def message_route():
""" Mediate peer-to-peer connections.
Expected request parameters:
target: the user that we are requesting a route to
Returns:
JSONResponse detailing the request result
"""
response = JSONResponse()
# Check login status
if "username" not in session:
response.success = False
response.message = "You must be logged in to request a route"
return response.to_json(), 200
requester = session["username"]
# Form validation
if "target" not in request.form:
response.success = False
response.message = "No target provided for routing"
return response.to_json(), 200
target = request.form["target"]
if len(target) > 255:
response.success = False
response.message = "Target user field may not exceed 255 characters"
return response.to_json(), 200
response = routing.get_message_route(requester, target)
return response.to_json(), 200
def login_post():
""" Handles login requests. """
if "login_error" in session:
del session["login_error"]
response = JSONResponse()
if "medium" in request.form and request.form["medium"] == "admin_web":
# request is from web
# Form validation
if "username" not in request.form:
session["login_error"] = "No username provided for login"
return redirect("/cryptic/admin/login")
if "password" not in request.form:
rsession["login_error"] = "No password provided for login"
return redirect("/cryptic/admin/login")
username = request.form["username"]
password = request.form["password"]
if len(username) > 255:
session["login_error"] = "Username may not exceed 255 characters"
return redirect("/cryptic/admin/login")
if len(password) > 255:
session["login_error"] = "Password may not exceed 255 characters"
return redirect("/cryptic/admin/login")
# Check for active sessions
if "username" in session:
print("username in session found: ", session["username"])
# Client is already logged in as someone
if session["username"] == username:
# Already logged in as person who they are trying to login as
return redirect("/cryptic/admin/console")
else:
session.clear()
#session["login_error"] = "You are already logged in as someone else"
#return redirect("/cryptic/admin/login")
# Perform login
response = accounts.login(session, username, password, None, None)
if response.success:
return redirect("/cryptic/admin/console")
session["login_error"] = response.message
return redirect("/cryptic/admin/login")
else:
# assume request is from app
# Form validation
if "username" not in request.form:
response.success = False
response.message = "No username provided for login"
return response.to_json(), 200
if "password" not in request.form:
response.success = False
response.message = "No password provided for login"
return response.to_json(), 200
username = request.form["username"]
password = request.form["password"]
device_ip = request.form[
"device_ip"] if "device_ip" in request.form else ""
if "public_key" in request.form:
public_key = request.form["public_key"]
if public_key == "PLACEHOLDER_KEY_IGNORE":
public_key = None
else:
public_key = None
if len(username) > 255:
response.success = False
response.message = "Username field may not exceed 255 characters"
return response.to_json(), 200
if len(password) > 255:
response.success = False
response.message = "Password field may not exceed 255 characters"
return response.to_json(), 200
# Check for active sessions
if "username" in session:
print("username in session found: ", session["username"])
# Client is already logged in as someone
if session["username"] == username:
# Already logged in as person who they are trying to login as
response.success = True
else:
response.success = False
response.message = "You are already logged in as someone else"
return response.to_json(), 200
# Perform login
response = accounts.login(session, username, password, device_ip,
public_key)
return response.to_json(), 200