def UserAuth_Login(username, password):
sql = " SELECT lauth_username, lauth_password FROM user_lauth WHERE lauth_username=%s"
data= mysql.get(sql, username)
logger.debug("mysql data is %s, request %s:%s" %(data, username, md5(password)))
if data and username == data.get("lauth_username") and md5(password) == data.get("lauth_password"):
logger.info("%s Sign in successfully" %username)
return True
else:
logger.info("%s Sign in failed" %username)
return False
def test_utils(self):
self.assertEqual("900150983cd24fb0d6963f7d28e17f72", md5("abc"))
self.assertEqual("a9993e364706816aba3e25717850c26c9cd0d89d",
sha1("abc"))
self.assertEqual("picbed:a:b", rsp("a", "b"))
self.assertEqual(parse_valid_comma("a,b, c,"), ["a", "b", "c"])
self.assertEqual(parse_valid_verticaline("a|b| c"), ["a", "b", "c"])
self.assertTrue(is_true(1))
self.assertTrue(is_true("on"))
self.assertTrue(is_true("true"))
self.assertFalse(is_true(0))
self.assertIsInstance(get_current_timestamp(), int)
self.assertTrue(allowed_file("test.PNG"))
self.assertTrue(allowed_file(".jpeg"))
self.assertFalse(allowed_file("my.psd"))
self.assertFalse(allowed_file("ha.gif", ["jpg"]))
self.assertFalse(allowed_file("ha.jpeg", ["jpg"]))
self.assertFalse(allowed_file("ha.png", ["jpg"]))
self.assertTrue(allowed_file("ha.jpg", ["jpg"]))
v = "6afa9046a9579cad143a384c1b564b9a250d27d6f6a63f9f20bf3a7594c9e2c6"
self.assertEqual(v, hmac_sha256('key', 'text'))
self.assertEqual(v, hmac_sha256(b'key', b'text'))
self.assertEqual(v, hmac_sha256(u'key', u'text'))
self.assertEqual(
"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad",
sha256("abc"))
def ssoCreateTicket(self, sid=None, agent=None, ip=None):
"""创建授权令牌写入redis
说明:
授权令牌:临时鉴别使用,有效期3min,写入令牌集合中。
参数:
sid str: 当None时表明未登录,此时ticket是首次产生;当真时,说明已登录,此时ticket非首次产生,其值需要设置为有效的sid
"""
ticket = gen_requestId()
init = dict(last=get_current_timestamp()) if sid else dict(
ctime=get_current_timestamp(), agent=agent, ip=ip)
sid = sid or md5(ticket)
tkey = "passport:sso:ticket:{}".format(ticket)
skey = "passport:sso:sid:{}".format(sid)
try:
pipe = self.redis.pipeline()
pipe.set(tkey, sid)
#tkey过期,ticket授权令牌过期,应当给个尽可能小的时间,并且ticket使用过后要删除(一次性有效)
pipe.expire(tkey, 180)
#skey初始化数据
pipe.hmset(skey, init)
#skey过期,即cookie过期,设置为jwt过期秒数,每次创建ticket都要更新过期时间
pipe.expire(skey, SYSTEM["SESSION_EXPIRE"])
pipe.execute()
except Exception, e:
logger.error(e, exc_info=True)
def upload_view():
res = dict(code=-1, msg=None)
logger.debug(request.files)
f = request.files.get('file')
if f and allowed_file(f.filename):
filename = secure_filename(gen_rnd_filename() + "." +
f.filename.split('.')[-1]) #随机命名
basedir = Upyun['basedir'] if Upyun['basedir'].startswith(
'/') else "/" + Upyun['basedir']
imgUrl = os.path.join(basedir, filename)
try:
upres = api.put(imgUrl, f.stream.read())
except Exception, e:
logger.error(e, exc_info=True)
res.update(code=2, msg="Storage failure")
else:
imgId = md5(filename)
imgUrl = Upyun['dn'].strip("/") + imgUrl
upres.update(ctime=get_current_timestamp(),
imgUrl=imgUrl,
imgId=imgId)
try:
pipe = g.redis.pipeline()
pipe.sadd(picKey, imgId)
pipe.hmset("{}:{}".format(GLOBAL['ProcessName'], imgId), upres)
pipe.execute()
except Exception, e:
logger.error(e, exc_info=True)
res.update(
code=0,
msg=
"It has been uploaded, but the server has encountered an unknown error"
)
else:
def process_item(self, item, spider):
err = item.valid()
if err:
spider.logger.error(err)
return
if item["full_price"] < 5:
return
data = dict(item)
now = dte.now()
if data["crawl_source"] in ["cqky", "zjgsm", "wxsz", "tongcheng", "cbd", "jsky", "fangbian", "jsdlky", "baba", "tzky", "ctrip", "changtu", "scqcp", "bus365",'szky', "xyjt", "gdsw",'dgky', 'zhw','wmcx','lvtu100','glcx','fjky', 'sd365', "anxing", "zuoche"]:
data["line_id"] = md5("%(s_city_name)s-%(d_city_name)s-%(drv_datetime)s-%(s_sta_name)s-%(d_sta_name)s-%(crawl_source)s" % data)
else:
data["line_id"] = md5("%(s_city_name)s-%(d_city_name)s-%(drv_datetime)s-%(bus_num)s-%(crawl_source)s" % data)
data["update_datetime"] = now
data["refresh_datetime"] = now
pk = {
"line_id": data["line_id"],
}
self.collection.replace_one(pk, data, upsert=True)
def get(self):
phone = self.get_argument('phone')
pwd = self.get_argument('pwd')
r = self.db.query(orm.User)\
.filter(orm.User.phone == phone).one_or_none()
if not r:
return self.error(301, 'Nonexistent phone')
if md5(pwd + r.salt) != r.pwd:
return self.error(302, 'Wrong password')
api_key = verify.Auth().add(r.id)
self.response['data'] = api_key
return self.write(self.response)
def user_update_password(self, username, OldPassword, NewPassword):
"""Update user password"""
res = {"code": 0, "success": False, "msg": None}
if username in self.user_get_list().get(
"data", []) and md5(OldPassword) == self.user_get_lauth_passwd(
username).get("data"):
sql = "UPDATE user_lauth SET lauth_password=%s WHERE lauth_username=%s"
if 5 <= len(NewPassword) < 30:
try:
self.mysql_write.update(sql, md5(NewPassword), username)
except Exception, e:
logger.api.error(e, exc_info=True)
else:
res.update(success=True)
else:
res.update(
msg=
'password length requirement is greater than or equal to 5 less than 30',
code=300002)
def patch(self, *args, **kwargs):
phone = self.get_argument('phone')
password = self.get_argument('pwd')
if not verify.valid_pwd(password):
return self.error(302, 'Invalid password')
captcha = self.get_argument('captcha')
if not verify.Captcha(phone).check(captcha):
return self.error(303, 'Wrong captcha')
r = self.db.query(orm.User)\
.filter(orm.User.phone == phone).first()
if not r:
return self.error(301, 'Nonexistent phone')
r.pwd = md5(password + r.salt)
return self.write(self.response)
def upload_view():
res = dict(code=-1, msg=None)
label = request.args.get("label")
_has_label = lambda label: g.redis.sismember(
current_app.config["labelKey"], label
) and g.redis.exists("{}:label:{}".format(GLOBAL['ProcessName'], label)
) or label == current_app.config["labelDefault"]
if not label:
label = current_app.config["labelDefault"]
if label and _has_label(label):
f = request.files.get('file')
if f and allowed_file(f.filename):
filename = secure_filename(gen_rnd_filename() + "." +
f.filename.split('.')[-1]) #随机命名
basedir = Upyun['basedir'] if Upyun['basedir'].startswith(
'/') else "/" + Upyun['basedir']
imgUrl = os.path.join(basedir, filename)
try:
upres = api.put(imgUrl, f.stream.read())
except Exception, e:
logger.error(e, exc_info=True)
res.update(code=2, msg="Storage failure")
else:
imgId = md5(filename)
imgUrl = Upyun['dn'].strip("/") + imgUrl
upres.update(ctime=get_current_timestamp(),
imgUrl=imgUrl,
imgId=imgId,
label=label)
try:
pipe = g.redis.pipeline()
pipe.sadd(current_app.config["picKey"], imgId)
pipe.hmset("{}:{}".format(GLOBAL['ProcessName'], imgId),
upres)
pipe.hincrby(
"{}:label:{}".format(GLOBAL['ProcessName'], label),
"imgNum")
pipe.execute()
except Exception, e:
logger.error(e, exc_info=True)
res.update(
code=0,
msg=
"It has been uploaded, but the server has encountered an unknown error"
)
else:
logger.info(
"Upload to Upyun file saved, its url is %s, result is %s, imgId is %s"
% (imgUrl, upres, imgId))
res.update(code=0, imgUrl=imgUrl)
def novel_post_book(self, name, summary, cover, link=''):
"""创建一本小说"""
res = dict(code=1, msg=None)
if name and summary and cover:
sql = "INSERT INTO novel_books (book_id,name,summary,cover,ctime,link) VALUES (%s,%s,%s,%s,%s,%s)"
try:
book_id = md5(name)
self.mysql_write.insert(sql, book_id, name, summary, cover,
get_current_timestamp(), link)
except Exception as e:
res.update(msg=str(e))
else:
res.update(code=0, book_id=book_id)
self.novel_refresh_books()
else:
res.update(msg="Param error")
return res
def login():
if g.signin:
return redirect(url_for("index_view"))
else:
query = {
"sso":
True,
"sso_r":
SpliceURL.Modify(request.url_root, "/sso/").geturl,
"sso_p":
SSO["SSO.PROJECT"],
"sso_t":
md5("%s:%s" % (SSO["SSO.PROJECT"],
SpliceURL.Modify(request.url_root, "/sso/").geturl))
}
SSOLoginURL = SpliceURL.Modify(url=SSO["SSO.URL"],
path="/login/",
query=query).geturl
logger.info("User request login to SSO: %s" % SSOLoginURL)
return redirect(SSOLoginURL)
def createUserApp(self, name, description, app_redirect_url):
"""新建userapp应用
@param name str: 应用名
@param description str: 应用描述
@param app_redirect_url str: 回调url
"""
res = dict(msg=None, code=1)
if name and description and app_redirect_url and Universal_pat.match(name) and url_pat.match(app_redirect_url):
app_id = md5(name)
app_secret = gen_token(36)
ctime = get_current_timestamp()
sql = "INSERT INTO sso_apps (name, description, app_id, app_secret, app_redirect_url, ctime) VALUES (%s, %s, %s, %s, %s, %s)"
try:
self.mysql.insert(sql, name, description, app_id, app_secret, app_redirect_url, ctime)
except IntegrityError:
res.update(msg="Name already exists", code=2)
except Exception, e:
logger.error(e, exc_info=True)
res.update(msg="System is abnormal", code=3)
else:
res.update(code=0, refreshCache=self.refreshUserApp())
def test_utils(self):
self.assertEqual("900150983cd24fb0d6963f7d28e17f72", md5("abc"))
self.assertEqual("a9993e364706816aba3e25717850c26c9cd0d89d",
sha1("abc"))
self.assertEqual("picbed:a:b", rsp("a", "b"))
self.assertEqual(parse_valid_comma("a,b, c,"), ["a", "b", "c"])
self.assertEqual(parse_valid_verticaline("a|b| c"), ["a", "b", "c"])
self.assertTrue(is_true(1))
self.assertTrue(is_true("on"))
self.assertTrue(is_true("true"))
self.assertFalse(is_true(0))
self.assertIsInstance(get_current_timestamp(), int)
self.assertTrue(allowed_file("test.PNG"))
self.assertTrue(allowed_file(".jpeg"))
self.assertFalse(allowed_file("my.psd"))
self.assertFalse(allowed_file("ha.gif", ["jpg"]))
self.assertFalse(allowed_file("ha.jpeg", ["jpg"]))
self.assertFalse(allowed_file("ha.png", ["jpg"]))
self.assertTrue(allowed_file("ha.jpg", ["jpg"]))
v = "6afa9046a9579cad143a384c1b564b9a250d27d6f6a63f9f20bf3a7594c9e2c6"
self.assertEqual(v, hmac_sha256("key", "text"))
self.assertEqual(v, hmac_sha256(b"key", b"text"))
self.assertEqual(v, hmac_sha256(u"key", u"text"))
self.assertEqual(
"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad",
sha256("abc"),
)
#: test format_upload_src
baseimg = "img-url"
basefmt = {"src": baseimg}
self.assertEqual(format_upload_src(123, baseimg), basefmt)
self.assertEqual(format_upload_src(None, baseimg), basefmt)
self.assertEqual(format_upload_src([0], baseimg), basefmt)
self.assertEqual(format_upload_src("", baseimg), basefmt)
self.assertEqual(format_upload_src(".", baseimg), basefmt)
self.assertEqual(format_upload_src(".1", baseimg), basefmt)
self.assertEqual(format_upload_src("1.", baseimg), basefmt)
self.assertEqual(format_upload_src(1.1, baseimg), basefmt)
self.assertEqual(format_upload_src("1.1", baseimg),
{"1": {
"1": baseimg
}})
self.assertEqual(format_upload_src("u", baseimg), basefmt)
self.assertEqual(format_upload_src("im", baseimg), {"im": baseimg})
self.assertEqual(format_upload_src("url", baseimg), {"url": baseimg})
self.assertEqual(format_upload_src("i.am.src", baseimg), basefmt)
self.assertEqual(format_upload_src("src.url", baseimg),
{"src": {
"url": baseimg
}})
#: test format_apires
self.assertEqual(format_apires({"code": 0}, "success", "bool"),
{"success": True})
self.assertEqual(format_apires({"code": 0}, oc="200"), {"code": 200})
self.assertEqual(format_apires({"code": -1}, "status", "bool"),
{"status": False})
self.assertEqual(
format_apires(dict(code=-1, msg="xxx"), "errno", "200"),
{
"errno": -1,
"msg": "xxx"
},
)
self.assertEqual(
format_apires(dict(code=-1, msg="xxx"), "errno", "200", "errmsg"),
{
"errno": -1,
"errmsg": "xxx"
},
)
self.assertEqual(
format_apires(dict(code=0, msg="xxx"), "", "200", "errmsg"),
{
"code": 200,
"errmsg": "xxx"
},
)
self.assertEqual(len(generate_random()), 6)
self.assertIn("Mozilla/5.0", gen_ua())
# bleach
self.assertEqual(bleach_html("<i>abc</i>"), "<i>abc</i>")
self.assertEqual(
bleach_html("<script>var abc</script>"),
"<script>var abc</script>",
)
# re
self.assertEqual(parse_author_mail("staugur"), ("staugur", None))
self.assertEqual(parse_author_mail("staugur <mail>"),
("staugur", "mail"))
def post(self):
"""login and registry, with url args:
1. action=log/reg, default is log;
post data:
1. username,
2. password,
3. email
"""
NULL = None
res = {"url": request.url, "msg": None, "success": False}
username = request.form.get("username")
password = request.form.get("password")
email = request.form.get("email", NULL)
action = request.args.get("action") #log or reg (登录or注册)
#chck username and password value
if not username or not password:
res.update(msg="Invaild username or password", code=10001)
logger.api.debug(res)
return res
#check username and password length
if 5 <= len(username) < 30 and 5 <= len(password) < 30:
MD5password = md5(password)
else:
res.update({
'msg':
'username or password length requirement is greater than or equal to 5 less than 30',
'code': 10002
})
logger.api.warn(res)
return res
#check username pattern
if not user_pat.match(username):
res.update({'msg': 'username is not valid', 'code': 10003})
logger.api.warn(res)
return res
if email and mail_pat.match(email) == None:
res.update({'msg': "email format error", 'code': 10004})
logger.api.warn(res)
return res
#Start Action with (log, reg)
if action == 'SignIn':
logger.api.debug(RegisteredUser())
logger.api.debug(
"MD5password: %s, DBpassword: %s, username: %s" %
(MD5password,
RegisteredUserInfo(username).get("lauth_password"), username))
if username in RegisteredUser():
if MD5password == RegisteredUserInfo(username).get(
"lauth_password"):
res.update({
'msg': 'Password authentication success at sign in',
'code': 0,
"success": True
})
else:
res.update({
'msg': 'Password authentication failed at sign in',
'code': 10005,
"success": False
})
else:
res.update({'msg': 'username not exists', 'code': 10006})
logger.api.debug(res)
return res
elif action == 'SignUp':
try:
AuthSQL = "INSERT INTO LAuth (lauth_username, lauth_password) VALUES(%s, %s)"
logger.api.info(AuthSQL)
mysql.insert(AuthSQL, username, MD5password)
UserSQL = "INSERT INTO User (username, email, time, avatar) VALUES(%s, %s, %s, %s)"
mysql.insert(UserSQL, username, email, get_today(),
"/static/img/avatar/default.jpg")
except IntegrityError, e:
logger.api.error(e, exc_info=True)
res.update({
'msg': 'username already exists, cannot be registered!',
'code': 10007
})
logger.api.warn(res)
return res
except Exception, e:
logger.api.error(e, exc_info=True)
res.update(msg="server error", code=-1)
logger.api.error(res)
return res
def test_utils(self):
self.assertEqual("900150983cd24fb0d6963f7d28e17f72", md5("abc"))
self.assertEqual(
"a9993e364706816aba3e25717850c26c9cd0d89d", sha1("abc")
)
self.assertEqual("picbed:a:b", rsp("a", "b"))
self.assertEqual(parse_valid_comma("a,b, c,"), ["a", "b", "c"])
self.assertEqual(parse_valid_verticaline("a|b| c"), ["a", "b", "c"])
self.assertTrue(is_true(1))
self.assertTrue(is_true("on"))
self.assertTrue(is_true("true"))
self.assertFalse(is_true(0))
self.assertIsInstance(get_current_timestamp(), int)
self.assertTrue(allowed_file("test.PNG"))
self.assertTrue(allowed_file(".jpeg"))
self.assertFalse(allowed_file("my.psd"))
self.assertFalse(allowed_file("ha.gif", ["jpg"]))
self.assertFalse(allowed_file("ha.jpeg", ["jpg"]))
self.assertFalse(allowed_file("ha.png", ["jpg"]))
self.assertTrue(allowed_file("ha.jpg", ["jpg"]))
v = "6afa9046a9579cad143a384c1b564b9a250d27d6f6a63f9f20bf3a7594c9e2c6"
self.assertEqual(v, hmac_sha256('key', 'text'))
self.assertEqual(v, hmac_sha256(b'key', b'text'))
self.assertEqual(v, hmac_sha256(u'key', u'text'))
self.assertEqual(
"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad",
sha256("abc")
)
#: test format_upload_src
baseimg = 'img-url'
basefmt = {'src': baseimg}
self.assertEqual(format_upload_src(123, baseimg), basefmt)
self.assertEqual(format_upload_src(None, baseimg), basefmt)
self.assertEqual(format_upload_src([0], baseimg), basefmt)
self.assertEqual(format_upload_src('', baseimg), basefmt)
self.assertEqual(format_upload_src('.', baseimg), basefmt)
self.assertEqual(format_upload_src('.1', baseimg), basefmt)
self.assertEqual(format_upload_src('1.', baseimg), basefmt)
self.assertEqual(format_upload_src(1.1, baseimg), basefmt)
self.assertEqual(
format_upload_src('1.1', baseimg), {'1': {'1': baseimg}}
)
self.assertEqual(format_upload_src('u', baseimg), basefmt)
self.assertEqual(format_upload_src('im', baseimg), {'im': baseimg})
self.assertEqual(format_upload_src('url', baseimg), {'url': baseimg})
self.assertEqual(format_upload_src('i.am.src', baseimg), basefmt)
self.assertEqual(
format_upload_src('src.url', baseimg), {'src': {'url': baseimg}}
)
#: test format_apires
self.assertEqual(
format_apires({'code': 0}, "success", "bool"), {'success': True}
)
self.assertEqual(
format_apires({'code': 0}, oc="200"), {'code': 200}
)
self.assertEqual(
format_apires({'code': -1}, "status", "bool"), {'status': False}
)
self.assertEqual(
format_apires(dict(code=-1, msg='xxx'), 'errno', '200'),
{'errno': -1, 'msg': 'xxx'}
)
self.assertEqual(
format_apires(dict(code=-1, msg='xxx'), 'errno', '200', 'errmsg'),
{'errno': -1, 'errmsg': 'xxx'}
)
self.assertEqual(
format_apires(dict(code=0, msg='xxx'), '', '200', 'errmsg'),
{'code': 200, 'errmsg': 'xxx'}
)
self.assertEqual(len(generate_random()), 6)
self.assertIn("Mozilla/5.0", gen_ua())
def get(self):
code = request.args.get("code")
SSORequest = True if request.args.get("sso") in ("true", "True", True,
"1", "on") else False
SSOProject = request.args.get("sso_p")
SSORedirect = request.args.get("sso_r")
SSOToken = request.args.get("sso_t")
SSOTokenMD5 = md5("%s:%s" % (SSOProject, SSORedirect))
logger.debug(request.args)
logger.debug(SSOTokenMD5 == SSOToken)
if g.signin:
return redirect(url_for("uc"))
elif code:
SSOLoginURL = "%s?%s" % (
PLUGINS['thirdLogin']['GITHUB']['REDIRECT_URI'],
urlencode({
"sso": SSORequest,
"sso_r": SSORedirect,
"sso_p": SSOProject,
"sso_t": SSOToken
}))
logger.debug(SSOLoginURL)
data = GitHub_Login_Page_State(
code, PLUGINS['thirdLogin']['GITHUB']['APP_ID'],
PLUGINS['thirdLogin']['GITHUB']['APP_KEY'], SSOLoginURL)
if data:
username = data.get("username")
expires_in = 3600 * 24 * 30
userid = data.get("uid")
expire_time = How_Much_Time(
seconds=expires_in) if expires_in else None
sessionId = md5(
'%s-%s-%s-%s' %
(username, userid, expire_time, "COOKIE_KEY")).upper()
if SSOProject in GLOBAL.get(
"ACL"
) and SSORequest and SSORedirect and SSOTokenMD5 == SSOToken:
logger.info(
"RequestURL:%s, SSORequest:%s, SSOProject:%s, SSORedirect:%s"
% (request.url, SSORequest, SSOProject, SSORedirect))
ticket = '.'.join([username, expire_time, sessionId])
returnURL = SSORedirect + "?ticket=" + ticket
logger.info(
"SSO(%s) request project is in acl, will create a ticket, redirect to %s"
% (SSOProject, returnURL))
resp = make_response(redirect(returnURL))
else:
logger.info("Not SSO Auth, to local auth")
resp = make_response(redirect(url_for("uc")))
resp.set_cookie(key='logged_in',
value="yes",
max_age=expires_in)
resp.set_cookie(key='username',
value=username,
max_age=expires_in)
resp.set_cookie(key='time',
value=expire_time,
max_age=expires_in)
resp.set_cookie(key='Azone',
value="GitHub",
max_age=expires_in)
resp.set_cookie(
key='sessionId',
value=md5(
'%s-%s-%s-%s' %
(username, userid, expire_time, "COOKIE_KEY")).upper(),
max_age=expires_in)
return resp
else:
return redirect(url_for("login"))
def login():
SSORequest = True if request.args.get("sso") in ("true", "True", True, "1",
"on") else False
SSOProject = request.args.get("sso_p")
SSORedirect = request.args.get("sso_r")
SSOToken = request.args.get("sso_t")
SSOTokenMD5 = md5("%s:%s" % (SSOProject, SSORedirect))
logger.debug(request.args)
logger.debug("remember: %s" % request.form)
logger.debug(SSOTokenMD5 == SSOToken)
if g.signin:
if SSOProject in GLOBAL.get(
"ACL"
) and SSORequest and SSORedirect and SSOTokenMD5 == SSOToken:
returnURL = SSORedirect + "?ticket=" + g.credential
logger.info(
"SSO(%s) request project is in acl, already landing, redirect to %s"
% (SSOProject, returnURL))
return redirect(returnURL)
else:
return redirect(url_for("uc"))
else:
if request.method == "GET":
return render_template(
"signin.html",
enable_qq=PLUGINS['thirdLogin']['QQ']['ENABLE'],
enable_weibo=PLUGINS['thirdLogin']['WEIBO']['ENABLE'],
enable_github=PLUGINS['thirdLogin']['GITHUB']['ENABLE'],
enable_instagram=PLUGINS['thirdLogin']['INSTAGRAM']['ENABLE'],
enable_oschina=PLUGINS['thirdLogin']['OSCHINA']['ENABLE'])
else:
username = request.form.get("username")
password = request.form.get("password")
remember = 30 if request.form.get("remember") in ("True", "true",
True) else None
if username and password and UserAuth_Login(username, password):
max_age_sec = 3600 * 24 * remember if remember else None
expires = How_Much_Time(max_age_sec) if max_age_sec else 'None'
#expire_time = datetime.datetime.today() + datetime.timedelta(days=remember) if remember else None
sessionId = md5(
'%s-%s-%s-%s' %
(username, md5(password), expires, "COOKIE_KEY")).upper()
logger.debug(
"check user login successful, max_age_sec: %s, expires: %s"
% (max_age_sec, expires))
if SSOProject in GLOBAL.get(
"ACL"
) and SSORequest and SSORedirect and SSOTokenMD5 == SSOToken:
logger.info(
"RequestURL:%s, SSORequest:%s, SSOProject:%s, SSORedirect:%s"
% (request.url, SSORequest, SSOProject, SSORedirect))
ticket = '.'.join([username, expires, sessionId])
returnURL = SSORedirect + "?ticket=" + ticket
logger.info(
"SSO(%s) request project is in acl, will create a ticket, redirect to %s"
% (SSOProject, returnURL))
resp = make_response(redirect(returnURL))
else:
logger.info("Not SSO Auth, to local auth")
resp = make_response(redirect(url_for("uc")))
resp.set_cookie(key='logged_in',
value="yes",
max_age=max_age_sec)
resp.set_cookie(key='username',
value=username,
max_age=max_age_sec)
resp.set_cookie(key='sessionId',
value=sessionId,
max_age=max_age_sec)
resp.set_cookie(key='time', value=expires, max_age=max_age_sec)
resp.set_cookie(key='Azone',
value="local",
max_age=max_age_sec)
#LogonCredentials: make_signed_cookie(username, md5(password), seconds=max_age_sec)
#LogonCredentials: make_signed_cookie(username, openid/uid, seconds=max_age_sec)
return resp
else:
if SSORequest:
return redirect(
url_for("login",
sso=SSORequest,
sso_p=SSOProject,
sso_r=SSORedirect,
sso_t=SSOToken))
else:
return redirect(url_for("login"))
def __init__(self, phone=None, pwd=None):
self.phone = phone
self.salt = random_str(32)
self.pwd = md5(pwd + self.salt)
