]>
git.ipfire.org Git - ipfire.org.git/blob - src/web/auth.py
8 class AuthenticationMixin(object):
9 def login(self
, username
, password
):
11 account
= self
.backend
.accounts
.find_account(username
)
13 raise tornado
.web
.HTTPError(401, "Unknown user: %s" % username
)
16 if not account
.check_password(password
):
17 raise tornado
.web
.HTTPError(401, "Invalid password for %s" % account
)
19 # User has logged in, create a session
20 session_id
, session_expires
= self
.backend
.accounts
.create_session(
21 account
, self
.request
.host
)
23 # Check if a new session was created
25 raise tornado
.web
.HTTPError(500, "Could not create session")
27 # Send session cookie to the client
28 self
.set_cookie("session_id", session_id
,
29 domain
=self
.request
.host
, expires
=session_expires
)
32 session_id
= self
.get_cookie("session_id")
36 success
= self
.backend
.accounts
.destroy_session(session_id
, self
.request
.host
)
38 self
.clear_cookie("session_id")
41 class LoginHandler(AuthenticationMixin
, base
.BaseHandler
):
44 next
= self
.get_argument("next", None)
46 self
.render("auth/login.html", next
=next
)
50 username
= self
.get_argument("username")
51 password
= self
.get_argument("password")
53 with self
.db
.transaction():
54 self
.login(username
, password
)
56 # Determine the page we should redirect to
57 next
= self
.get_argument("next", None)
59 return self
.redirect(next
or "/")
62 class LogoutHandler(AuthenticationMixin
, base
.BaseHandler
):
64 with self
.db
.transaction():
67 # Get back to the start page
71 class RegisterHandler(base
.BaseHandler
):
74 self
.render("auth/register.html")
78 uid
= self
.get_argument("uid")
79 email
= self
.get_argument("email")
81 first_name
= self
.get_argument("first_name")
82 last_name
= self
.get_argument("last_name")
85 with self
.db
.transaction():
86 self
.backend
.accounts
.create(uid
, email
,
87 first_name
=first_name
, last_name
=last_name
)
89 self
.render("auth/register-success.html")
92 class CacheMixin(object):
94 # Mark this as private when someone is logged in
96 self
.add_header("Cache-Control", "private")
98 self
.add_header("Vary", "Cookie")