From 519384f4f2b51ef1db31b9d7b13123da1fd7e779 Mon Sep 17 00:00:00 2001 From: Marian Sigler Date: Wed, 19 Sep 2012 23:40:17 +0200 Subject: login works now. --- app.py | 18 ++++++++-------- default_settings.py | 3 +++ requirements.txt | 1 - templates/base.html | 20 ++++++++++++++++++ templates/index.html | 4 ++++ templates/login.html | 0 utils.py | 58 ++++++++++++++++++++++++++++++++++++++++++++-------- 7 files changed, 86 insertions(+), 18 deletions(-) delete mode 100644 templates/login.html diff --git a/app.py b/app.py index 1bf035f..c43f0be 100644 --- a/app.py +++ b/app.py @@ -1,8 +1,7 @@ # -*- coding: utf-8 -*- import os -from flask import Flask, request -from flask_login import login_required, login_user, logout_user -from utils import templated, login_manager +from flask import Flask, request, redirect, url_for, flash, session +from utils import templated, login_required, encrypt_password, decrypt_password, login_user, logout_user from forms import RegisterForm, LoginForm @@ -10,7 +9,6 @@ app = Flask(__name__) app.config.from_object('default_settings') if 'SPLINE_ACCOUNT_WEB_SETTINGS' in os.environ: app.config.from_envvar('SPLINE_ACCOUNT_WEB_SETTINGS') -login_manager.setup_app(app) @app.route('/', methods=['GET', 'POST']) @@ -18,8 +16,11 @@ login_manager.setup_app(app) def index(): form = LoginForm(request.form) if request.method == 'POST' and form.validate(): - login_user(form.username.data) - return redirect(url_for('index')) + if login_user(form.username.data, form.password.data): + flash(u'Erfolgreich eingeloggt (%s)' % session['username']) + return redirect(url_for('index')) + else: + flash(u'Ungültiger Benutzername und/oder Passwort', 'error') return {'form': form} @@ -45,13 +46,14 @@ def settings(): @app.route('/logout') -@login_required def logout(): logout_user() return redirect(url_for('index')) - +@app.route('/debug') +def debug(): + raise Exception() if __name__ == '__main__': diff --git a/default_settings.py b/default_settings.py index bcd641a..61b0dee 100644 --- a/default_settings.py +++ b/default_settings.py @@ -1 +1,4 @@ SECRET_KEY = 'remember to change this to something more random and private' + +# CHANGE THIS! (e.g. os.urandom(32) ) +PASSWORD_ENCRYPTION_KEY = '.\x14\xa7\x1b\xa2:\x1b\xb7\xbck\x1bD w\xab\x87a\xb4\xb7\xca\xf1\x06\xb0\x9f?q\x13\x05\x8dY\xe5<' diff --git a/requirements.txt b/requirements.txt index 1e537a1..327efd6 100644 --- a/requirements.txt +++ b/requirements.txt @@ -1,3 +1,2 @@ Flask==0.6 python-ldap -Flask-Login diff --git a/templates/base.html b/templates/base.html index 6e4e403..decff78 100644 --- a/templates/base.html +++ b/templates/base.html @@ -12,7 +12,27 @@ {%- endfor %} +

{% if title %}{{ title }}{% else %}spline accounts{% endif %}

+ + {%- if session.username %} +

Logged in as {{ session.username }}. Log out

+ {%- else %} +

Not logged in. Log in

+ {%- endif %} + + {% with messages = get_flashed_messages() %} + {% if messages %} + + {% endif %} + {% endwith %} + {% block content %}{% endblock %} + + 
{{ session.__repr__() }}
diff --git a/templates/index.html b/templates/index.html index 74ffb6b..cb9c238 100644 --- a/templates/index.html +++ b/templates/index.html @@ -2,10 +2,14 @@ {%- from '_macros.html' import render_field %} {%- block content %}

Willkommen bei spline accounts!

+{%- if session.username %} +

Hallo {{ session.username }}. Einstellungen

+{%- else %}

Account erstellen

{{ render_field(form.username) }} {{ render_field(form.password) }}
+{%- endif %} {%- endblock %} diff --git a/templates/login.html b/templates/login.html deleted file mode 100644 index e69de29..0000000 diff --git a/utils.py b/utils.py index 56d1f89..a252d61 100644 --- a/utils.py +++ b/utils.py @@ -1,7 +1,9 @@ # -*- coding: utf-8 -*- from functools import wraps -from flask import request, render_template -from flask_login import LoginManager, UserMixin +from flask import request, render_template, session +from random import randint +from Crypto.Cipher import AES + # from http://flask.pocoo.org/docs/patterns/viewdecorators/#templating-decorator def templated(template=None): @@ -21,13 +23,51 @@ def templated(template=None): return decorated_function return decorator -login_manager = LoginManager() -@login_manager.user_loader -def load_user(username): - raise NotImplemented() +def login_user(username, password): +# if not ldap_bind(): +# return False + + session['username'] = username + session['password'] = encrypt_password(password) + + #ldap_unbind() + + return True + + +def logout_user(): + session.pop('username', None) + session.pop('password', None) + + +def pad(s, numbytes=32, padding='\0'): + return s + (numbytes - len(s) % numbytes) * padding + +def encrypt_password(password): + """ + Encrypt the given password with `config.PASSWORD_ENCRYPTION_KEY`. + The key must be 32 bytes long. + """ + assert len(app.config['PASSWORD_ENCRYPTION_KEY']) == 32 + + iv = ''.join(chr(randint(0, 0xff)) for i in range(16)) + encryptor = AES.new(app.config['PASSWORD_ENCRYPTION_KEY'], AES.MODE_CBC, iv) + return iv + encryptor.encrypt(pad(password)) + +def decrypt_password(ciphertext): + """ + Decrypt the given password with `config.PASSWORD_ENCRYPTION_KEY`. + """ + iv = ciphertext[:16] + encryptor = AES.new(app.config['PASSWORD_ENCRYPTION_KEY'], AES.MODE_CBC, iv) + return encryptor.decrypt(ciphertext[16:]).rstrip('\0') + + +def login_required(func): + #TODO + return func -class User(UserMixin): - def __init__(self, username): - self.username = username +# circular import +from app import app -- cgit v1.2.3-1-g7c22