webui: webui: signin0.py Source File

00001 #!/usr/bin/env python
00002 
00003 import nstart
00004 import config
00005 import os, sys, string, time
00006 
00007 from pyclearsilver.log import *
00008 
00009 from pyclearsilver.CSPage import Context, CSPage
00010 import neo_cgi
00011 
00012 from auth import cookieauth
00013 from auth import pwauth
00014 
00015 import xss
00016 
00017 import MBPage
00018 
00019 class SignInPage(MBPage.MBPage):
00020     def setup(self):
00021       hdf = self.ncgi.hdf
00022       self.requestURI = hdf.getValue("Query.request", "")
00023 
00024     def display(self):
00025         hdf = self.ncgi.hdf
00026         q_signout = hdf.getIntValue("Query.signout",0)
00027         self.requestURI = hdf.getValue("Query.request", "")
00028 
00029         q_username = xss.xssescape(string.lower(hdf.getValue("Query.username","")))
00030 
00031         hdf.setValue("CGI.username", q_username)
00032 
00033         if self.requestURI:
00034           hdf.setValue("CGI.cur.request", self.requestURI)
00035 
00036         if q_signout:
00037           cookieauth.clearLoginCookie(self.ncgi, self.username)
00038 
00039     def Action_Login(self):
00040         hdf = self.ncgi.hdf
00041 
00042         q_username = xss.xssescape(string.lower(hdf.getValue("Query.username","")))
00043         q_password = hdf.getValue("Query.password","")
00044         q_persist = hdf.getValue("Query.persist","0")
00045 
00046         q_password_Hash = pwauth.mungePassword(q_password)
00047 
00048         if not self.requestURI:
00049             self.requestURI = config.gBaseURL + "%s/" % config.gDefaultModule
00050 
00051         hostname = hdf.getValue("HTTP.Host", "")
00052 
00053         # open login db to get pw
00054         newhost = hostname
00055 
00056         cookieauth.setPersistCookie(self.ncgi, q_persist)
00057 
00058         url = self.http + newhost + config.gBaseURL + "login/signin.py?password=%s&persist=%s&Action.Login=1&request=%s&username=%s" % (neo_cgi.urlEscape(q_password_Hash), q_persist, neo_cgi.urlEscape(self.requestURI), q_username)
00059         warn("signin0.py", "redirecting to url", url)
00060         self.redirectUri(url)
00061 
00062 def run(context):
00063     page = SignInPage(context, pagename="signin0", nologin=1)
00064     return page
00065 
00066 def main(context):
00067   page = run(context)
00068   page.start()
00069   
00070 
00071 if __name__ == "__main__":
00072     main(Context())