]>
git.ipfire.org Git - ipfire.org.git/blob - src/web/auth.py
8 class AuthenticationMixin(object):
9 def authenticate(self
, username
, password
):
11 account
= self
.backend
.accounts
.find_account(username
)
13 raise tornado
.web
.HTTPError(401, "Unknown user: %s" % username
)
16 if not account
.check_password(password
):
17 raise tornado
.web
.HTTPError(401, "Invalid password for %s" % account
)
19 return self
.login(account
)
21 def login(self
, account
):
22 # User has logged in, create a session
23 with self
.db
.transaction():
24 session_id
, session_expires
= self
.backend
.accounts
.create_session(
25 account
, self
.request
.host
)
27 # Check if a new session was created
29 raise tornado
.web
.HTTPError(500, "Could not create session")
31 # Send session cookie to the client
32 self
.set_cookie("session_id", session_id
,
33 domain
=self
.request
.host
, expires
=session_expires
)
36 session_id
= self
.get_cookie("session_id")
41 with self
.db
.transaction():
42 success
= self
.backend
.accounts
.destroy_session(session_id
, self
.request
.host
)
45 self
.clear_cookie("session_id")
48 class LoginHandler(AuthenticationMixin
, base
.BaseHandler
):
51 next
= self
.get_argument("next", None)
53 self
.render("auth/login.html", next
=next
)
57 username
= self
.get_argument("username")
58 password
= self
.get_argument("password")
60 with self
.db
.transaction():
61 self
.authenticate(username
, password
)
63 # Determine the page we should redirect to
64 next
= self
.get_argument("next", None)
66 return self
.redirect(next
or "/")
69 class LogoutHandler(AuthenticationMixin
, base
.BaseHandler
):
71 with self
.db
.transaction():
74 # Get back to the start page
78 class RegisterHandler(base
.BaseHandler
):
81 # Redirect logged in users away
85 self
.render("auth/register.html")
89 uid
= self
.get_argument("uid")
90 email
= self
.get_argument("email")
92 first_name
= self
.get_argument("first_name")
93 last_name
= self
.get_argument("last_name")
97 with self
.db
.transaction():
98 self
.backend
.accounts
.register(uid
, email
,
99 first_name
=first_name
, last_name
=last_name
)
100 except ValueError as e
:
101 raise tornado
.web
.HTTPError(400) from e
103 self
.render("auth/register-success.html")
106 class ActivateHandler(AuthenticationMixin
, base
.BaseHandler
):
107 def get(self
, uid
, activation_code
):
109 account
= self
.backend
.accounts
.get_by_uid(uid
)
111 raise tornado
.web
.HTTPError(400, "Account not found: %s" % uid
)
113 # Validate activation code
114 if not account
.check_password(activation_code
):
115 raise tornado
.web
.HTTPError(400, "Activation code did not match: %s" % activation_code
)
117 self
.render("auth/activate.html", account
=account
)
119 def post(self
, uid
, activation_code
):
120 password
= self
.get_argument("password1")
123 account
= self
.backend
.accounts
.get_by_uid(uid
)
125 raise tornado
.web
.HTTPError(404, "Account not found: %s" % uid
)
127 # Validate activation code
128 if not account
.check_password(activation_code
):
129 raise tornado
.web
.HTTPError(403, "Activation code did not match: %s" % activation_code
)
131 # Set the new password
132 account
.passwd(password
)
137 # Redirect to main page
141 class CacheMixin(object):
143 # Mark this as private when someone is logged in
144 if self
.current_user
:
145 self
.add_header("Cache-Control", "private")
147 self
.add_header("Vary", "Cookie")