def f_welcome():
if "SessionID" in session:
db = mongodb.Connector()
ua = db.check_session(session.get("SessionID"))
ua["LoginTime"] = ua["LoginTime"].strftime("%H:%M:%S - (%d/%b/%Y)")
ua["ExpireTime"] = ua["ExpireTime"].strftime("%H:%M:%S - (%d/%b/%Y)")
session.pop("SessionID", None)
return render_template("welcome.html", userdata=ua)
else:
return redirect("/login")
def expirer():
""" Cleaning expired sessions """
ts = datetime.now()
log.error('[%s] %s %s %s',
ts, "scheduler", "expirer", "RUNNING")
db = mongodb.Connector()
sessions = db.expire_sessions() # querying expired sessions
if type(sessions) == list:
if len(sessions) > 0:
fw = iptables.Worker()
counter = fw.del_rules(sessions) # deleting rules
if type(counter) != int:
log.error('[%s] %s %s %s',
ts, "scheduler", "expirer", "FAIL_IPTABLES")
else:
log.error('[%s] %s %s %s',
ts, "scheduler", "expirer", "FAIL_MONGODB")
def expirer():
""" Searching/cleaning expired sessions """
db = mongodb.Connector()
# querying expired sessions
sessions = db.expire_sessions()
if type(sessions) == list:
if len(sessions) > 0:
fw = iptables.Worker()
# deleting rules
counter = fw.del_rules(sessions)
if type(counter) == int:
log.info('%s %s %s', "scheduler", "expirer", "OK")
else:
log.error('%s %s %s', "scheduler", "expirer", "FAIL_IPTABLES")
else:
log.error('%s %s %s', "scheduler", "expirer", "FAIL_MONGODB")
def f_login():
""" Processing request. """
# Verifies if the request was transmited via Proxy or not.
client_ip = None
if request.environ.get('HTTP_X_REAL_IP') is not None:
client_ip = request.environ.get('HTTP_X_REAL_IP')
else:
client_ip = request.environ.get('REMOTE_ADDR')
if request.method == 'GET':
log.info('%s %s %s', "/login", "GET", client_ip)
return render_template("login.html")
elif request.method == 'POST':
log.info('%s %s %s', "/login", "POST", client_ip)
user_data = user_data_parser(request.headers.get('User-Agent'))
username = request.form['username']
password = request.form['password']
db = mongodb.Connector()
login = db.login(username, password)
if login == 0:
session_id = db.add_session(username, client_ip, user_data)
if len(str(session_id)) == 24:
fw = iptables.Worker()
allow = fw.add_rule(client_ip)
if allow == 0:
log.info('%s %s %s', "login", "OK", client_ip)
session["SessionID"] = str(session_id)
return redirect("/welcome")
else:
msg = "Server Error (firewall)"
return render_template("login.html", login_msg=msg)
else:
msg = "Server Error (session)"
return render_template("login.html", login_msg=msg)
elif login == 1 or login == 2:
msg = "Wrong Credentials!"
return render_template("login.html", login_msg=msg)
else:
msg = "Server Error (login)"
return render_template("login.html", login_msg=msg)
else:
abort(405) # 405: Method Not Allowed
def f_login():
""" Processing request. """
client_ip = None
if request.method == 'GET':
# Verifies if the request was transmited via Proxy,
# in order to adapt the Standalone execution.
if request.environ.get('HTTP_X_REAL_IP') is not None:
client_ip = request.environ.get('HTTP_X_REAL_IP')
else:
client_ip = request.environ.get('REMOTE_ADDR')
ts = datetime.now()
log.error('[%s] %s %s %s %s', ts, "/login", "GET", client_ip, "OK")
return render_template("login.html")
elif request.method == 'POST':
username = request.form['username']
password = request.form['password']
db = mongodb.Connector()
login = db.login(username, password)
if login == 0:
login_record = db.add_session(username, client_ip)
if login_record == 0:
fw = iptables.Worker()
allow = fw.add_rule(client_ip)
if allow == 0:
return redirect("/welcome")
else:
msg = "Server Error (firewall)"
return render_template("login.html", login_msg=msg)
else:
msg = "Server Error (session)"
return render_template("login.html", login_msg=msg)
elif login == 1 or login == 2:
msg = "Wrong Credentials!"
return render_template("login.html", login_msg=msg)
else:
msg = "Server Error (login)"
return render_template("login.html", login_msg=msg)
else:
abort(405) # 405: Method Not Allowed
