[ipfire.org.git] / webapp / handlers_base.py

#!/usr/bin/python

from __future__ import division

import datetime
import dateutil.parser
import httplib
import ipaddr
import logging
import time
import tornado.locale
import tornado.web

import backend.util

class BaseHandler(tornado.web.RequestHandler):
	rss_url = None

	def get_account(self, uid):
		# Find the name of the author
		return self.accounts.find(uid)

	def get_user_locale(self):
		# The planet is always in english.
		if self.request.host == "planet.ipfire.org":
			return tornado.locale.get("en_US")

		# Otherwise take the browser locale.
		return self.get_browser_locale()

	@property
	def render_args(self):
		today = datetime.date.today()

		# Get the requested host and remove the development prefix
		hostname = self.request.host.replace(".dev.", ".")

		return {
			"format_size" : backend.util.format_size,
			"format_time" : backend.util.format_time,
			"hostname" : hostname,
			"lang" : self.locale.code[:2],
			"rss_url" : self.rss_url,
			"year" : today.year,
		}

	def render(self, *args, **_kwargs):
		kwargs = self.render_args
		kwargs.update(_kwargs)
		tornado.web.RequestHandler.render(self, *args, **kwargs)

	def render_string(self, *args, **_kwargs):
		kwargs = self.render_args
		kwargs.update(_kwargs)
		return tornado.web.RequestHandler.render_string(self, *args, **kwargs)

	def write_error(self, status_code, **kwargs):
		if status_code in (404, 500):
			render_args = ({
				"code"      : status_code,
				"exception" : kwargs.get("exception", None),
				"message"   : httplib.responses[status_code],
			})
			self.render("error-%s.html" % status_code, **render_args)
		else:
			return tornado.web.RequestHandler.write_error(self, status_code, **kwargs)

	def static_url(self, path, static=True):
		ret = tornado.web.RequestHandler.static_url(self, path)

		if self.settings.get("debug", False):
			return ret

		elif self.request.host == "admin.ipfire.org":
			return ret

		elif static:
			return "http://static.ipfire.org%s" % ret

		return ret

	def get_remote_ip(self):
		# Fix for clients behind a proxy that sends "X-Forwarded-For".
		remote_ips = self.request.remote_ip.split(", ")
		for remote_ip in remote_ips:
			try:
				addr = ipaddr.IPAddress(remote_ip)
			except ValueError:
				# Skip invalid IP addresses.
				continue

			# Check if the given IP address is from a
			# private network.
			if addr.is_private:
				continue

			return remote_ip

	def get_remote_location(self):
		if not hasattr(self, "__remote_location"):
			remote_ip = self.get_remote_ip()

			self.__remote_location = self.geoip.get_location(remote_ip)

		return self.__remote_location

	def get_argument_date(self, arg, *args, **kwargs):
		value = self.get_argument(arg, *args, **kwargs)
		if value is None:
			return

		try:
			return dateutil.parser.parse(value)
		except ValueError:
			raise tornado.web.HTTPError(400)

	# Login stuff

	def get_current_user(self):
		session_id = self.get_cookie("session_id")
		if not session_id:
			return

		# Get account from the session object
		account = self.backend.accounts.get_by_session(session_id, self.request.host)

		# If the account was not found or the session was not valid
		# any more, we will remove the cookie.
		if not account:
			self.clear_cookie("session_id")

		return account

	def login(self, username, password):
		# Find account
		account = self.backend.accounts.find_account(username)
		if not account:
			logging.warning(401, "unknown account: %s" % username)
			return False

		# Check credentials
		if not account.check_password(password):
			logging.warning("invalid password for %s" % account)
			return False

		# User has logged in, create a session
		session_id, session_expires = self.backend.accounts.create_session(account,
			self.request.host)

		# Check if a new session was created
		if not session_id:
			logging.warning("Could not create session")
			return False

		# Send session cookie to the client
		self.set_cookie("session_id", session_id,
			domain=self.request.host, expires=session_expires)

		return True

	def logout(self):
		session_id = self.get_cookie("session_id")

		if not session_id:
			return

		success = self.backend.accounts.destroy_session(session_id, self.request.host)
		if success:
			self.clear_cookie("session_id")

	@property
	def backend(self):
		return self.application.backend

	@property
	def db(self):
		return self.backend.db

	@property
	def advertisements(self):
		return self.backend.advertisements

	@property
	def accounts(self):
		return self.backend.accounts

	@property
	def downloads(self):
		return self.backend.downloads

	@property
	def fireinfo(self):
		return self.backend.fireinfo

	@property
	def iuse(self):
		return self.backend.iuse

	@property
	def memcached(self):
		return self.backend.memcache

	@property
	def mirrors(self):
		return self.backend.mirrors

	@property
	def netboot(self):
		return self.backend.netboot

	@property
	def news(self):
		return self.backend.news

	@property
	def config(self):
		return self.backend.settings

	@property
	def releases(self):
		return self.backend.releases

	@property
	def geoip(self):
		return self.backend.geoip

	@property
	def talk(self):
		return self.backend.talk

	@property
	def tracker(self):
		return self.backend.tracker

	@property
	def planet(self):
		return self.backend.planet

	@property
	def wishlist(self):
		return self.backend.wishlist


class LoginHandler(BaseHandler):
	def get(self):
		self.render("auth/login.html")

	def post(self):
		username = self.get_argument("username")
		password = self.get_argument("password")

		if not self.login(username, password):
			raise tornado.web.HTTPError(401)

		next = self.get_argument("next", "/")
		return self.redirect(next)


class LogoutHandler(BaseHandler):
	def get(self):
		self.logout()

		# Get back to the start page
		self.redirect("/")
Commit	Line	Data
940227cb MT	1	#!/usr/bin/python
940227cb MT	2
60024cc8 MT	3	from __future__ import division
60024cc8 MT	4
cc3b928d	5	import datetime
66862195 MT	6	import dateutil.parser
	7	import httplib
	8	import ipaddr
47ed77ed	9	import logging
940227cb MT	10	import time
	11	import tornado.locale
	12	import tornado.web
	13
66862195	14	import backend.util
60024cc8	15
940227cb	16	class BaseHandler(tornado.web.RequestHandler):
de683d7c MT	17	rss_url = None
de683d7c MT	18
940227cb MT	19	def get_account(self, uid):
	20	# Find the name of the author
	21	return self.accounts.find(uid)
	22
60024cc8	23	def get_user_locale(self):
45c763aa MT	24	# The planet is always in english.
45c763aa MT	25	if self.request.host == "planet.ipfire.org":
dbf95cf2	26	return tornado.locale.get("en_US")
45c763aa	27
dbf95cf2 MT	28	# Otherwise take the browser locale.
dbf95cf2 MT	29	return self.get_browser_locale()
940227cb MT	30
	31	@property
	32	def render_args(self):
cc3b928d MT	33	today = datetime.date.today()
cc3b928d MT	34
66862195 MT	35	# Get the requested host and remove the development prefix
	36	hostname = self.request.host.replace(".dev.", ".")
	37
940227cb	38	return {
66862195 MT	39	"format_size" : backend.util.format_size,
	40	"format_time" : backend.util.format_time,
	41	"hostname" : hostname,
940227cb	42	"lang" : self.locale.code[:2],
de683d7c	43	"rss_url" : self.rss_url,
cc3b928d	44	"year" : today.year,
940227cb MT	45	}
940227cb MT	46
bcc3ed4d MT	47	def render(self, args, *_kwargs):
	48	kwargs = self.render_args
	49	kwargs.update(_kwargs)
940227cb MT	50	tornado.web.RequestHandler.render(self, args, *kwargs)
940227cb MT	51
bcc3ed4d MT	52	def render_string(self, args, *_kwargs):
	53	kwargs = self.render_args
	54	kwargs.update(_kwargs)
940227cb MT	55	return tornado.web.RequestHandler.render_string(self, args, *kwargs)
940227cb MT	56
02f2d7fe	57	def write_error(self, status_code, **kwargs):
940227cb MT	58	if status_code in (404, 500):
	59	render_args = ({
	60	"code" : status_code,
	61	"exception" : kwargs.get("exception", None),
	62	"message" : httplib.responses[status_code],
	63	})
02f2d7fe	64	self.render("error-%s.html" % status_code, **render_args)
940227cb	65	else:
02f2d7fe	66	return tornado.web.RequestHandler.write_error(self, status_code, **kwargs)
940227cb	67
3d540c40 MT	68	def static_url(self, path, static=True):
	69	ret = tornado.web.RequestHandler.static_url(self, path)
	70
1de8dd23 MT	71	if self.settings.get("debug", False):
	72	return ret
	73
	74	elif self.request.host == "admin.ipfire.org":
	75	return ret
	76
	77	elif static:
	78	return "http://static.ipfire.org%s" % ret
3d540c40 MT	79
	80	return ret
	81
9068dba1 MT	82	def get_remote_ip(self):
9068dba1 MT	83	# Fix for clients behind a proxy that sends "X-Forwarded-For".
66862195 MT	84	remote_ips = self.request.remote_ip.split(", ")
	85	for remote_ip in remote_ips:
	86	try:
	87	addr = ipaddr.IPAddress(remote_ip)
	88	except ValueError:
	89	# Skip invalid IP addresses.
	90	continue
9068dba1	91
66862195 MT	92	# Check if the given IP address is from a
	93	# private network.
	94	if addr.is_private:
	95	continue
9068dba1	96
66862195	97	return remote_ip
9068dba1 MT	98
	99	def get_remote_location(self):
	100	if not hasattr(self, "__remote_location"):
	101	remote_ip = self.get_remote_ip()
	102
	103	self.__remote_location = self.geoip.get_location(remote_ip)
	104
	105	return self.__remote_location
	106
66862195 MT	107	def get_argument_date(self, arg, args, *kwargs):
	108	value = self.get_argument(arg, args, *kwargs)
	109	if value is None:
	110	return
	111
	112	try:
	113	return dateutil.parser.parse(value)
	114	except ValueError:
	115	raise tornado.web.HTTPError(400)
	116
	117	# Login stuff
	118
	119	def get_current_user(self):
	120	session_id = self.get_cookie("session_id")
	121	if not session_id:
	122	return
	123
	124	# Get account from the session object
	125	account = self.backend.accounts.get_by_session(session_id, self.request.host)
	126
	127	# If the account was not found or the session was not valid
	128	# any more, we will remove the cookie.
	129	if not account:
	130	self.clear_cookie("session_id")
	131
	132	return account
	133
	134	def login(self, username, password):
	135	# Find account
	136	account = self.backend.accounts.find_account(username)
	137	if not account:
	138	logging.warning(401, "unknown account: %s" % username)
	139	return False
	140
	141	# Check credentials
	142	if not account.check_password(password):
	143	logging.warning("invalid password for %s" % account)
	144	return False
	145
	146	# User has logged in, create a session
	147	session_id, session_expires = self.backend.accounts.create_session(account,
	148	self.request.host)
	149
	150	# Check if a new session was created
	151	if not session_id:
	152	logging.warning("Could not create session")
	153	return False
	154
	155	# Send session cookie to the client
	156	self.set_cookie("session_id", session_id,
	157	domain=self.request.host, expires=session_expires)
	158
	159	return True
	160
	161	def logout(self):
	162	session_id = self.get_cookie("session_id")
	163
	164	if not session_id:
	165	return
	166
	167	success = self.backend.accounts.destroy_session(session_id, self.request.host)
	168	if success:
	169	self.clear_cookie("session_id")
	170
a6dc0bad MT	171	@property
	172	def backend(self):
	173	return self.application.backend
	174
9068dba1 MT	175	@property
	176	def db(self):
	177	return self.backend.db
	178
a0048e66 MT	179	@property
a0048e66 MT	180	def advertisements(self):
9068dba1	181	return self.backend.advertisements
a0048e66	182
940227cb MT	183	@property
940227cb MT	184	def accounts(self):
a6dc0bad	185	return self.backend.accounts
940227cb MT	186
940227cb MT	187	@property
9068dba1 MT	188	def downloads(self):
	189	return self.backend.downloads
	190
66862195 MT	191	@property
	192	def fireinfo(self):
	193	return self.backend.fireinfo
	194
9068dba1 MT	195	@property
	196	def iuse(self):
	197	return self.backend.iuse
940227cb	198
b3250465 MT	199	@property
b3250465 MT	200	def memcached(self):
9068dba1	201	return self.backend.memcache
b3250465	202
940227cb MT	203	@property
940227cb MT	204	def mirrors(self):
9068dba1 MT	205	return self.backend.mirrors
	206
	207	@property
	208	def netboot(self):
	209	return self.backend.netboot
940227cb MT	210
	211	@property
	212	def news(self):
9068dba1	213	return self.backend.news
940227cb MT	214
	215	@property
	216	def config(self):
9068dba1	217	return self.backend.settings
940227cb MT	218
	219	@property
	220	def releases(self):
9068dba1	221	return self.backend.releases
940227cb MT	222
940227cb MT	223	@property
9068dba1 MT	224	def geoip(self):
9068dba1 MT	225	return self.backend.geoip
940227cb MT	226
940227cb MT	227	@property
66862195 MT	228	def talk(self):
66862195 MT	229	return self.backend.talk
940227cb MT	230
	231	@property
	232	def tracker(self):
9068dba1	233	return self.backend.tracker
bcc3ed4d MT	234
	235	@property
	236	def planet(self):
a6dc0bad	237	return self.backend.planet
7771acea MT	238
	239	@property
	240	def wishlist(self):
9068dba1	241	return self.backend.wishlist
66862195 MT	242
	243
	244	class LoginHandler(BaseHandler):
	245	def get(self):
	246	self.render("auth/login.html")
	247
	248	def post(self):
	249	username = self.get_argument("username")
	250	password = self.get_argument("password")
	251
	252	if not self.login(username, password):
	253	raise tornado.web.HTTPError(401)
	254
	255	next = self.get_argument("next", "/")
	256	return self.redirect(next)
	257
	258
	259	class LogoutHandler(BaseHandler):
	260	def get(self):
	261	self.logout()
	262
	263	# Get back to the start page
	264	self.redirect("/")