2020-02-23 20:52:13 +00:00
|
|
|
from .session import SessionStorage
|
2020-04-01 19:39:53 +00:00
|
|
|
from owrx.config import Config
|
2021-02-08 16:09:22 +00:00
|
|
|
from owrx.users import UserList
|
2020-04-25 23:54:48 +00:00
|
|
|
from urllib import parse
|
|
|
|
|
|
|
|
import logging
|
|
|
|
|
|
|
|
logger = logging.getLogger(__name__)
|
2020-02-23 18:23:18 +00:00
|
|
|
|
|
|
|
|
|
|
|
class Authentication(object):
|
2021-02-08 17:30:54 +00:00
|
|
|
def getUser(self, request):
|
2021-02-08 16:09:22 +00:00
|
|
|
if "owrx-session" not in request.cookies:
|
2021-02-08 17:30:54 +00:00
|
|
|
return None
|
2021-02-08 16:09:22 +00:00
|
|
|
session = SessionStorage.getSharedInstance().getSession(request.cookies["owrx-session"].value)
|
|
|
|
if session is None:
|
2021-02-08 17:30:54 +00:00
|
|
|
return None
|
2021-02-08 16:09:22 +00:00
|
|
|
if "user" not in session:
|
2021-02-08 17:30:54 +00:00
|
|
|
return None
|
2021-02-08 16:09:22 +00:00
|
|
|
userList = UserList.getSharedInstance()
|
|
|
|
try:
|
2021-02-08 17:30:54 +00:00
|
|
|
return userList[session["user"]]
|
2021-02-08 16:09:22 +00:00
|
|
|
except KeyError:
|
2021-02-08 17:30:54 +00:00
|
|
|
return None
|
2020-02-23 18:23:18 +00:00
|
|
|
|
|
|
|
|
2021-02-10 19:21:45 +00:00
|
|
|
class AuthorizationMixin(object):
|
2020-02-23 18:23:18 +00:00
|
|
|
def __init__(self, handler, request, options):
|
|
|
|
self.authentication = Authentication()
|
2021-02-08 17:30:54 +00:00
|
|
|
self.user = self.authentication.getUser(request)
|
2020-02-23 18:23:18 +00:00
|
|
|
super().__init__(handler, request, options)
|
|
|
|
|
2021-02-08 17:30:54 +00:00
|
|
|
def isAuthorized(self):
|
|
|
|
return self.user is not None and self.user.is_enabled() and not self.user.must_change_password
|
|
|
|
|
2020-02-23 18:23:18 +00:00
|
|
|
def handle_request(self):
|
2020-04-01 19:39:53 +00:00
|
|
|
config = Config.get()
|
2020-04-25 18:55:33 +00:00
|
|
|
if "webadmin_enabled" not in config or not config["webadmin_enabled"]:
|
2020-04-01 19:39:53 +00:00
|
|
|
self.send_response("Web Admin is disabled", code=403)
|
|
|
|
return
|
2021-02-08 17:30:54 +00:00
|
|
|
if self.isAuthorized():
|
2020-02-23 18:23:18 +00:00
|
|
|
super().handle_request()
|
|
|
|
else:
|
2020-04-25 23:54:48 +00:00
|
|
|
target = "/login?{0}".format(parse.urlencode({"ref": self.request.path}))
|
|
|
|
self.send_redirect(target)
|