webapp/handlers_base.py

   1 #!/usr/bin/python
   2
   3 from __future__ import division
   4
   5 import datetime
   6 import dateutil.parser
   7 import httplib
   8 import ipaddr
   9 import time
  10 import tornado.locale
  11 import tornado.web
  12
  13 import backend.util
  14
  15 class BaseHandler(tornado.web.RequestHandler):
  16         rss_url = None
  17
  18         def get_account(self, uid):
  19                 # Find the name of the author
  20                 return self.accounts.find(uid)
  21
  22         def get_user_locale(self):
  23                 # The planet is always in english.
  24                 if self.request.host == "planet.ipfire.org":
  25                         return tornado.locale.get("en_US")
  26
  27                 # Otherwise take the browser locale.
  28                 return self.get_browser_locale()
  29
  30         @property
  31         def render_args(self):
  32                 today = datetime.date.today()
  33
  34                 # Get the requested host and remove the development prefix
  35                 hostname = self.request.host.replace(".dev.", ".")
  36
  37                 return {
  38                         "format_size" : backend.util.format_size,
  39                         "format_time" : backend.util.format_time,
  40                         "hostname" : hostname,
  41                         "lang" : self.locale.code[:2],
  42                         "rss_url" : self.rss_url,
  43                         "year" : today.year,
  44                 }
  45
  46         def render(self, *args, **_kwargs):
  47                 kwargs = self.render_args
  48                 kwargs.update(_kwargs)
  49                 tornado.web.RequestHandler.render(self, *args, **kwargs)
  50
  51         def render_string(self, *args, **_kwargs):
  52                 kwargs = self.render_args
  53                 kwargs.update(_kwargs)
  54                 return tornado.web.RequestHandler.render_string(self, *args, **kwargs)
  55
  56         def write_error(self, status_code, **kwargs):
  57                 if status_code in (404, 500):
  58                         render_args = ({
  59                                 "code"      : status_code,
  60                                 "exception" : kwargs.get("exception", None),
  61                                 "message"   : httplib.responses[status_code],
  62                         })
  63                         self.render("error-%s.html" % status_code, **render_args)
  64                 else:
  65                         return tornado.web.RequestHandler.write_error(self, status_code, **kwargs)
  66
  67         def static_url(self, path, static=True):
  68                 ret = tornado.web.RequestHandler.static_url(self, path)
  69
  70                 if self.settings.get("debug", False):
  71                         return ret
  72
  73                 elif self.request.host == "admin.ipfire.org":
  74                         return ret
  75
  76                 elif static:
  77                         return "http://static.ipfire.org%s" % ret
  78
  79                 return ret
  80
  81         def get_remote_ip(self):
  82                 # Fix for clients behind a proxy that sends "X-Forwarded-For".
  83                 remote_ips = self.request.remote_ip.split(", ")
  84                 for remote_ip in remote_ips:
  85                         try:
  86                                 addr = ipaddr.IPAddress(remote_ip)
  87                         except ValueError:
  88                                 # Skip invalid IP addresses.
  89                                 continue
  90
  91                         # Check if the given IP address is from a
  92                         # private network.
  93                         if addr.is_private:
  94                                 continue
  95
  96                         return remote_ip
  97
  98         def get_remote_location(self):
  99                 if not hasattr(self, "__remote_location"):
 100                         remote_ip = self.get_remote_ip()
 101
 102                         self.__remote_location = self.geoip.get_location(remote_ip)
 103
 104                 return self.__remote_location
 105
 106         def get_argument_date(self, arg, *args, **kwargs):
 107                 value = self.get_argument(arg, *args, **kwargs)
 108                 if value is None:
 109                         return
 110
 111                 try:
 112                         return dateutil.parser.parse(value)
 113                 except ValueError:
 114                         raise tornado.web.HTTPError(400)
 115
 116         # Login stuff
 117
 118         def get_current_user(self):
 119                 session_id = self.get_cookie("session_id")
 120                 if not session_id:
 121                         return
 122
 123                 # Get account from the session object
 124                 account = self.backend.accounts.get_by_session(session_id, self.request.host)
 125
 126                 # If the account was not found or the session was not valid
 127                 # any more, we will remove the cookie.
 128                 if not account:
 129                         self.clear_cookie("session_id")
 130
 131                 return account
 132
 133         def login(self, username, password):
 134                 # Find account
 135                 account = self.backend.accounts.find_account(username)
 136                 if not account:
 137                         logging.warning(401, "unknown account: %s" % username)
 138                         return False
 139
 140                 # Check credentials
 141                 if not account.check_password(password):
 142                         logging.warning("invalid password for %s" % account)
 143                         return False
 144
 145                 # User has logged in, create a session
 146                 session_id, session_expires = self.backend.accounts.create_session(account,
 147                         self.request.host)
 148
 149                 # Check if a new session was created
 150                 if not session_id:
 151                         logging.warning("Could not create session")
 152                         return False
 153
 154                 # Send session cookie to the client
 155                 self.set_cookie("session_id", session_id,
 156                         domain=self.request.host, expires=session_expires)
 157
 158                 return True
 159
 160         def logout(self):
 161                 session_id = self.get_cookie("session_id")
 162
 163                 if not session_id:
 164                         return
 165
 166                 success = self.backend.accounts.destroy_session(session_id, self.request.host)
 167                 if success:
 168                         self.clear_cookie("session_id")
 169
 170         @property
 171         def backend(self):
 172                 return self.application.backend
 173
 174         @property
 175         def db(self):
 176                 return self.backend.db
 177
 178         @property
 179         def advertisements(self):
 180                 return self.backend.advertisements
 181
 182         @property
 183         def accounts(self):
 184                 return self.backend.accounts
 185
 186         @property
 187         def downloads(self):
 188                 return self.backend.downloads
 189
 190         @property
 191         def fireinfo(self):
 192                 return self.backend.fireinfo
 193
 194         @property
 195         def iuse(self):
 196                 return self.backend.iuse
 197
 198         @property
 199         def memcached(self):
 200                 return self.backend.memcache
 201
 202         @property
 203         def mirrors(self):
 204                 return self.backend.mirrors
 205
 206         @property
 207         def netboot(self):
 208                 return self.backend.netboot
 209
 210         @property
 211         def news(self):
 212                 return self.backend.news
 213
 214         @property
 215         def config(self):
 216                 return self.backend.settings
 217
 218         @property
 219         def releases(self):
 220                 return self.backend.releases
 221
 222         @property
 223         def geoip(self):
 224                 return self.backend.geoip
 225
 226         @property
 227         def talk(self):
 228                 return self.backend.talk
 229
 230         @property
 231         def tracker(self):
 232                 return self.backend.tracker
 233
 234         @property
 235         def planet(self):
 236                 return self.backend.planet
 237
 238         @property
 239         def wishlist(self):
 240                 return self.backend.wishlist
 241
 242
 243 class LoginHandler(BaseHandler):
 244         def get(self):
 245                 self.render("auth/login.html")
 246
 247         def post(self):
 248                 username = self.get_argument("username")
 249                 password = self.get_argument("password")
 250
 251                 if not self.login(username, password):
 252                         raise tornado.web.HTTPError(401)
 253
 254                 next = self.get_argument("next", "/")
 255                 return self.redirect(next)
 256
 257
 258 class LogoutHandler(BaseHandler):
 259         def get(self):
 260                 self.logout()
 261
 262                 # Get back to the start page
 263                 self.redirect("/")