thoroughly validate user
This commit is contained in:
parent
2c6b0e3d30
commit
d9578cc5f4
@ -1,6 +1,7 @@
|
|||||||
from .template import WebpageController
|
from .template import WebpageController
|
||||||
from .session import SessionStorage
|
from .session import SessionStorage
|
||||||
from owrx.config import Config
|
from owrx.config import Config
|
||||||
|
from owrx.users import UserList
|
||||||
from urllib import parse
|
from urllib import parse
|
||||||
|
|
||||||
import logging
|
import logging
|
||||||
@ -10,9 +11,18 @@ logger = logging.getLogger(__name__)
|
|||||||
|
|
||||||
class Authentication(object):
|
class Authentication(object):
|
||||||
def isAuthenticated(self, request):
|
def isAuthenticated(self, request):
|
||||||
if "owrx-session" in request.cookies:
|
if "owrx-session" not in request.cookies:
|
||||||
|
return False
|
||||||
session = SessionStorage.getSharedInstance().getSession(request.cookies["owrx-session"].value)
|
session = SessionStorage.getSharedInstance().getSession(request.cookies["owrx-session"].value)
|
||||||
return session is not None
|
if session is None:
|
||||||
|
return False
|
||||||
|
if "user" not in session:
|
||||||
|
return False
|
||||||
|
userList = UserList.getSharedInstance()
|
||||||
|
try:
|
||||||
|
user = userList[session["user"]]
|
||||||
|
return user.is_enabled()
|
||||||
|
except KeyError:
|
||||||
return False
|
return False
|
||||||
|
|
||||||
|
|
||||||
|
Loading…
Reference in New Issue
Block a user