def POST(self):
# Get username, password.
i = web.input(_unicode=False)
username = web.safestr(i.get('username').strip()).lower()
password = str(i.get('password').strip())
save_pass = web.safestr(i.get('save_pass', 'no').strip())
auth = core.Auth()
auth_result = auth.auth(username=username, password=password)
if auth_result[0] is True:
# Config session data.
web.config.session_parameters['cookie_name'] = 'iRedAdmin-Pro'
# Session expire when client ip was changed.
web.config.session_parameters['ignore_change_ip'] = False
# Don't ignore session expiration.
web.config.session_parameters['ignore_expiry'] = False
if save_pass == 'yes':
# Session timeout (in seconds).
web.config.session_parameters['timeout'] = 86400 # 24 hours
else:
# Expire session when browser closed.
web.config.session_parameters['timeout'] = 600 # 10 minutes
web.logger(
msg="Login success",
event='login',
)
# Save selected language
selected_language = str(i.get('lang', '')).strip()
if selected_language != web.ctx.lang and \
selected_language in languages.get_language_maps():
session['lang'] = selected_language
raise web.seeother('/dashboard/checknew')
else:
session['failed_times'] += 1
web.logger(
msg="Login failed.",
admin=username,
event='login',
loglevel='error',
)
raise web.seeother('/login?msg=%s' % web.urlquote(auth_result[1]))
def update(self, profile_type, mail, data):
self.profile_type = web.safestr(profile_type)
self.mail = web.safestr(mail)
if session.get('domainGlobalAdmin'
) is not True and session.get('username') != self.mail:
# Don't allow to view/update other admins' profile.
return (False, 'PERMISSION_DENIED')
sql_vars = {
'username': self.mail,
}
if self.profile_type == 'general':
# Get name
self.cn = data.get('cn', '')
# Get preferred language.
self.preferredLanguage = str(data.get('preferredLanguage',
'en_US'))
# Update in SQL db.
try:
self.conn.update(
'admin',
vars=sql_vars,
where='username=$username',
name=self.cn,
language=self.preferredLanguage,
)
# Update language immediately.
if session.get('username') == self.mail and \
session.get('lang', 'en_US') != self.preferredLanguage:
session['lang'] = self.preferredLanguage
except Exception as e:
return (False, str(e))
if session.get('domainGlobalAdmin') is True:
# Update account status
self.accountStatus = '0' # Disabled
if 'accountStatus' in list(data.keys()):
self.accountStatus = '1' # Active
try:
self.conn.update(
'admin',
vars=sql_vars,
where='username=$username',
active=self.accountStatus,
)
except Exception as e:
return (False, str(e))
elif self.profile_type == 'password':
self.cur_passwd = str(data.get('oldpw', ''))
self.newpw = web.safestr(data.get('newpw', ''))
self.confirmpw = web.safestr(data.get('confirmpw', ''))
# Verify new passwords.
qr = iredutils.verify_new_password(self.newpw, self.confirmpw)
if qr[0] is True:
self.passwd = iredutils.generate_password_hash(qr[1])
else:
return qr
if session.get('domainGlobalAdmin') is not True:
# Verify old password.
auth = core.Auth()
qr = auth.auth(
username=self.mail,
password=self.cur_passwd,
verifyPassword=True,
)
if qr[0] is False:
return qr
# Hash/Encrypt new password.
try:
self.conn.update(
'admin',
vars=sql_vars,
where='username=$username',
password=self.passwd,
passwordlastchange=iredutils.get_gmttime(),
)
except Exception as e:
raise web.seeother('/profile/admin/password/%s?msg=%s' %
(self.mail, web.urlquote(e)))
return (True, )
elif self.profile_type == 'password':
self.cur_passwd = str(data.get('oldpw', ''))
self.newpw = web.safestr(data.get('newpw', ''))
self.confirmpw = web.safestr(data.get('confirmpw', ''))
# Verify new passwords.
qr = iredutils.verify_new_password(self.newpw, self.confirmpw)
if qr[0] is True:
self.passwd = iredutils.generate_password_hash(qr[1])
else:
return qr
if session.get('domainGlobalAdmin') is not True:
# Verify old password.
auth = core.Auth()
qr = auth.auth(
username=self.mail,
password=self.cur_passwd,
verifyPassword=True,
)
if qr[0] is False:
return qr
# Hash/Encrypt new password.
try:
self.conn.update(
'admin',
vars=sql_vars,
where='username=$username',
password=self.passwd,