parse login data

2020-02-23 20:52:32 +01:00 · 2020-02-23 20:52:32 +01:00 · a70c51193b
commit a70c51193b
parent fa75cac7f5
3 changed files with 26 additions and 4 deletions
--- a/htdocs/login.html
+++ b/htdocs/login.html
@ -13,11 +13,11 @@
        <form method="POST">
            <div class="form-group">
                <label for="user">Username</label>
-                <input type="text" class="form-control" id="user" placeholder="Username">
+                <input type="text" class="form-control" id="user" name="user" placeholder="Username">
            </div>
            <div class="form-group">
                <label for="password">Password</label>
-                <input type="password" class="form-control" id="password" placeholder="Password">
+                <input type="password" class="form-control" id="password" name="password" placeholder="Password">
            </div>
            <button type="submit" class="btn btn-login">Login</button>
        </form>
--- a/owrx/controllers/init.py
+++ b/owrx/controllers/init.py
@ -20,11 +20,17 @@ class Controller(object):
            content = content.encode()
        self.handler.wfile.write(content)

-    def send_redirect(self, location, code=303):
+    def send_redirect(self, location, code=303, cookies=[]):
        self.handler.send_response(code)
        self.handler.send_header("Location", location)
        self.handler.end_headers()

+    def get_body(self):
+        if "Content-Length" not in self.handler.headers:
+            return None
+        length = int(self.handler.headers["Content-Length"])
+        return self.handler.rfile.read(length)
+
    def handle_request(self):
        action = "indexAction"
        if "action" in self.options:
--- a/owrx/controllers/session.py
+++ b/owrx/controllers/session.py
@ -1,4 +1,8 @@
 from .template import WebpageController
+from urllib.parse import parse_qs
+import logging
+
+logger = logging.getLogger(__name__)


 class SessionController(WebpageController):
@ -6,7 +10,19 @@ class SessionController(WebpageController):
        self.serve_template("login.html", **self.template_variables())

    def processLoginAction(self):
-        self.send_redirect("/")
+        data = parse_qs(self.get_body().decode("utf-8"))
+        data = {k: v[0] for k, v in data.items()}
+        logger.debug(data)
+        if "user" in data and "password" in data:
+            # TODO actually check user and password
+            if data["user"] == "admin" and data["password"] == "password":
+                # TODO pass the final destination
+                # TODO actual session cookie
+                self.send_redirect("/settings", cookies=["session-cookie"])
+            else:
+                self.send_redirect("/login")
+        else:
+            self.send_response("invalid request", code=400)

    def logoutAction(self):
        self.send_redirect("logout happening here")