def get(self):
if not self.get_arguments('jatkt'):
uaBaseURL = "http://jaccount.sjtu.edu.cn/jaccount/"
returl = 'http://' + domain + ':' + str(port) + '/admin/jalogin'
iv = string.join(random.sample('1234567890abcdef', 8), '')
# print "iv:" , iv
self.set_secure_cookie('iv', iv, None)
redirectURL = uaBaseURL + "jalogin?sid=" + siteID + "&returl=" + encrypt(
returl, iv) + "&se=" + encrypt(iv, iv)
self.redirect(redirectURL)
else:
try:
if len(self.get_argument('jatkt')) == 0:
raise tornado.web.HTTPError(404)
except TypeError:
raise tornado.web.HTTPError(404)
iv = self.get_secure_cookie('iv')
jatkt = self.get_argument('jatkt')
data = decrypt(jatkt, iv)
data = find(data, ur'ja[\s\S]*')
# utf-8编码
data.decode('utf-8')
ProfileData = parse_data(data)
if self.checkUser(ProfileData):
self.set_secure_cookie('uid', ProfileData['id'], None)
self.set_secure_cookie('chiname', ProfileData['chinesename'],
None)
self.set_cookie('login', '0')
if ProfileData['ja3rdpartySessionID'] != iv:
self.write('Hacking Attempt~!')
return
else:
self.set_cookie('login', '1')
self.redirect('/admin')
def get(self):
if not self.get_arguments('jatkt'):
uaBaseURL="http://jaccount.sjtu.edu.cn/jaccount/"
returl = 'http://'+domain+':'+str(port)+'/jalogin'
iv = string.join(random.sample('1234567890abcdef',8),'')
self.set_secure_cookie('iv' , iv , None)
redirectURL = uaBaseURL + "jalogin?sid="+siteID+"&returl="+encrypt(returl,iv)+"&se="+encrypt(iv,iv)
self.redirect(redirectURL)
else:
try:
if len(self.get_argument('jatkt')) == 0:
raise tornado.web.HTTPError(404)
except TypeError:
raise tornado.web.HTTPError(404)
iv = self.get_secure_cookie('iv')
jatkt = self.get_argument('jatkt')
data = decrypt(jatkt,iv)
data = find(data,ur'ja[\s\S]*')
ProfileData = splitdata(data)
if ProfileData['ja3rdpartySessionID'] != iv:
self.add_header('error',1)
return
self.update_user(ProfileData)
self.set_secure_cookie('uid' , ProfileData['id'] , None)
chiname = urllib.quote(ProfileData['chinesename'])
# logging.info(chiname.__class__)
self.set_cookie('chiname' , chiname , None)
# logging.info(self.cookies)
self.add_header('error',0)
def get(self):
if not self.get_arguments('jatkt'):
uaBaseURL="http://jaccount.sjtu.edu.cn/jaccount/"
returl = 'http://'+domain+':'+str(port)+'/admin/jalogin'
iv = string.join(random.sample('1234567890abcdef',8),'')
# print "iv:" , iv
self.set_secure_cookie('iv' , iv , None)
redirectURL = uaBaseURL + "jalogin?sid="+siteID+"&returl="+encrypt(returl,iv)+"&se="+encrypt(iv,iv)
self.redirect(redirectURL)
else:
try:
if len(self.get_argument('jatkt')) == 0:
raise tornado.web.HTTPError(404)
except TypeError:
raise tornado.web.HTTPError(404)
iv = self.get_secure_cookie('iv')
jatkt = self.get_argument('jatkt')
data = decrypt(jatkt,iv)
data = find(data,ur'ja[\s\S]*')
# utf-8编码
data.decode('utf-8')
ProfileData = parse_data(data)
if self.checkUser(ProfileData):
self.set_secure_cookie('uid' , ProfileData['id'] , None)
self.set_secure_cookie('chiname', ProfileData['chinesename'],None)
self.set_cookie('login','0')
if ProfileData['ja3rdpartySessionID'] != iv:
self.write('Hacking Attempt~!')
return
else:
self.set_cookie('login','1')
self.redirect('/admin')
def get(self):
if self.current_user:
uaBaseURL="http://jaccount.sjtu.edu.cn/jaccount/"
returl = 'http://'+domain+':'+str(port)
iv = self.get_secure_cookie('iv')
redirectURL = uaBaseURL + "ulogout?sid="+siteID+"&returl="+encrypt(returl,iv)
self.clear_all_cookies()
self.redirect(redirectURL)
return
else:
self.write({"error":1})
return
def get(self):
if self.get_secure_cookie('iv'):
uaBaseURL="http://jaccount.sjtu.edu.cn/jaccount/"
returl = 'http://'+domain+':'+str(port)+'/admin'
iv = self.get_secure_cookie('iv')
redirectURL = uaBaseURL + "ulogout?sid="+siteID+"&returl="+encrypt(returl,iv)
self.clear_all_cookies()
self.redirect(redirectURL)
return
self.clear_all_cookies()
self.redirect('/admin')
return
def get(self):
if self.get_secure_cookie('iv'):
uaBaseURL = "http://jaccount.sjtu.edu.cn/jaccount/"
returl = 'http://' + domain + ':' + str(port) + '/admin'
iv = self.get_secure_cookie('iv')
redirectURL = uaBaseURL + "ulogout?sid=" + siteID + "&returl=" + encrypt(
returl, iv)
self.clear_all_cookies()
self.redirect(redirectURL)
return
self.clear_all_cookies()
self.redirect('/admin')
return
def get(self):
if not self.get_arguments('jatkt'):
"""redirect to jaccount login page"""
uaBaseURL = "http://jaccount.sjtu.edu.cn/jaccount/"
returl = 'http://' + settings.HOST + ':' + str(
settings.PORT) + '/jalogin'
iv = string.join(random.sample('1234567890abcdef', 8), '')
self.set_secure_cookie('iv', iv, None)
redirectURL = uaBaseURL + "jalogin?sid=" + settings.SITE_ID + "&returl=" + jaccount.encrypt(
returl, iv) + "&se=" + jaccount.encrypt(iv, iv)
self.redirect(redirectURL)
else:
"""read the return info from jaccount login page"""
try:
if len(self.get_argument('jatkt')) == 0:
raise tornado.web.HTTPError(404)
except TypeError:
raise tornado.web.HTTPError(404)
iv = self.get_secure_cookie('iv')
jatkt = self.get_argument('jatkt')
data = jaccount.decrypt(jatkt, iv)
self.write(data)
data = jaccount.find(data, ur'ja[\s\S]*')
ProfileData = jaccount.parse_data(data)
if ProfileData['ja3rdpartySessionID'] != iv:
self.add_header('error', 1)
return
self._update_user(ProfileData)
self.set_secure_cookie('uid', ProfileData['id'], None)
chiname = urllib.quote(ProfileData['chinesename'])
# logging.info(chiname.__class__)
self.set_cookie('chiname', chiname, None)
# logging.info(self.cookies)
self.add_header('error', 0)
