2020-02-23 19:13:11 +00:00
|
|
|
from .template import WebpageController
|
2020-02-23 19:52:32 +00:00
|
|
|
from urllib.parse import parse_qs
|
2020-02-23 20:39:12 +00:00
|
|
|
from uuid import uuid4
|
|
|
|
from http.cookies import SimpleCookie
|
2020-02-23 18:23:18 +00:00
|
|
|
|
|
|
|
|
2020-02-23 20:39:12 +00:00
|
|
|
class SessionStorage(object):
|
|
|
|
sharedInstance = None
|
|
|
|
|
|
|
|
@staticmethod
|
|
|
|
def getSharedInstance():
|
|
|
|
if SessionStorage.sharedInstance is None:
|
|
|
|
SessionStorage.sharedInstance = SessionStorage()
|
|
|
|
return SessionStorage.sharedInstance
|
|
|
|
|
|
|
|
def __init__(self):
|
|
|
|
self.sessions = {}
|
|
|
|
|
|
|
|
def generateKey(self):
|
|
|
|
return str(uuid4())
|
|
|
|
|
|
|
|
def startSession(self, data):
|
|
|
|
key = self.generateKey()
|
|
|
|
self.updateSession(key, data)
|
|
|
|
return key
|
|
|
|
|
|
|
|
def getSession(self, key):
|
|
|
|
if key not in self.sessions:
|
|
|
|
return None
|
|
|
|
return self.sessions[key]
|
|
|
|
|
|
|
|
def updateSession(self, key, data):
|
|
|
|
self.sessions[key] = data
|
|
|
|
|
|
|
|
|
2020-02-23 19:13:11 +00:00
|
|
|
class SessionController(WebpageController):
|
2020-02-23 18:23:18 +00:00
|
|
|
def loginAction(self):
|
2020-02-23 19:13:11 +00:00
|
|
|
self.serve_template("login.html", **self.template_variables())
|
2020-02-23 18:23:18 +00:00
|
|
|
|
2020-02-23 19:25:36 +00:00
|
|
|
def processLoginAction(self):
|
2020-02-23 19:52:32 +00:00
|
|
|
data = parse_qs(self.get_body().decode("utf-8"))
|
|
|
|
data = {k: v[0] for k, v in data.items()}
|
|
|
|
if "user" in data and "password" in data:
|
|
|
|
# TODO actually check user and password
|
|
|
|
if data["user"] == "admin" and data["password"] == "password":
|
|
|
|
# TODO pass the final destination
|
2020-02-23 20:39:12 +00:00
|
|
|
key = SessionStorage.getSharedInstance().startSession({"user": data["user"]})
|
|
|
|
cookie = SimpleCookie()
|
2020-02-23 20:52:13 +00:00
|
|
|
cookie["owrx-session"] = key
|
2020-02-23 20:39:12 +00:00
|
|
|
self.send_redirect("/settings", cookies=cookie)
|
2020-02-23 19:52:32 +00:00
|
|
|
else:
|
|
|
|
self.send_redirect("/login")
|
|
|
|
else:
|
|
|
|
self.send_response("invalid request", code=400)
|
2020-02-23 19:25:36 +00:00
|
|
|
|
2020-02-23 18:23:18 +00:00
|
|
|
def logoutAction(self):
|
|
|
|
self.send_redirect("logout happening here")
|