created unified authentication system (same data for webinterface an GUI/CLI, multiple accounts)

3 files changed, 52 insertions, 106 deletions

diff --git a/module/web/ServerThread.py b/module/web/ServerThread.py
index 9a3e6cb2a..297eb2f8f 100644
--- a/module/web/ServerThread.py
+++ b/module/web/ServerThread.py
@@ -3,7 +3,6 @@ from __future__ import with_statement
 from os.path import exists
 import threading
 import logging
-import sqlite3
 
 core = None
 log = logging.getLogger("log")
@@ -28,8 +27,6 @@ class WebServer(threading.Thread):
         import webinterface
         global webinterface
 
-        self.checkDB()
-
         if self.https:
             if not exists(self.cert) or not exists(self.key):
                 log.warning(_("SSL certificates not found."))
@@ -57,49 +54,6 @@ class WebServer(threading.Thread):
         else:
             self.start_builtin()
 
-
-    def checkDB(self):
-        conn = sqlite3.connect('web.db')
-        c = conn.cursor()
-        c.execute("SELECT * from users LIMIT 1")
-        empty = True
-        if c.fetchone():
-            empty = False
-
-        c.close()
-        conn.close()
-
-        if not empty:
-            return True
-
-        if exists("pyload.db"):
-            log.info(_("Converting old database to new web.db"))
-            conn = sqlite3.connect('pyload.db')
-            c = conn.cursor()
-            c.execute("SELECT username, password, email from auth_user WHERE is_superuser")
-            users = []
-            for r in c:
-                pw = r[1].split("$")
-                users.append((r[0], pw[1] + pw[2], r[2]))
-
-            c.close()
-            conn.close()
-
-            conn = sqlite3.connect('web.db')
-            c = conn.cursor()
-            c.executemany("INSERT INTO users(name, password, email) VALUES (?,?,?)", users)
-            conn.commit()
-            c.close()
-            conn.close()
-            return True
-
-        else:
-            log.warning(_("Database for Webinterface does not exitst, it will not be available."))
-            log.warning(_("Please run: python pyLoadCore.py -s"))
-            log.warning(_("Go through the setup and create a database and add an user to gain access."))
-            return False
-
-
     def start_builtin(self):
 
         if self.https:
@@ -124,4 +78,4 @@ class WebServer(threading.Thread):
         webinterface.run_fcgi(host=self.host, port=self.port)
 
     def quit(self):
-        self.running = False
\ No newline at end of file
+        self.running = False
diff --git a/module/web/pyload_app.py b/module/web/pyload_app.py
index 2778566e1..0f8dd859c 100644
--- a/module/web/pyload_app.py
+++ b/module/web/pyload_app.py
@@ -22,7 +22,6 @@ from itertools import chain
 from operator import itemgetter
 import os
 
-import sqlite3
 import time
 from os import listdir
 from os.path import isdir
@@ -45,9 +44,15 @@ def pre_processor():
     s = request.environ.get('beaker.session')
     user = parse_userdata(s)
     perms = parse_permissions(s)
+    status = {}
+    if user["is_authenticated"]:
+        status = PYLOAD.status_server()
+    captcha = False
+    if user["is_authenticated"]:
+        captcha = PYLOAD.is_captcha_waiting()
     return {"user": user,
-            'status': PYLOAD.status_server(),
-            'captcha': PYLOAD.is_captcha_waiting(),
+            'status': status,
+            'captcha': captcha,
             'perms': perms}
 
 
@@ -80,35 +85,20 @@ def login_post():
     user = request.forms.get("username")
     password = request.forms.get("password")
 
-    conn = sqlite3.connect('web.db')
-    c = conn.cursor()
-    c.execute('SELECT name, password, role, permission,template FROM "users" WHERE name=?', (user,))
-    r = c.fetchone()
-    c.close()
-    conn.commit()
-    conn.close()
+    info = PYLOAD.checkAuth(user, password)
 
-    if not r:
+    if not info:
         return render_to_response("login.html", {"errors": True}, [pre_processor])
 
-    salt = r[1][:5]
-    pw = r[1][5:]
-
-    hash = sha1(salt + password)
-    if hash.hexdigest() == pw:
-        s = request.environ.get('beaker.session')
-        s["authenticated"] = True
-        s["name"] = r[0]
-        s["role"] = r[2]
-        s["perms"] = r[3]
-        s["template"] = r[4]
-        s.save()
-
-        return redirect("/")
+    s = request.environ.get('beaker.session')
+    s["authenticated"] = True
+    s["name"] = info["name"]
+    s["role"] = info["role"]
+    s["perms"] = info["permission"]
+    s["template"] = info["template"]
+    s.save()
 
-
-    else:
-        return render_to_response("login.html", {"errors": True}, [pre_processor])
+    return redirect("/")
 
 @route("/logout")
 def logout():
@@ -121,7 +111,12 @@ def logout():
 @route("/home")
 @login_required("can_see_dl")
 def home():
-    res = PYLOAD.status_downloads()
+    try:
+        res = PYLOAD.status_downloads()
+    except:
+        s = request.environ.get('beaker.session')
+        s.delete()
+        return redirect("/login")
 
     for link in res:
         if link["status"] == 12:
diff --git a/module/web/webinterface.py b/module/web/webinterface.py
index 49e8e831c..be28fb2eb 100644
--- a/module/web/webinterface.py
+++ b/module/web/webinterface.py
@@ -19,7 +19,6 @@
 
 import sys
 import gettext
-import sqlite3
 
 from os.path import join, abspath,dirname, exists
 from os import makedirs
@@ -48,24 +47,34 @@ try:
 except:
     import xmlrpclib
 
-    ssl = ""
-
     from module.ConfigParser import ConfigParser
-
     config = ConfigParser()
-
-    if config.get("ssl", "activated"):
-        ssl = "s"
-
-    server_url = "http%s://%s:%s@%s:%s/" % (
-    ssl,
-    config.username,
-    config.password,
-    config.get("remote", "listenaddr"),
-    config.get("remote", "port")
-    )
-
-    PYLOAD = xmlrpclib.ServerProxy(server_url, allow_none=True)
+    
+    class wrap():
+        authed = False
+        proxy = None
+        def checkAuth(self, username, password):
+            server_url = "http%s://%s:%s@%s:%s/" % (
+              "s" if config.get("ssl", "activated") else "",
+              username,
+              password,
+              config.get("remote", "listenaddr"),
+              config.get("remote", "port")
+            )
+            proxy = xmlrpclib.ServerProxy(server_url, allow_none=True)
+            try:
+                info = proxy.checkAuth(username, password)
+            except:
+                self.authed = False
+                return {}
+            self.proxy = proxy
+            self.authed = False
+            return info
+        
+        def __getattr__(self, attr):
+            return getattr(self.proxy, attr)
+    
+    PYLOAD = wrap()
 
 from module.JsEngine import JsEngine
 
@@ -77,18 +86,6 @@ LOG_ROOT = config.get('log', 'log_folder')
 DEBUG = config.get("general","debug_mode")
 bottle.debug(DEBUG)
 
-def setup_database():
-    conn = sqlite3.connect('web.db')
-    c = conn.cursor()
-    c.execute(
-            'CREATE TABLE IF NOT EXISTS "users" ("id" INTEGER PRIMARY KEY AUTOINCREMENT, "name" TEXT NOT NULL, "email" TEXT DEFAULT "" NOT NULL, "password" TEXT NOT NULL, "role" INTEGER DEFAULT 0 NOT NULL, "permission" INTEGER DEFAULT 0 NOT NULL, "template" TEXT DEFAULT "default" NOT NULL)')
-    c.close()
-    conn.commit()
-    conn.close()
-
-setup_database()
-
-
 if not exists(join("tmp", "jinja_cache")):
     makedirs(join("tmp", "jinja_cache"))
 
@@ -148,4 +145,4 @@ def run_fcgi(host="0.0.0.0", port="8000"):
 
 if __name__ == "__main__":
 
-    run(app=web, port=8001)
\ No newline at end of file
+    run(app=web, port=8001)