openwebrx-clone/owrx/controllers/session.py

61 lines
2.0 KiB
Python
Raw Normal View History

2020-02-23 19:13:11 +00:00
from .template import WebpageController
from urllib.parse import parse_qs, urlencode
2020-02-23 20:39:12 +00:00
from uuid import uuid4
from http.cookies import SimpleCookie
2020-04-01 20:29:42 +00:00
from owrx.users import UserList
2020-02-23 18:23:18 +00:00
2020-02-23 20:39:12 +00:00
class SessionStorage(object):
sharedInstance = None
@staticmethod
def getSharedInstance():
if SessionStorage.sharedInstance is None:
SessionStorage.sharedInstance = SessionStorage()
return SessionStorage.sharedInstance
def __init__(self):
self.sessions = {}
def generateKey(self):
return str(uuid4())
def startSession(self, data):
key = self.generateKey()
self.updateSession(key, data)
return key
def getSession(self, key):
if key not in self.sessions:
return None
return self.sessions[key]
def updateSession(self, key, data):
self.sessions[key] = data
2020-02-23 19:13:11 +00:00
class SessionController(WebpageController):
2020-02-23 18:23:18 +00:00
def loginAction(self):
2020-02-23 19:13:11 +00:00
self.serve_template("login.html", **self.template_variables())
2020-02-23 18:23:18 +00:00
2020-02-23 19:25:36 +00:00
def processLoginAction(self):
2020-02-23 19:52:32 +00:00
data = parse_qs(self.get_body().decode("utf-8"))
data = {k: v[0] for k, v in data.items()}
2020-04-01 20:29:42 +00:00
userlist = UserList.getSharedInstance()
2020-02-23 19:52:32 +00:00
if "user" in data and "password" in data:
2020-04-01 20:29:42 +00:00
if data["user"] in userlist:
user = userlist[data["user"]]
2021-02-08 16:04:55 +00:00
if user.is_enabled() and user.password.is_valid(data["password"]):
2020-04-01 20:29:42 +00:00
key = SessionStorage.getSharedInstance().startSession({"user": user.name})
cookie = SimpleCookie()
cookie["owrx-session"] = key
2020-04-25 23:54:48 +00:00
target = self.request.query["ref"][0] if "ref" in self.request.query else "/settings"
if user.must_change_password:
target = "/pwchange?{0}".format(urlencode({"ref": target}))
2020-04-25 23:54:48 +00:00
self.send_redirect(target, cookies=cookie)
2020-04-01 20:29:42 +00:00
return
self.send_redirect("/login")
2020-02-23 19:25:36 +00:00
2020-02-23 18:23:18 +00:00
def logoutAction(self):
self.send_redirect("logout happening here")