Exemplo n.º 1
0
    def post_login(self):
        try:
            self.logger.info("Login.")
            p_role_name = self.get_argument('username')
            p_role_password = self.get_argument('password')
            role_hash_password = hash_password(p_role_name, p_role_password)

            self.start_db_session()
            role = get_role_by_auth(self.db_session, p_role_name, role_hash_password)
            self.logger.info("Role '%s' authentificated." % (role.role_name))
            self.db_session.expunge_all()
            self.db_session.commit()
            self.db_session.close()
            sleep(1)
            self.logger.info("Done.")
            return HTMLAsyncResult(
                http_code = 302,
                redirection = self.get_secure_cookie('referer_uri') if self.get_secure_cookie('referer_uri') is not None else '/home',
                secure_cookie = { 'name': 'temboard', 'content': gen_cookie(role.role_name, role_hash_password)})
        except (TemboardUIError, Exception) as e:
            try:
                self.db_session.rollback()
                self.db_session.close()
            except Exception:
                pass
            self.logger.exception(str(e))
            self.logger.info("Failed.")
            sleep(1)
            return HTMLAsyncResult(
                http_code = 401,
                template_file = 'login.html',
                data = { 'nav': False , 'error': 'Wrong username/password.'})
Exemplo n.º 2
0
    def post_login(self):
        try:
            self.logger.info("Login (API).")
            post = tornado.escape.json_decode(self.request.body)
            p_role_name = post['username']
            p_role_password = post['password']
            role_hash_password = hash_password(p_role_name, p_role_password)

            self.start_db_session()
            role = get_role_by_auth(self.db_session, p_role_name, role_hash_password)
            self.logger.info("Role '%s' authentificated." % (role.role_name))
            self.db_session.expunge_all()
            self.db_session.commit()
            self.db_session.close()
            sleep(1)
            self.logger.info("Done.")

            return JSONAsyncResult(
                http_code = 200,
                data = { "message": "OK" },
                secure_cookie = { 'name': 'temboard', 'content': gen_cookie(role.role_name, role_hash_password)})

        except (TemboardUIError, Exception) as e:
            try:
                self.db_session.rollback()
                self.db_session.close()
            except Exception:
                pass
            self.logger.exception(str(e))
            self.logger.info("Failed.")
            sleep(1)
            return JSONAsyncResult(
                http_code = 401,
                data = { "error": "Wrong username/password."})
Exemplo n.º 3
0
def handle_password(data):
    if data['password']:
        check_role_password(data['password'])
        return hash_password(
            data['new_username'],
            data['password']
        ).decode('utf-8')
    return None
Exemplo n.º 4
0
    def post_role(self, username):
        try:
            self.logger.info("Posting role.")
            role = None
            self.load_auth_cookie()
            self.start_db_session()
            self.check_admin()
            if username:
                # Update role case.
                role = get_role(self.db_session, username)

            data = tornado.escape.json_decode(self.request.body)
            self.logger.debug(data)

            # Submited attributes checking.
            if 'new_username' not in data or data['new_username'] == '':
                raise TemboardUIError(400, "Username is missing.")
            if 'email' not in data or data['email'] == '':
                raise TemboardUIError(400, "Email is missing.")
            if 'groups' not in data:
                raise TemboardUIError(400, "Groups field is missing.")
            if 'is_active' not in data:
                raise TemboardUIError(400, "Active field is missing.")
            if 'is_admin' not in data:
                raise TemboardUIError(400, "Administrator field is missing.")

            if role and role.role_name != data['new_username']:
                if 'password' not in data or data['password'] == '':
                    raise TemboardUIError(
                        400, "Username will be changed, you need to change "
                        "the password too.")
            if role is None:
                if 'password' not in data or data['password'] == '':
                    raise TemboardUIError(400, "Password is missing.")
            if ('password' in data and data['password'] != '') and \
               ('password2' not in data or data['password2'] == ''):
                raise TemboardUIError(400, "Password confirmation is missing.")
            if 'password' in data and 'password2' in data:
                if data['password'] != data['password2']:
                    raise TemboardUIError(
                        400, "Password confirmation can not be checked.")
            if data['groups'] is not None and type(data['groups']) != list:
                raise TemboardUIError(400, "Invalid group list.")

            check_role_name(data['new_username'])
            check_role_email(data['email'])
            if data['password']:
                check_role_password(data['password'])
                h_passwd = hash_password(data['new_username'],
                                         data['password'])
            else:
                h_passwd = None

            # At this point we can proceed with DB operations.
            # Update role case.
            if role:
                # First step is to remove user from the groups he belongs to.
                role_groups = get_groups_by_role(self.db_session,
                                                 role.role_name)
                if role_groups:
                    for role_group in role_groups:
                        delete_role_from_group(self.db_session, role.role_name,
                                               role_group.group_name)
                role = update_role(self.db_session, role.role_name,
                                   data['new_username'], h_passwd,
                                   data['email'], data['is_active'],
                                   data['is_admin'])
            # New role case.
            else:
                role = add_role(self.db_session, data['new_username'],
                                h_passwd, data['email'], data['is_active'],
                                data['is_admin'])

            # Add user into the new groups.
            if data['groups']:
                for group_name in data['groups']:
                    add_role_in_group(self.db_session, role.role_name,
                                      group_name)

            self.db_session.commit()
            self.logger.info("Done.")
            return JSONAsyncResult(200, {'ok': True})

        except (TemboardUIError, Exception) as e:
            self.logger.exception(str(e))
            self.logger.info("Done.")
            try:
                self.db_session.rollback()
                self.db_session.close()
            except Exception:
                pass
            if isinstance(e, TemboardUIError):
                return JSONAsyncResult(e.code, {'error': e.message})
            else:
                return JSONAsyncResult(500, {'error': "Internal error."})
Exemplo n.º 5
0
def login(request, username):
    password = hash_password(username, username)
    cookie = gen_cookie(username, hash_password=password)
    return Response(secure_cookies={'temboard': cookie})