joachim/openwebrx-clone
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

thoroughly validate user

Browse Source
This commit is contained in:
Jakob Ketterl 2021-02-08 17:09:22 +01:00
parent 2c6b0e3d30
commit d9578cc5f4
1 changed files with 14 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

18
owrx/controllers/admin.py
View File

@ -1,6 +1,7 @@
from .template import WebpageController from .template import WebpageController
from .session import SessionStorage from .session import SessionStorage
from owrx.config import Config from owrx.config import Config
from owrx.users import UserList
from urllib import parse from urllib import parse
import logging import logging
@ -10,10 +11,19 @@ logger = logging.getLogger(__name__)
class Authentication(object): class Authentication(object):
def isAuthenticated(self, request): def isAuthenticated(self, request):
if "owrx-session" in request.cookies: if "owrx-session" not in request.cookies:
session = SessionStorage.getSharedInstance().getSession(request.cookies["owrx-session"].value) return False
return session is not None session = SessionStorage.getSharedInstance().getSession(request.cookies["owrx-session"].value)
return False if session is None:
return False
if "user" not in session:
return False
userList = UserList.getSharedInstance()
try:
user = userList[session["user"]]
return user.is_enabled()
except KeyError:
return False
class AdminController(WebpageController): class AdminController(WebpageController):