00001
00002
00003 """
00004 usage: %(progname)s [args]
00005 """
00006
00007
00008 import os, sys, string, time, getopt
00009 from pyclearsilver.log import *
00010
00011 from pyclearsilver import odb
00012
00013 import config
00014
00015
00016 import crypt
00017
00018 def _createCheckVal(username, issued_at, pw_hash, vcode):
00019 checkval = "%s:%s" % (username, now)
00020 realcheckval = "%s:%s:%s" % (checkval, pw_hash, vcode)
00021 checkval_hash = crypt.crypt(realcheckval,config.gAuthSalt)
00022 return checkval, checkval_hash
00023
00024
00025
00026
00027
00028
00029
00030
00031 def generateBrowserCookie(authdb, ipaddr):
00032 now = int(time.time())
00033
00034 row = authdb.browserid.newRow()
00035 row.creationDate = now
00036 row.ipaddr = ipaddr
00037 row.save()
00038
00039 cookie = "V1/%09d" % row.browserid
00040
00041 return cookie, row.browserid
00042
00043 def issueBrowserCookie(ncgi, authdb, domain):
00044 ipaddr = ncgi.hdf.getValue("CGI.RemoteAddress", "")
00045
00046 bcookie, browserid = generateBrowserCookie(authdb, ipaddr)
00047 ncgi.cookieSet("MB_B", bcookie, persist=1, path="/", domain=config.gDomain)
00048 return browserid
00049
00050
00051 def clearBrowserCookie(ncgi):
00052 ncgi.cookieClear("MB_B", "", "/")
00053
00054 def getBrowserCookie(ncgi):
00055 bcookie = ncgi.hdf.getValue("Cookie.MB_B","")
00056
00057 if not bcookie: return None
00058
00059 version, restCookie = string.split(bcookie, "/", 1)
00060 browserid = int(restCookie)
00061
00062 return browserid
00063
00064
00065 def _checkBrowserCookie(authdb, cookie, ipaddr):
00066 version, restCookie = string.split(cookie, "/", 1)
00067 if version != "V1":
00068 warn("browserauth.py", "invalid browser cookie, version", version, cookie)
00069 return None
00070
00071 browserid = int(restCookie)
00072
00073 try:
00074 row = authdb.browserid.fetchRow(("browserid", browserid))
00075 except odb.eNoMatchingRows:
00076 warn("browserauth.py", "invalid browser cookie, browserid not found")
00077 return browserid
00078
00079
00080 if row.ipaddr != ipaddr:
00081 warn("browserauth.py", "ipaddr mismatch", row.ipaddr, ipaddr)
00082
00083 debug("browserauth.py", "cookie", browserid)
00084
00085 return browserid
00086
00087 def checkBrowserCookie(authdb, ncgi):
00088 bcookie = ncgi.hdf.getValue("Cookie.MB_B","")
00089 if not bcookie: return None
00090
00091 ipaddr = ncgi.hdf.getValue("CGI.RemoteAddress", "")
00092
00093 browserid = _checkBrowserCookie(authdb, bcookie, ipaddr)
00094 return browserid
00095
00096
00097
00098 def test():
00099 pass
00100
00101 def usage(progname):
00102 print __doc__ % vars()
00103
00104 def main(argv, stdout, environ):
00105 progname = argv[0]
00106 optlist, args = getopt.getopt(argv[1:], "", ["help", "test", "debug"])
00107
00108 testflag = 0
00109 if len(args) == 0:
00110 usage(progname)
00111 return
00112 for (field, val) in optlist:
00113 if field == "--help":
00114 usage(progname)
00115 return
00116 elif field == "--debug":
00117 debugfull()
00118 elif field == "--test":
00119 testflag = 1
00120
00121 if testflag:
00122 test()
00123 return
00124
00125
00126 if __name__ == "__main__":
00127 main(sys.argv, sys.stdout, os.environ)