def login_page(self):
session = self.get_session()
content = b''
if session.authenticated:
return server.HttpRedirect(self.server.settings.prefix + '/')
if 'pw' in self.db:
valid_pw = (self.server.settings.password_hash is not None
and checkpw(self.db['pw'],
self.server.settings.password_hash))
valid_token = self.server.verify_token(self.db['pw'])
if valid_pw or valid_token:
RequireAuthentication.authenticate(self)
return server.HttpRedirect(self.server.settings.prefix + '/')
else:
content += b'<p><strong>Invalid password. Try again.'
content += b'</strong></p>'
else:
content += b'<p>Please enter the password or the security token '
content += b'shown by Nengo when it was started:</p>'
return server.HtmlResponse(content + b'''
<form method="POST"><p>
<label for="pw">Password: </label>
<input type="password" name="pw" />
<input type="submit" value="Log in" />
</p></form>
''')
def auth_checked(inst):
session = inst.get_session()
if session.authenticated:
return fn(inst)
elif inst.server.verify_token(self.get_token(inst)):
self.authenticate(inst)
return fn(inst)
return server.HttpRedirect(self.login_page)
def auth_checked(inst):
session = inst.get_session()
if session.authenticated:
return fn(inst)
elif inst.server.verify_token(self.get_token(inst)):
session.authenticated = True
session.login_host = inst.headers.get('host', None)
inst.persist_session(session)
return fn(inst)
return server.HttpRedirect(self.login_page)
def login_page(self):
session = self.get_session()
content = b''
if 'pw' in self.db:
if checkpw(self.db['pw'], self.server.settings.password_hash):
session.authenticated = True
session.login_host = self.headers.get('host', None)
else:
content += b'<p><strong>Invalid password. Try again.'
content += b'</strong></p>'
else:
content += b'<p>Please enter the password:</p>'
if session.authenticated:
return server.HttpRedirect('/')
return server.HtmlResponse(content + b'''
<form method="POST"><p>
<label for="pw">Password: </label>
<input type="password" name="pw" />
<input type="submit" value="Log in" />
</p></form>
''')
def auth_checked(inst):
session = inst.get_session()
has_password = inst.server.settings.password_hash is not None
if has_password and not session.authenticated:
return server.HttpRedirect(self.login_page)
return fn(inst)