def post(self, *args, **kwargs): start_time = time.time() username = self.get_argument("username", None) password = self.get_argument("password", None) domain = self.get_argument("domain", None) mac = self.get_argument("mac", None) vlanid1, vlanid2 = 0, 0 cli_dev, cli_os = self.chk_os isChap = 0 chapId = 0 chapPasswdHex = 'null' challengeHex = 'null' gwid = self.get_argument("gwid") user_ip = self.get_argument("user_ip") end_url = "{0}://{1}/ikend".format(self.request.protocol, self.request.host) callback_url = self.get_argument("callback_url") iknas = yield self.get_ikuai_nas(gwid) nasaddr = iknas.get("nas_addr", '0.0.0.0') reqdata = dict( userName=username, password=password, domain=domain, macAddr=mac, nasAddr=nasaddr, vlanId1=vlanid1, vlanId2=vlanid2, deviceType=cli_dev, os=cli_os, isChap=isChap, chapId=chapId, chapPasswdHex=chapPasswdHex, challengeHex=challengeHex, ) jsonresp = yield self.policy_auth(reqdata, test=False) if jsonresp['code'] == 1: self.render_error(msg=jsonresp['msg']) return if self.settings.debug: self.syslog.debug('ikauth login cast:%s' % (time.time() - start_time)) cparams = dict( user_id=username, user_ip=user_ip, upload=0, download=0, phone='', name='', comment='', type='portal', session_id=utils.get_uuid(), timestamp=int(time.time()) ) session = dict( username=username, nas_addr=nasaddr, session_id=cparams["session_id"], start_time=utils.get_currtime(), ipaddr=user_ip, macaddr=mac, input_total=0, output_total=0 ) session['sign'] = self.mksign(session.values()) _apiurl = "%s/session/add" % self.settings.apiurl se_resp = yield requests.post(_apiurl, data=json.dumps(session, ensure_ascii=False), headers={"Content-Type": ["application/json"]}) if se_resp.code != 200: self.syslog.error("ikuai session create error : {0}".format(repr(se_resp))) self.render_error(msg=u"认证失败,创建会话失败") return param_str = urllib.urlencode(cparams) param_str = "{0}&mac={1}".format(param_str, mac) token = md5("{0}&key={1}".format(param_str, iknas.get('api_key'))).hexdigest() enc = base64.encodestring(param_str) full_url = "{0}?ver=1&enc={1}&token={2}&end_url={3}".format(callback_url.strip(), enc, token, end_url) self.syslog.info("[username:{0}] callback {1}".format(username, full_url)) if self.settings.debug: self.syslog.debug('ikportal auth cast:%s' % (time.time() - start_time)) self.redirect(full_url)
def set_user_cookie(): self.set_secure_cookie("portal_user", _username, expires_days=1) self.set_secure_cookie("portal_logintime", utils.get_currtime(), expires_days=1) self.set_secure_cookie("portal_qstr", qstr, expires_days=1)