def checkpassword(self, **params): username = cherrypy.request.params.get('username').lower() password = cherrypy.request.params.get('password') # check if password is empty if not password: smsgwglobals.wislogger.debug("FRONT: No password on login") raise cherrypy.HTTPRedirect("/smsgateway") # check if username is valid if not username: smsgwglobals.wislogger.debug("FRONT: No username on login") raise cherrypy.HTTPRedirect("/smsgateway") if len(username) > wisglobals.validusernamelength: smsgwglobals.wislogger.debug("FRONT: Username to long on login") raise cherrypy.HTTPRedirect("/smsgateway") if (re.compile(wisglobals.validusernameregex).findall(username)): smsgwglobals.wislogger.debug("FRONT: Username is not valid login") raise cherrypy.HTTPRedirect("/smsgateway") if 'root' in username: smsgwglobals.wislogger.debug("FRONT: ROOT Login " + username) try: if Helper.checkpassword(username, password) is True: cherrypy.session['logon'] = True raise cherrypy.HTTPRedirect("/smsgateway/main") else: raise cherrypy.HTTPRedirect("/smsgateway") except error.UserNotFoundError: raise cherrypy.HTTPRedirect("/smsgateway") else: try: smsgwglobals.wislogger.debug("FRONT: Ldap Login " + username) if wisglobals.ldapenabled is None or 'true' not in wisglobals.ldapenabled.lower(): smsgwglobals.wislogger.debug("FRONT: Ldap Login disabled " + username) raise cherrypy.HTTPRedirect("/smsgateway") smsgwglobals.wislogger.debug("FRONT: Ldap Login " + username) smsgwglobals.wislogger.debug("FRONT: Ldap Users " + str(wisglobals.ldapusers)) if username not in wisglobals.ldapusers: smsgwglobals.wislogger.debug("FRONT: Ldap username not in ldapusers") raise cherrypy.HTTPRedirect("/smsgateway") smsgwglobals.wislogger.debug("FRONT: Ldap Server " + wisglobals.ldapserver) s = Server(wisglobals.ldapserver, get_info=ALL) userdn = 'cn=' + username + ',' + wisglobals.ldapbasedn c = Connection(s, user=userdn, password=password) if c.bind(): smsgwglobals.wislogger.debug("FRONT: Ldap login successful " + username) cherrypy.session['logon'] = True raise cherrypy.HTTPRedirect("/smsgateway/main") else: raise cherrypy.HTTPRedirect("/smsgateway") except error.UserNotFoundError: raise cherrypy.HTTPRedirect("/smsgateway")
def checkpassword(self, **params): username = cherrypy.request.params.get('username').lower() password = cherrypy.request.params.get('password') if 'root' in username: smsgwglobals.wislogger.debug("FRONT: ROOT Login " + username) try: if Helper.checkpassword(username, password) is True: cherrypy.session['logon'] = True raise cherrypy.HTTPRedirect("/smsgateway/main") else: raise cherrypy.HTTPRedirect("/smsgateway") except error.UserNotFoundError: raise cherrypy.HTTPRedirect("/smsgateway") else: try: smsgwglobals.wislogger.debug("FRONT: Ldap Login " + username) if wisglobals.ldapenabled is None or 'true' not in wisglobals.ldapenabled.lower(): smsgwglobals.wislogger.debug("FRONT: Ldap Login disabled " + username) raise cherrypy.HTTPRedirect("/smsgateway") smsgwglobals.wislogger.debug("FRONT: Ldap Login " + username) smsgwglobals.wislogger.debug("FRONT: Ldap Users " + str(wisglobals.ldapusers)) if username not in wisglobals.ldapusers: smsgwglobals.wislogger.debug("FRONT: Ldap username not in ldapusers") raise cherrypy.HTTPRedirect("/smsgateway") smsgwglobals.wislogger.debug("FRONT: Ldap Server " + wisglobals.ldapserver) s = Server(wisglobals.ldapserver, get_info=ALL) userdn = 'cn=' + username + ',' + wisglobals.ldapbasedn c = Connection(s, user=userdn, password=password) if c.bind(): cherrypy.session['logon'] = True raise cherrypy.HTTPRedirect("/smsgateway/main") else: raise cherrypy.HTTPRedirect("/smsgateway") except error.UserNotFoundError: raise cherrypy.HTTPRedirect("/smsgateway")