Chore Account server

Check-in [80164f8171]
Login

Many hyperlinks are disabled.
Use anonymous login to enable hyperlinks.

Overview
Comment:Drop some pdb hooks. Add version to redir target to sidestep cache
Downloads: Tarball | ZIP archive | SQL archive
Timelines: family | ancestors | descendants | both | master | trunk
Files: files | file ages | folders
SHA3-256:80164f8171d4db47ae5a69dad268693215a611f1e6c75561c30702d6df55eef6
User & Date: ajv-899-334-8894@vsta.org 2016-10-26 23:13:14
Context
2016-10-26
23:15
Edge case check-in: 9177c5536e user: ajv-899-334-8894@vsta.org tags: master, trunk
23:13
Drop some pdb hooks. Add version to redir target to sidestep cache check-in: 80164f8171 user: ajv-899-334-8894@vsta.org tags: master, trunk
22:11
Bring up basic authen check-in: 8fa03b3227 user: ajv-899-334-8894@vsta.org tags: master, trunk
Changes
Hide Diffs Side-by-Side Diffs Ignore Whitespace Patch

Changes to get.py.

     1      1   #
     2      2   # get.py
     3      3   #       Account portal & service interface
     4      4   #
     5         -import pdb
     6      5   
     7      6   class GET_mixin(object):
     8      7       # Top level
     9      8       #
    10      9       # We don't use chore-level authentication, as we're the
    11     10       #  ones who will deal with authentication in the first place.
    12     11       #
................................................................................
    14     13       #  we either display the portal (if they pointed their own
    15     14       #  browser at us) or else generate a redir to the service which
    16     15       #  kicked them over here to get (re-)authentcated.
    17     16       #
    18     17       # If there's no cookie, or not a good one, let them enter
    19     18       #  it here and we'll deal with authentication.
    20     19       def send_top(self):
    21         -        pdb.set_trace()
    22     20           res = self.auth_cookie()
    23     21   
    24     22           # If they're OK...
    25     23           if res is True:
    26     24               # TBD, redirect back.  But have to be really careful
    27     25               #  about validating destination; we don't want to send
    28     26               #  them anywhere but our own services.
................................................................................
    29     27   
    30     28               # Show the service portal
    31     29               return self.send_portal()
    32     30   
    33     31           # Please log in...
    34     32           buf = self.build_header("Please Log In")
    35     33           if self.vals:
    36         -            pdb.set_trace()
    37     34               buf += "<pre>%s</pre><br>" % (self.vals["msg"],)
    38     35           buf += "<h3>Please log in:</h3><br>\n"
    39     36           buf += '<form action="/login" method="post">\n'
    40     37           buf += ' Account name: <input type="text" name="acct"><br>\n'
    41     38           buf += ' Password: <input type="password" name="pw"><br>\n'
    42     39           buf += ' <input type="submit" value="Log In">\n'
    43     40           buf += "</form>\n"
................................................................................
    52     49   
    53     50           buf = self.build_header("Service Portal")
    54     51           buf += "<h3>Choose a service:</h3><br>\n"
    55     52           cfg = app.accts.get(self.user)
    56     53           if cfg is None:
    57     54               raise Exception, "Unknown account authenticated"
    58     55           services = cfg.get("serve")
    59         -        pdb.set_trace()
    60     56   
    61     57           # Hostname they used to reach us, should be
    62     58           #  <host>:<port#>
    63     59           host = self.headers.get("host").split(":")[0]
    64     60           if services is None:
    65     61               buf += "<i>No services are configured for you?</i>"
    66     62           else:

Changes to post.py.

     2      2   # post.py
     3      3   #	HTML POST/PUT handling
     4      4   #
     5      5   # /login
     6      6   #       Form post, user/pass entered
     7      7   #
     8      8   import urllib, sys
            9  +from chore.utils import tstamp
     9     10   
    10     11   class POST_mixin(object):
    11     12   
    12     13       def __init__(self):
    13     14           self.dispatchers.append( ("POST", self.post_login) )
    14     15   
    15     16       # Back to user/pass screen, with error message
    16     17       def failed_login(self, msg):
    17     18           msg = urllib.quote(msg)
    18         -        return True,self.send_redir("/?msg=%s" % (msg,))
           19  +        return True,self.send_redir("/?msg=%s&ver=%s" % (msg,tstamp()))
    19     20   
    20     21       # They've entered a user,pass, see if it's OK
    21     22       def post_login(self, buf):
    22     23           app = self.server.approot
    23     24   
    24     25           # Decode form fields
    25     26           self.parseKV(buf)
................................................................................
    29     30           user = vals.get("acct")
    30     31           pw = vals.get("pw")
    31     32           if (not user) or (not pw):
    32     33               return False,None
    33     34           sys.stderr.write("login %s\n" % (user,))
    34     35   
    35     36           # Look up user
    36         -        import pdb
    37         -        pdb.set_trace()
    38     37           acct = app.accts.get(user)
    39     38           if acct is None:
    40     39               return self.failed_login("Invalid user or password")
    41     40   
    42     41           # TBD, hashed passwords
    43     42           acctpw = acct.get("pass")
    44     43           if acctpw is None:
    45     44               return self.failed_login("Account is locked")
    46     45           if pw != acctpw:
    47     46               return self.failed_login("Invalid user or password")
    48     47   
    49     48           # Ok, they're on
    50     49           self.new_cookie(user)
    51         -        return True,self.send_redir("/")
           50  +        return True,self.send_redir("/?ver=%s" % (tstamp(),))