def _checkauth(self, event):
if self.srcip == '127.0.0.1':
c.isAdmin = True
return
try:
digestinfo = session.setdefault(('digest', self.srcip), {})
pwdict = Password.load(self.session)
passwords = { "admin" : pwdict["series"] }
if event is not None and str(event.id) in pwdict:
passwords["event"] = pwdict[str(event.id)]
authname = authCheck(digestinfo, self.database, passwords, request)
if authname == "admin":
c.isAdmin = True
finally:
session.save()
def _validateNumber(self, num):
try:
nummatch = re.compile('(\d{6}_\d)|(\d{6})')
obj = nummatch.search(num)
except:
raise Exception("_validateNumber failed on the value '%s'" % num)
if obj is not None:
return obj.group(1) or obj.group(2)
raise IndexError("nothing found")
def Update(module_id, session_id):
""" Updates a module session. """
# Verify user access
if not Authorization.canAccess(session.get('user'), ('scheduling_admin')):
return JsonResponse.unauthorized({
'message':
'no_access',
'nice_message':
'You do not have access to this function. Contact system administrator.'
})
# Get session object
session = ModuleSessionModel.findById(session_id)
if not session:
return JsonResponse.notFound({
'message': 'not_found',
'nice_message': 'Session not found.'
})
# Save new values to database
teacher = request.form.get('teacher')
sessionType = request.form.get('type')
if not teacher and not sessionType:
return JsonResponse.badRequest({
'message':
'missing_parameters',
'nice_message':
'Please enter a teacher and session type.'
})
if teacher:
if not TeacherModel.findById(teacher):
return JsonResponse.badRequest({
'message': 'not_found',
'nice_message': 'Teacher not found.'
})
session.setStaff(teacher)
if sessionType:
if not ModuleSessionModel.findById(sessionType):
return JsonResponse.badRequest({
'message':
'not_found',
'nice_message':
'Session type not found.'
})
session.setType(sessionType)
session.save()
return JsonResponse.ok()
def login():
resp, content = client.request(request_token_url, "GET")
if resp['status'] != '200':
raise Exception("Invalid response %s." % resp['status'])
request_token = dict(urlparse.parse_qsl(content))
session["oauth_token"] = request_token['oauth_token']
session["oauth_token_secret"] = request_token['oauth_token_secret']
session.save()
return redirect(authorize_url + "?oauth_token=" + request_token['oauth_token'])
def post(self):
"""
login route
POST params:
email: the email to login with
password: the password to login with
:return:
"""
if 'email' in request.form and 'password' in request.form:
try:
user = User.get_by_email(request.form.get('email'))
if user.authenticate(request.form.get('password')):
session.save()
session.user = user
return redirect('/')
except:
return redirect("/login")
return render('login.mako')
def save_session(self, app, session, response): session.save()
def save_session(self, app, session, response):
session.save()
def test():
session = request.environ['beaker.session']
session['test'] = session.get('test', 0) + 1
session.save()
return 'Test counter: %d' % session['test']
def test():
session = request.environ['beaker.session']
session['test'] = session.get('test', 0) + 1
session.save()
return 'Test counter: %d' % session['test']