summaryrefslogtreecommitdiffstats
path: root/module/web
diff options
context:
space:
mode:
authorGravatar mkaay <mkaay@mkaay.de> 2011-02-05 14:19:22 +0100
committerGravatar mkaay <mkaay@mkaay.de> 2011-02-05 14:19:22 +0100
commit7c332ae610f7feca193ba50ea900f5a417681a7b (patch)
treee71f1ba6b8eb52f13c11289069d65288b17a111c /module/web
parentpy 2.5 fix -> removed import (diff)
downloadpyload-7c332ae610f7feca193ba50ea900f5a417681a7b.tar.xz
created unified authentication system (same data for webinterface an GUI/CLI, multiple accounts)
Diffstat (limited to 'module/web')
-rw-r--r--module/web/ServerThread.py48
-rw-r--r--module/web/pyload_app.py53
-rw-r--r--module/web/webinterface.py57
3 files changed, 52 insertions, 106 deletions
diff --git a/module/web/ServerThread.py b/module/web/ServerThread.py
index 9a3e6cb2a..297eb2f8f 100644
--- a/module/web/ServerThread.py
+++ b/module/web/ServerThread.py
@@ -3,7 +3,6 @@ from __future__ import with_statement
from os.path import exists
import threading
import logging
-import sqlite3
core = None
log = logging.getLogger("log")
@@ -28,8 +27,6 @@ class WebServer(threading.Thread):
import webinterface
global webinterface
- self.checkDB()
-
if self.https:
if not exists(self.cert) or not exists(self.key):
log.warning(_("SSL certificates not found."))
@@ -57,49 +54,6 @@ class WebServer(threading.Thread):
else:
self.start_builtin()
-
- def checkDB(self):
- conn = sqlite3.connect('web.db')
- c = conn.cursor()
- c.execute("SELECT * from users LIMIT 1")
- empty = True
- if c.fetchone():
- empty = False
-
- c.close()
- conn.close()
-
- if not empty:
- return True
-
- if exists("pyload.db"):
- log.info(_("Converting old database to new web.db"))
- conn = sqlite3.connect('pyload.db')
- c = conn.cursor()
- c.execute("SELECT username, password, email from auth_user WHERE is_superuser")
- users = []
- for r in c:
- pw = r[1].split("$")
- users.append((r[0], pw[1] + pw[2], r[2]))
-
- c.close()
- conn.close()
-
- conn = sqlite3.connect('web.db')
- c = conn.cursor()
- c.executemany("INSERT INTO users(name, password, email) VALUES (?,?,?)", users)
- conn.commit()
- c.close()
- conn.close()
- return True
-
- else:
- log.warning(_("Database for Webinterface does not exitst, it will not be available."))
- log.warning(_("Please run: python pyLoadCore.py -s"))
- log.warning(_("Go through the setup and create a database and add an user to gain access."))
- return False
-
-
def start_builtin(self):
if self.https:
@@ -124,4 +78,4 @@ class WebServer(threading.Thread):
webinterface.run_fcgi(host=self.host, port=self.port)
def quit(self):
- self.running = False \ No newline at end of file
+ self.running = False
diff --git a/module/web/pyload_app.py b/module/web/pyload_app.py
index 2778566e1..0f8dd859c 100644
--- a/module/web/pyload_app.py
+++ b/module/web/pyload_app.py
@@ -22,7 +22,6 @@ from itertools import chain
from operator import itemgetter
import os
-import sqlite3
import time
from os import listdir
from os.path import isdir
@@ -45,9 +44,15 @@ def pre_processor():
s = request.environ.get('beaker.session')
user = parse_userdata(s)
perms = parse_permissions(s)
+ status = {}
+ if user["is_authenticated"]:
+ status = PYLOAD.status_server()
+ captcha = False
+ if user["is_authenticated"]:
+ captcha = PYLOAD.is_captcha_waiting()
return {"user": user,
- 'status': PYLOAD.status_server(),
- 'captcha': PYLOAD.is_captcha_waiting(),
+ 'status': status,
+ 'captcha': captcha,
'perms': perms}
@@ -80,35 +85,20 @@ def login_post():
user = request.forms.get("username")
password = request.forms.get("password")
- conn = sqlite3.connect('web.db')
- c = conn.cursor()
- c.execute('SELECT name, password, role, permission,template FROM "users" WHERE name=?', (user,))
- r = c.fetchone()
- c.close()
- conn.commit()
- conn.close()
+ info = PYLOAD.checkAuth(user, password)
- if not r:
+ if not info:
return render_to_response("login.html", {"errors": True}, [pre_processor])
- salt = r[1][:5]
- pw = r[1][5:]
-
- hash = sha1(salt + password)
- if hash.hexdigest() == pw:
- s = request.environ.get('beaker.session')
- s["authenticated"] = True
- s["name"] = r[0]
- s["role"] = r[2]
- s["perms"] = r[3]
- s["template"] = r[4]
- s.save()
-
- return redirect("/")
+ s = request.environ.get('beaker.session')
+ s["authenticated"] = True
+ s["name"] = info["name"]
+ s["role"] = info["role"]
+ s["perms"] = info["permission"]
+ s["template"] = info["template"]
+ s.save()
-
- else:
- return render_to_response("login.html", {"errors": True}, [pre_processor])
+ return redirect("/")
@route("/logout")
def logout():
@@ -121,7 +111,12 @@ def logout():
@route("/home")
@login_required("can_see_dl")
def home():
- res = PYLOAD.status_downloads()
+ try:
+ res = PYLOAD.status_downloads()
+ except:
+ s = request.environ.get('beaker.session')
+ s.delete()
+ return redirect("/login")
for link in res:
if link["status"] == 12:
diff --git a/module/web/webinterface.py b/module/web/webinterface.py
index 49e8e831c..be28fb2eb 100644
--- a/module/web/webinterface.py
+++ b/module/web/webinterface.py
@@ -19,7 +19,6 @@
import sys
import gettext
-import sqlite3
from os.path import join, abspath,dirname, exists
from os import makedirs
@@ -48,24 +47,34 @@ try:
except:
import xmlrpclib
- ssl = ""
-
from module.ConfigParser import ConfigParser
-
config = ConfigParser()
-
- if config.get("ssl", "activated"):
- ssl = "s"
-
- server_url = "http%s://%s:%s@%s:%s/" % (
- ssl,
- config.username,
- config.password,
- config.get("remote", "listenaddr"),
- config.get("remote", "port")
- )
-
- PYLOAD = xmlrpclib.ServerProxy(server_url, allow_none=True)
+
+ class wrap():
+ authed = False
+ proxy = None
+ def checkAuth(self, username, password):
+ server_url = "http%s://%s:%s@%s:%s/" % (
+ "s" if config.get("ssl", "activated") else "",
+ username,
+ password,
+ config.get("remote", "listenaddr"),
+ config.get("remote", "port")
+ )
+ proxy = xmlrpclib.ServerProxy(server_url, allow_none=True)
+ try:
+ info = proxy.checkAuth(username, password)
+ except:
+ self.authed = False
+ return {}
+ self.proxy = proxy
+ self.authed = False
+ return info
+
+ def __getattr__(self, attr):
+ return getattr(self.proxy, attr)
+
+ PYLOAD = wrap()
from module.JsEngine import JsEngine
@@ -77,18 +86,6 @@ LOG_ROOT = config.get('log', 'log_folder')
DEBUG = config.get("general","debug_mode")
bottle.debug(DEBUG)
-def setup_database():
- conn = sqlite3.connect('web.db')
- c = conn.cursor()
- c.execute(
- 'CREATE TABLE IF NOT EXISTS "users" ("id" INTEGER PRIMARY KEY AUTOINCREMENT, "name" TEXT NOT NULL, "email" TEXT DEFAULT "" NOT NULL, "password" TEXT NOT NULL, "role" INTEGER DEFAULT 0 NOT NULL, "permission" INTEGER DEFAULT 0 NOT NULL, "template" TEXT DEFAULT "default" NOT NULL)')
- c.close()
- conn.commit()
- conn.close()
-
-setup_database()
-
-
if not exists(join("tmp", "jinja_cache")):
makedirs(join("tmp", "jinja_cache"))
@@ -148,4 +145,4 @@ def run_fcgi(host="0.0.0.0", port="8000"):
if __name__ == "__main__":
- run(app=web, port=8001) \ No newline at end of file
+ run(app=web, port=8001)