def login_page(self): session = self.get_session() content = b'' if session.authenticated: return server.HttpRedirect(self.server.settings.prefix + '/') if 'pw' in self.db: valid_pw = (self.server.settings.password_hash is not None and checkpw(self.db['pw'], self.server.settings.password_hash)) valid_token = self.server.verify_token(self.db['pw']) if valid_pw or valid_token: RequireAuthentication.authenticate(self) return server.HttpRedirect(self.server.settings.prefix + '/') else: content += b'<p><strong>Invalid password. Try again.' content += b'</strong></p>' else: content += b'<p>Please enter the password or the security token ' content += b'shown by Nengo when it was started:</p>' return server.HtmlResponse(content + b''' <form method="POST"><p> <label for="pw">Password: </label> <input type="password" name="pw" /> <input type="submit" value="Log in" /> </p></form> ''')
def auth_checked(inst): session = inst.get_session() if session.authenticated: return fn(inst) elif inst.server.verify_token(self.get_token(inst)): self.authenticate(inst) return fn(inst) return server.HttpRedirect(self.login_page)
def auth_checked(inst): session = inst.get_session() if session.authenticated: return fn(inst) elif inst.server.verify_token(self.get_token(inst)): session.authenticated = True session.login_host = inst.headers.get('host', None) inst.persist_session(session) return fn(inst) return server.HttpRedirect(self.login_page)
def login_page(self): session = self.get_session() content = b'' if 'pw' in self.db: if checkpw(self.db['pw'], self.server.settings.password_hash): session.authenticated = True session.login_host = self.headers.get('host', None) else: content += b'<p><strong>Invalid password. Try again.' content += b'</strong></p>' else: content += b'<p>Please enter the password:</p>' if session.authenticated: return server.HttpRedirect('/') return server.HtmlResponse(content + b''' <form method="POST"><p> <label for="pw">Password: </label> <input type="password" name="pw" /> <input type="submit" value="Log in" /> </p></form> ''')
def auth_checked(inst): session = inst.get_session() has_password = inst.server.settings.password_hash is not None if has_password and not session.authenticated: return server.HttpRedirect(self.login_page) return fn(inst)