webapp/handlers_base.py

   1 #!/usr/bin/python
   2
   3 from __future__ import division
   4
   5 import datetime
   6 import dateutil.parser
   7 import httplib
   8 import ipaddr
   9 import logging
  10 import time
  11 import tornado.locale
  12 import tornado.web
  13
  14 import backend.util
  15
  16 class BaseHandler(tornado.web.RequestHandler):
  17         rss_url = None
  18
  19         def get_account(self, uid):
  20                 # Find the name of the author
  21                 return self.accounts.find(uid)
  22
  23         def get_user_locale(self):
  24                 # The planet is always in english.
  25                 if self.request.host == "planet.ipfire.org":
  26                         return tornado.locale.get("en_US")
  27
  28                 # Otherwise take the browser locale.
  29                 return self.get_browser_locale()
  30
  31         @property
  32         def render_args(self):
  33                 today = datetime.date.today()
  34
  35                 # Get the requested host and remove the development prefix
  36                 hostname = self.request.host.replace(".dev.", ".")
  37
  38                 return {
  39                         "format_size" : backend.util.format_size,
  40                         "format_time" : backend.util.format_time,
  41                         "hostname" : hostname,
  42                         "lang" : self.locale.code[:2],
  43                         "rss_url" : self.rss_url,
  44                         "year" : today.year,
  45                 }
  46
  47         def render(self, *args, **_kwargs):
  48                 kwargs = self.render_args
  49                 kwargs.update(_kwargs)
  50                 tornado.web.RequestHandler.render(self, *args, **kwargs)
  51
  52         def render_string(self, *args, **_kwargs):
  53                 kwargs = self.render_args
  54                 kwargs.update(_kwargs)
  55                 return tornado.web.RequestHandler.render_string(self, *args, **kwargs)
  56
  57         def write_error(self, status_code, **kwargs):
  58                 if status_code in (404, 500):
  59                         render_args = ({
  60                                 "code"      : status_code,
  61                                 "exception" : kwargs.get("exception", None),
  62                                 "message"   : httplib.responses[status_code],
  63                         })
  64                         self.render("error-%s.html" % status_code, **render_args)
  65                 else:
  66                         return tornado.web.RequestHandler.write_error(self, status_code, **kwargs)
  67
  68         def static_url(self, path, static=True):
  69                 ret = tornado.web.RequestHandler.static_url(self, path)
  70
  71                 if self.settings.get("debug", False):
  72                         return ret
  73
  74                 elif self.request.host == "admin.ipfire.org":
  75                         return ret
  76
  77                 elif static:
  78                         return "http://static.ipfire.org%s" % ret
  79
  80                 return ret
  81
  82         def get_remote_ip(self):
  83                 # Fix for clients behind a proxy that sends "X-Forwarded-For".
  84                 remote_ips = self.request.remote_ip.split(", ")
  85                 for remote_ip in remote_ips:
  86                         try:
  87                                 addr = ipaddr.IPAddress(remote_ip)
  88                         except ValueError:
  89                                 # Skip invalid IP addresses.
  90                                 continue
  91
  92                         # Check if the given IP address is from a
  93                         # private network.
  94                         if addr.is_private:
  95                                 continue
  96
  97                         return remote_ip
  98
  99         def get_remote_location(self):
 100                 if not hasattr(self, "__remote_location"):
 101                         remote_ip = self.get_remote_ip()
 102
 103                         self.__remote_location = self.geoip.get_location(remote_ip)
 104
 105                 return self.__remote_location
 106
 107         def get_argument_date(self, arg, *args, **kwargs):
 108                 value = self.get_argument(arg, *args, **kwargs)
 109                 if value is None:
 110                         return
 111
 112                 try:
 113                         return dateutil.parser.parse(value)
 114                 except ValueError:
 115                         raise tornado.web.HTTPError(400)
 116
 117         # Login stuff
 118
 119         def get_current_user(self):
 120                 session_id = self.get_cookie("session_id")
 121                 if not session_id:
 122                         return
 123
 124                 # Get account from the session object
 125                 account = self.backend.accounts.get_by_session(session_id, self.request.host)
 126
 127                 # If the account was not found or the session was not valid
 128                 # any more, we will remove the cookie.
 129                 if not account:
 130                         self.clear_cookie("session_id")
 131
 132                 return account
 133
 134         def login(self, username, password):
 135                 # Find account
 136                 account = self.backend.accounts.find_account(username)
 137                 if not account:
 138                         logging.warning(401, "unknown account: %s" % username)
 139                         return False
 140
 141                 # Check credentials
 142                 if not account.check_password(password):
 143                         logging.warning("invalid password for %s" % account)
 144                         return False
 145
 146                 # User has logged in, create a session
 147                 session_id, session_expires = self.backend.accounts.create_session(account,
 148                         self.request.host)
 149
 150                 # Check if a new session was created
 151                 if not session_id:
 152                         logging.warning("Could not create session")
 153                         return False
 154
 155                 # Send session cookie to the client
 156                 self.set_cookie("session_id", session_id,
 157                         domain=self.request.host, expires=session_expires)
 158
 159                 return True
 160
 161         def logout(self):
 162                 session_id = self.get_cookie("session_id")
 163
 164                 if not session_id:
 165                         return
 166
 167                 success = self.backend.accounts.destroy_session(session_id, self.request.host)
 168                 if success:
 169                         self.clear_cookie("session_id")
 170
 171         @property
 172         def backend(self):
 173                 return self.application.backend
 174
 175         @property
 176         def db(self):
 177                 return self.backend.db
 178
 179         @property
 180         def advertisements(self):
 181                 return self.backend.advertisements
 182
 183         @property
 184         def accounts(self):
 185                 return self.backend.accounts
 186
 187         @property
 188         def downloads(self):
 189                 return self.backend.downloads
 190
 191         @property
 192         def fireinfo(self):
 193                 return self.backend.fireinfo
 194
 195         @property
 196         def iuse(self):
 197                 return self.backend.iuse
 198
 199         @property
 200         def memcached(self):
 201                 return self.backend.memcache
 202
 203         @property
 204         def mirrors(self):
 205                 return self.backend.mirrors
 206
 207         @property
 208         def netboot(self):
 209                 return self.backend.netboot
 210
 211         @property
 212         def news(self):
 213                 return self.backend.news
 214
 215         @property
 216         def config(self):
 217                 return self.backend.settings
 218
 219         @property
 220         def releases(self):
 221                 return self.backend.releases
 222
 223         @property
 224         def geoip(self):
 225                 return self.backend.geoip
 226
 227         @property
 228         def talk(self):
 229                 return self.backend.talk
 230
 231         @property
 232         def tracker(self):
 233                 return self.backend.tracker
 234
 235         @property
 236         def planet(self):
 237                 return self.backend.planet
 238
 239         @property
 240         def wishlist(self):
 241                 return self.backend.wishlist
 242
 243
 244 class LoginHandler(BaseHandler):
 245         def get(self):
 246                 self.render("auth/login.html")
 247
 248         def post(self):
 249                 username = self.get_argument("username")
 250                 password = self.get_argument("password")
 251
 252                 if not self.login(username, password):
 253                         raise tornado.web.HTTPError(401)
 254
 255                 next = self.get_argument("next", "/")
 256                 return self.redirect(next)
 257
 258
 259 class LogoutHandler(BaseHandler):
 260         def get(self):
 261                 self.logout()
 262
 263                 # Get back to the start page
 264                 self.redirect("/")