openwebrx-clone/owrx/controllers/session.py

from .template import WebpageController
from urllib.parse import parse_qs
from uuid import uuid4
from http.cookies import SimpleCookie
from owrx.users import UserList


class SessionStorage(object):
    sharedInstance = None

    @staticmethod
    def getSharedInstance():
        if SessionStorage.sharedInstance is None:
            SessionStorage.sharedInstance = SessionStorage()
        return SessionStorage.sharedInstance

    def __init__(self):
        self.sessions = {}

    def generateKey(self):
        return str(uuid4())

    def startSession(self, data):
        key = self.generateKey()
        self.updateSession(key, data)
        return key

    def getSession(self, key):
        if key not in self.sessions:
            return None
        return self.sessions[key]

    def updateSession(self, key, data):
        self.sessions[key] = data


class SessionController(WebpageController):
    def loginAction(self):
        self.serve_template("login.html", **self.template_variables())

    def processLoginAction(self):
        data = parse_qs(self.get_body().decode("utf-8"))
        data = {k: v[0] for k, v in data.items()}
        userlist = UserList.getSharedInstance()
        if "user" in data and "password" in data:
            if data["user"] in userlist:
                user = userlist[data["user"]]
                if user.password.is_valid(data["password"]):
                    # TODO evaluate password force_change and redirect to password change
                    key = SessionStorage.getSharedInstance().startSession({"user": user.name})
                    cookie = SimpleCookie()
                    cookie["owrx-session"] = key
                    target = self.request.query["ref"][0] if "ref" in self.request.query else "/settings"
                    self.send_redirect(target, cookies=cookie)
                    return
        self.send_redirect("/login")

    def logoutAction(self):
        self.send_redirect("logout happening here")
add templating 2020-02-23 19:13:11 +00:00			`from .template import WebpageController`
parse login data 2020-02-23 19:52:32 +00:00			`from urllib.parse import parse_qs`
generate session cookie 2020-02-23 20:39:12 +00:00			`from uuid import uuid4`
			`from http.cookies import SimpleCookie`
add first user storage implementation 2020-04-01 20:29:42 +00:00			`from owrx.users import UserList`
prepare route protection 2020-02-23 18:23:18 +00:00

generate session cookie 2020-02-23 20:39:12 +00:00			`class SessionStorage(object):`
			`sharedInstance = None`

			`@staticmethod`
			`def getSharedInstance():`
			`if SessionStorage.sharedInstance is None:`
			`SessionStorage.sharedInstance = SessionStorage()`
			`return SessionStorage.sharedInstance`

			`def __init__(self):`
			`self.sessions = {}`

			`def generateKey(self):`
			`return str(uuid4())`

			`def startSession(self, data):`
			`key = self.generateKey()`
			`self.updateSession(key, data)`
			`return key`

			`def getSession(self, key):`
			`if key not in self.sessions:`
			`return None`
			`return self.sessions[key]`

			`def updateSession(self, key, data):`
			`self.sessions[key] = data`


add templating 2020-02-23 19:13:11 +00:00			`class SessionController(WebpageController):`
prepare route protection 2020-02-23 18:23:18 +00:00			`def loginAction(self):`
add templating 2020-02-23 19:13:11 +00:00			`self.serve_template("login.html", **self.template_variables())`
prepare route protection 2020-02-23 18:23:18 +00:00
post login data 2020-02-23 19:25:36 +00:00			`def processLoginAction(self):`
parse login data 2020-02-23 19:52:32 +00:00			`data = parse_qs(self.get_body().decode("utf-8"))`
			`data = {k: v[0] for k, v in data.items()}`
add first user storage implementation 2020-04-01 20:29:42 +00:00			`userlist = UserList.getSharedInstance()`
parse login data 2020-02-23 19:52:32 +00:00			`if "user" in data and "password" in data:`
add first user storage implementation 2020-04-01 20:29:42 +00:00			`if data["user"] in userlist:`
			`user = userlist[data["user"]]`
			`if user.password.is_valid(data["password"]):`
drop another todo 2020-04-01 20:39:32 +00:00			`# TODO evaluate password force_change and redirect to password change`
add first user storage implementation 2020-04-01 20:29:42 +00:00			`key = SessionStorage.getSharedInstance().startSession({"user": user.name})`
			`cookie = SimpleCookie()`
			`cookie["owrx-session"] = key`
implement redirect on login 2020-04-25 23:54:48 +00:00			`target = self.request.query["ref"][0] if "ref" in self.request.query else "/settings"`
			`self.send_redirect(target, cookies=cookie)`
add first user storage implementation 2020-04-01 20:29:42 +00:00			`return`
			`self.send_redirect("/login")`
post login data 2020-02-23 19:25:36 +00:00
prepare route protection 2020-02-23 18:23:18 +00:00			`def logoutAction(self):`
			`self.send_redirect("logout happening here")`