def do_login(self, req, args, kwargs):
user = None
# Cookies login when one argument is given
if len(args) == 1:
s = self.load_session(args)
if s:
user = UserData(uid=s.get('uid', None))
else:
s = self.api.checkAuth(*args, **kwargs)
if s:
user = UserData(uid=s.uid)
if user:
req.api = self.api.withUserContext(user.uid)
return self.send_result(req, self.OK, True)
else:
return self.send_result(req, self.FORBIDDEN, "Forbidden")
def getAllUserData(self):
self.c.execute(
'SELECT uid, name, email, role, permission, folder, traffic, dllimit, dlquota, '
'hddquota, user, template FROM "users"')
user = {}
for r in self.c:
user[r[0]] = UserData(*r)
return user
def getUserData(self, name=None, uid=None):
qry = (
'SELECT uid, name, email, role, permission, folder, traffic, dllimit, dlquota, '
'hddquota, user, template FROM "users" WHERE ')
if name is not None:
self.c.execute(qry + "name=?", (name, ))
r = self.c.fetchone()
if r:
return UserData(*r)
elif uid is not None:
self.c.execute(qry + "uid=?", (uid, ))
r = self.c.fetchone()
if r:
return UserData(*r)
return None
def checkAuth(self, user, password):
self.c.execute(
'SELECT uid, name, email, role, permission, folder, traffic, dllimit, dlquota, '
'hddquota, user, template, password FROM "users" WHERE name=?',
(user, ))
r = self.c.fetchone()
if not r:
return None
salt = r[-1][:5]
pw = r[-1][5:]
h = sha1(salt + password)
if h.hexdigest() == pw:
return UserData(*r[:-1])
else:
return None
def toUserData(self):
# TODO
return UserData()