예제 #1
0
    def get(self):
        last_page = cherrypy.request.cookie.get("lastPage")
        # when session timeout, only session cookie is None.
        # when first login, both session and lastPage are None.
        if (cherrypy.session.originalid is None and last_page is None
                and not template.can_accept('application/json')
                and template.can_accept_html()):
            raise cherrypy.HTTPRedirect("/login.html", 303)

        return self.default(self.default_page)
예제 #2
0
파일: root.py 프로젝트: kimchi-project/wok
    def get(self):
        last_page = cherrypy.request.cookie.get("lastPage")
        # when session timeout, only session cookie is None.
        # when first login, both session and lastPage are None.
        if (cherrypy.session.originalid is None and last_page is None and
           not template.can_accept('application/json') and
           template.can_accept_html()):
            raise cherrypy.HTTPRedirect("/login.html", 303)

        return self.default(self.default_page)
예제 #3
0
def check_auth_httpba():
    """
    REST API users may authenticate with HTTP Basic Auth.  This is not allowed
    for the UI because web browsers would cache the credentials and make it
    impossible for the user to log out without closing their browser completely
    """
    if from_browser() or not template.can_accept('application/json'):
        return False

    authheader = cherrypy.request.headers.get('AUTHORIZATION')
    if not authheader:
        debug("No authentication headers found")
        return False

    debug("Authheader: %s" % authheader)
    # TODO: what happens if you get an auth header that doesn't use basic auth?
    b64data = re.sub("Basic ", "", authheader)
    decodeddata = base64.b64decode(b64data.encode("ASCII"))
    # TODO: test how this handles ':' characters in username/passphrase.
    username, password = decodeddata.decode().split(":", 1)

    return login(username, password)
예제 #4
0
파일: auth.py 프로젝트: lcorreia/wok
def check_auth_httpba():
    """
    REST API users may authenticate with HTTP Basic Auth.  This is not allowed
    for the UI because web browsers would cache the credentials and make it
    impossible for the user to log out without closing their browser completely
    """
    if from_browser() or not template.can_accept('application/json'):
        return False

    authheader = cherrypy.request.headers.get('AUTHORIZATION')
    if not authheader:
        debug("No authentication headers found")
        return False

    debug("Authheader: %s" % authheader)
    # TODO: what happens if you get an auth header that doesn't use basic auth?
    b64data = re.sub("Basic ", "", authheader)
    decodeddata = base64.b64decode(b64data.encode("ASCII"))
    # TODO: test how this handles ':' characters in username/passphrase.
    username, password = decodeddata.decode().split(":", 1)

    return login(username, password)
예제 #5
0
def wokauth():
    debug("Entering wokauth...")
    session_missing = cherrypy.session.missing
    if check_auth_session():
        return

    if check_auth_httpba():
        return

    # not a REST full request, redirect login page directly
    if ("Accept" in cherrypy.request.headers and
       not template.can_accept('application/json')):
        redirect_login()

    # from browser, and it stays on one page.
    if session_missing and cherrypy.request.cookie.get("lastPage") is not None:
        raise cherrypy.HTTPError(401, "sessionTimeout")

    if not from_browser():
        cherrypy.response.headers['WWW-Authenticate'] = 'Basic realm=wok'

    e = InvalidOperation('WOKAUTH0002E')
    raise cherrypy.HTTPError(401, e.message.encode('utf-8'))
예제 #6
0
파일: auth.py 프로젝트: lcorreia/wok
def wokauth():
    debug("Entering wokauth...")
    session_missing = cherrypy.session.missing
    if check_auth_session():
        return

    if check_auth_httpba():
        return

    # not a REST full request, redirect login page directly
    if ("Accept" in cherrypy.request.headers
            and not template.can_accept('application/json')):
        redirect_login()

    # from browser, and it stays on one page.
    if session_missing and cherrypy.request.cookie.get("lastPage") is not None:
        raise cherrypy.HTTPError(401, "sessionTimeout")

    if not from_browser():
        cherrypy.response.headers['WWW-Authenticate'] = 'Basic realm=wok'

    e = InvalidOperation('WOKAUTH0002E')
    raise cherrypy.HTTPError(401, e.message.encode('utf-8'))