def get(self, username=None):
if username:
users_resp = Users.get_by_username(username)
else:
users_resp = Users.get_all()
if users_resp is not None:
self.write(dumps(users_resp))
else:
raise tornado.web.HTTPError(404)
def _check_password(self, username, password):
user = Users.get_by_username(username, ['password', 'salt'])
if not user:
return False
stored_pass = user['password']
password_bytes = password.encode('utf-8')
salt_bytes = user['salt']
hashed_password = hashlib.sha512(
password_bytes + salt_bytes).hexdigest()
return stored_pass == hashed_password
def open(self, username):
print("WebSocket opened " + username)
self.user = Users.get_by_username(username)
# admin websocket connections get a uuid since an admin user
# might have multiple admin devices open
self.uuid = uuid.uuid4()
# publish this event, handled in AdminManager
self.pubsub.publish("admin:connected", admin_ws=self)
# listen for 'frame:update_frame' events via websockets
self.on('frame:update_frame', self._update_frame)
# listen for 'frame:update_content' events via websockets
self.on('frame:mirror_frame', self._mirror_frame)
