openwebrx-clone/owrx/controllers/session.py

80 lines
2.7 KiB
Python
Raw Permalink Normal View History

2021-05-03 21:22:28 +00:00
from owrx.controllers.template import WebpageController
from urllib.parse import parse_qs, urlencode
2020-02-23 20:39:12 +00:00
from uuid import uuid4
from http.cookies import SimpleCookie
2020-04-01 20:29:42 +00:00
from owrx.users import UserList
2021-05-03 21:07:27 +00:00
from datetime import datetime, timedelta
import logging
logger = logging.getLogger(__name__)
2020-02-23 18:23:18 +00:00
2020-02-23 20:39:12 +00:00
class SessionStorage(object):
sharedInstance = None
2021-05-03 21:07:27 +00:00
sessionLifetime = timedelta(hours=6)
2020-02-23 20:39:12 +00:00
@staticmethod
def getSharedInstance():
if SessionStorage.sharedInstance is None:
SessionStorage.sharedInstance = SessionStorage()
return SessionStorage.sharedInstance
def __init__(self):
self.sessions = {}
def generateKey(self):
return str(uuid4())
def startSession(self, data):
key = self.generateKey()
self.updateSession(key, data)
return key
def getSession(self, key):
if key not in self.sessions:
return None
2021-05-03 21:07:27 +00:00
expires, data = self.sessions[key]
if expires < datetime.utcnow():
del self.sessions[key]
return None
return data
2020-02-23 20:39:12 +00:00
def updateSession(self, key, data):
2021-05-03 21:07:27 +00:00
expires = datetime.utcnow() + SessionStorage.sessionLifetime
self.sessions[key] = expires, data
def prolongSession(self, key):
data = self.getSession(key)
if data is None:
raise KeyError("Invalid session key")
self.updateSession(key, data)
2020-02-23 20:39:12 +00:00
2020-02-23 19:13:11 +00:00
class SessionController(WebpageController):
2020-02-23 18:23:18 +00:00
def loginAction(self):
2020-02-23 19:13:11 +00:00
self.serve_template("login.html", **self.template_variables())
2020-02-23 18:23:18 +00:00
2020-02-23 19:25:36 +00:00
def processLoginAction(self):
2020-02-23 19:52:32 +00:00
data = parse_qs(self.get_body().decode("utf-8"))
data = {k: v[0] for k, v in data.items()}
2020-04-01 20:29:42 +00:00
userlist = UserList.getSharedInstance()
2020-02-23 19:52:32 +00:00
if "user" in data and "password" in data:
2020-04-01 20:29:42 +00:00
if data["user"] in userlist:
user = userlist[data["user"]]
2021-02-08 16:04:55 +00:00
if user.is_enabled() and user.password.is_valid(data["password"]):
2020-04-01 20:29:42 +00:00
key = SessionStorage.getSharedInstance().startSession({"user": user.name})
cookie = SimpleCookie()
cookie["owrx-session"] = key
2020-04-25 23:54:48 +00:00
target = self.request.query["ref"][0] if "ref" in self.request.query else "/settings"
if user.must_change_password:
target = "/pwchange?{0}".format(urlencode({"ref": target}))
2021-05-03 21:07:27 +00:00
self.set_response_cookies(cookie)
self.send_redirect(target)
2020-04-01 20:29:42 +00:00
return
target = "{}login?{}".format(self.get_document_root(), urlencode({"ref": self.request.query["ref"][0]}))
self.send_redirect(target)
2020-02-23 19:25:36 +00:00
2020-02-23 18:23:18 +00:00
def logoutAction(self):
self.send_redirect("logout happening here")