webapp/handlers_base.py

   1 #!/usr/bin/python
   2
   3 from __future__ import division
   4
   5 import datetime
   6 import dateutil.parser
   7 import httplib
   8 import ipaddr
   9 import logging
  10 import time
  11 import tornado.locale
  12 import tornado.web
  13
  14 import backend.util
  15
  16 class BaseHandler(tornado.web.RequestHandler):
  17         rss_url = None
  18
  19         def get_account(self, uid):
  20                 # Find the name of the author
  21                 return self.accounts.find(uid)
  22
  23         def get_user_locale(self):
  24                 # The planet is always in english.
  25                 if self.hostname == "planet.ipfire.org":
  26                         return tornado.locale.get("en_US")
  27
  28                 # Otherwise take the browser locale.
  29                 return self.get_browser_locale()
  30
  31         @property
  32         def hostname(self):
  33                 # Remove the development prefix
  34                 return self.request.host.replace(".dev.", ".")
  35
  36         @property
  37         def render_args(self):
  38                 today = datetime.date.today()
  39
  40                 return {
  41                         "format_size" : backend.util.format_size,
  42                         "format_time" : backend.util.format_time,
  43                         "hostname" : self.hostname,
  44                         "lang" : self.locale.code[:2],
  45                         "rss_url" : self.rss_url,
  46                         "year" : today.year,
  47                 }
  48
  49         def render(self, *args, **_kwargs):
  50                 kwargs = self.render_args
  51                 kwargs.update(_kwargs)
  52                 tornado.web.RequestHandler.render(self, *args, **kwargs)
  53
  54         def render_string(self, *args, **_kwargs):
  55                 kwargs = self.render_args
  56                 kwargs.update(_kwargs)
  57                 return tornado.web.RequestHandler.render_string(self, *args, **kwargs)
  58
  59         def write_error(self, status_code, **kwargs):
  60                 if status_code in (404, 500):
  61                         render_args = ({
  62                                 "code"      : status_code,
  63                                 "exception" : kwargs.get("exception", None),
  64                                 "message"   : httplib.responses[status_code],
  65                         })
  66                         self.render("error-%s.html" % status_code, **render_args)
  67                 else:
  68                         return tornado.web.RequestHandler.write_error(self, status_code, **kwargs)
  69
  70         def static_url(self, path, static=True):
  71                 ret = tornado.web.RequestHandler.static_url(self, path)
  72
  73                 if self.settings.get("debug", False):
  74                         return ret
  75
  76                 elif self.request.host == "admin.ipfire.org":
  77                         return ret
  78
  79                 elif static:
  80                         return "http://static.ipfire.org%s" % ret
  81
  82                 return ret
  83
  84         def get_remote_ip(self):
  85                 # Fix for clients behind a proxy that sends "X-Forwarded-For".
  86                 remote_ips = self.request.remote_ip.split(", ")
  87
  88                 for remote_ip in remote_ips:
  89                         try:
  90                                 addr = ipaddr.IPAddress(remote_ip)
  91                         except ValueError:
  92                                 # Skip invalid IP addresses.
  93                                 continue
  94
  95                         # Check if the given IP address is from a
  96                         # private network.
  97                         if addr.is_private:
  98                                 continue
  99
 100                         return remote_ip
 101
 102                 # Return the last IP if nothing else worked
 103                 return remote_ips.pop()
 104
 105         def get_remote_location(self):
 106                 if not hasattr(self, "__remote_location"):
 107                         remote_ip = self.get_remote_ip()
 108
 109                         self.__remote_location = self.geoip.get_location(remote_ip)
 110
 111                 return self.__remote_location
 112
 113         def get_argument_date(self, arg, *args, **kwargs):
 114                 value = self.get_argument(arg, *args, **kwargs)
 115                 if value is None:
 116                         return
 117
 118                 try:
 119                         return dateutil.parser.parse(value)
 120                 except ValueError:
 121                         raise tornado.web.HTTPError(400)
 122
 123         # Login stuff
 124
 125         def get_current_user(self):
 126                 session_id = self.get_cookie("session_id")
 127                 if not session_id:
 128                         return
 129
 130                 # Get account from the session object
 131                 account = self.backend.accounts.get_by_session(session_id, self.request.host)
 132
 133                 # If the account was not found or the session was not valid
 134                 # any more, we will remove the cookie.
 135                 if not account:
 136                         self.clear_cookie("session_id")
 137
 138                 return account
 139
 140         def login(self, username, password):
 141                 # Find account
 142                 account = self.backend.accounts.find_account(username)
 143                 if not account:
 144                         logging.warning(401, "unknown account: %s" % username)
 145                         return False
 146
 147                 # Check credentials
 148                 if not account.check_password(password):
 149                         logging.warning("invalid password for %s" % account)
 150                         return False
 151
 152                 # User has logged in, create a session
 153                 session_id, session_expires = self.backend.accounts.create_session(account,
 154                         self.request.host)
 155
 156                 # Check if a new session was created
 157                 if not session_id:
 158                         logging.warning("Could not create session")
 159                         return False
 160
 161                 # Send session cookie to the client
 162                 self.set_cookie("session_id", session_id,
 163                         domain=self.request.host, expires=session_expires)
 164
 165                 return True
 166
 167         def logout(self):
 168                 session_id = self.get_cookie("session_id")
 169
 170                 if not session_id:
 171                         return
 172
 173                 success = self.backend.accounts.destroy_session(session_id, self.request.host)
 174                 if success:
 175                         self.clear_cookie("session_id")
 176
 177         @property
 178         def backend(self):
 179                 return self.application.backend
 180
 181         @property
 182         def db(self):
 183                 return self.backend.db
 184
 185         @property
 186         def advertisements(self):
 187                 return self.backend.advertisements
 188
 189         @property
 190         def accounts(self):
 191                 return self.backend.accounts
 192
 193         @property
 194         def downloads(self):
 195                 return self.backend.downloads
 196
 197         @property
 198         def fireinfo(self):
 199                 return self.backend.fireinfo
 200
 201         @property
 202         def iuse(self):
 203                 return self.backend.iuse
 204
 205         @property
 206         def memcached(self):
 207                 return self.backend.memcache
 208
 209         @property
 210         def mirrors(self):
 211                 return self.backend.mirrors
 212
 213         @property
 214         def netboot(self):
 215                 return self.backend.netboot
 216
 217         @property
 218         def news(self):
 219                 return self.backend.news
 220
 221         @property
 222         def config(self):
 223                 return self.backend.settings
 224
 225         @property
 226         def releases(self):
 227                 return self.backend.releases
 228
 229         @property
 230         def geoip(self):
 231                 return self.backend.geoip
 232
 233         @property
 234         def talk(self):
 235                 return self.backend.talk
 236
 237         @property
 238         def tracker(self):
 239                 return self.backend.tracker
 240
 241         @property
 242         def planet(self):
 243                 return self.backend.planet
 244
 245         @property
 246         def wishlist(self):
 247                 return self.backend.wishlist
 248
 249
 250 class LoginHandler(BaseHandler):
 251         def get(self):
 252                 self.render("auth/login.html")
 253
 254         def post(self):
 255                 username = self.get_argument("username")
 256                 password = self.get_argument("password")
 257
 258                 if not self.login(username, password):
 259                         raise tornado.web.HTTPError(401)
 260
 261                 next = self.get_argument("next", "/")
 262                 return self.redirect(next)
 263
 264
 265 class LogoutHandler(BaseHandler):
 266         def get(self):
 267                 self.logout()
 268
 269                 # Get back to the start page
 270                 self.redirect("/")