnt) != code:
return 1
return 0
if __name__ == '__main__':
a = myAccount.myAccount()
form = cgi.FieldStorage()
# make code routine
if "sid" in form:
auth.html(makecode(form.getvalue("sid")))
# regist routine
# check code and idnt
if "idnt" not in form or "code" not in form:
auth.html("err")
idnt = form.getvalue("idnt")
code = form.getvalue("code")
if checkcode(idnt, code) == 1:
auth.html("err")
