anoopmb
/
frappe
1
0
複製 0
程式碼 問題 0 合併請求 0 版本發佈 0 Wiki 活動
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
3729 提交
1 分支
314 MiB
目錄樹: 93ff8bf7f8
分支列表 標籤
${ item.name }
建立分支 ${ searchTerm }
從 '93ff8bf7f8'
${ noResults }
frappe/webnotes/auth.py

auth.py 7.4 KiB
原始文件 Normal View 歷史記錄

[minor] [license] Standardizied license string in py an js code files
12 年之前
added license files
13 年之前
added unicode_literals import at start of each file
13 年之前
Sourced WebNotes Framework from Google Code.
14 年之前
lib/py/webnotes/defs.py -> conf.py (see sample in lib/conf/conf.py)
13 年之前
rewrote session management:added copy in memcache that is looked up first before updating db
12 年之前
Sourced WebNotes Framework from Google Code.
14 年之前
[wsgi] [minor] fixed request host name
12 年之前
Sourced WebNotes Framework from Google Code.
14 年之前
integrated language in profile, request
12 年之前
[wsgi] [minor] replace os.environ by webnotes.get_request_header
12 年之前
integrated language in profile, request
12 年之前
Sourced WebNotes Framework from Google Code.
14 年之前
wsgi started
12 年之前
send all requests to server.py as POST, but use _type form parameter's POST or GET value to use commit or not
12 年之前
[wsgi] [minor] fixed request host name
12 年之前
request: remove _type from form
12 年之前
bugfix in session update and separated GET and POST queries
12 年之前
Sourced WebNotes Framework from Google Code.
14 年之前
fixes to sessions
12 年之前
Sourced WebNotes Framework from Google Code.
14 年之前
wsgi started
12 年之前
Sourced WebNotes Framework from Google Code.
14 年之前
wsgi started
12 年之前
Sourced WebNotes Framework from Google Code.
14 年之前
dialog css
13 年之前
Fix in session stopped message display
13 年之前
messages and merge
13 年之前
setup profile before calling on login post session
13 年之前
Sourced WebNotes Framework from Google Code.
14 年之前
wsgi started
12 年之前
Sourced WebNotes Framework from Google Code.
14 年之前
cleanup of handler.js
13 年之前
wsgi started
12 年之前
Sourced WebNotes Framework from Google Code.
14 年之前
integrated language in profile, request
12 年之前
[fix] [minor] languages and scriptmanager trigger's callback
12 年之前
integrated language in profile, request
12 年之前
[fix] [minor] languages and scriptmanager trigger's callback
12 年之前
integrated language in profile, request
12 年之前
added spanish
12 年之前
integrated language in profile, request
12 年之前
updated language and separated slickgrid files
12 年之前
[fix] [minor] languages and scriptmanager trigger's callback
12 年之前
Sourced WebNotes Framework from Google Code.
14 年之前
cleaned up db resolution logic
13 年之前
lib/py/webnotes/defs.py -> conf.py (see sample in lib/conf/conf.py)
13 年之前
Sourced WebNotes Framework from Google Code.
14 年之前
fixes to sessions
12 年之前
cleanup of login and removed un-necessary files
13 年之前
wsgi started
12 年之前
lib/py/webnotes/defs.py -> conf.py (see sample in lib/conf/conf.py)
13 年之前
Sourced WebNotes Framework from Google Code.
14 年之前
__session_cache removed and introducted memcache for caching
13 年之前
webshop login, logout
12 年之前
Sourced WebNotes Framework from Google Code.
14 年之前
webshop login, logout
12 年之前
[minor] [cleanup] [issue] webnotes/erpnext#438 - change user_type Partner to Website User
12 年之前
webshop login, logout
12 年之前
[minor] [merge]
12 年之前
wsgi started
12 年之前
Sourced WebNotes Framework from Google Code.
14 年之前
feature to restrict ip, by hours, cleanup of profile doctype
14 年之前
Sourced WebNotes Framework from Google Code.
14 年之前
profile cleanup start and new auth table for better security
13 年之前
Sourced WebNotes Framework from Google Code.
14 年之前
profile cleanup start and new auth table for better security
13 年之前
Sourced WebNotes Framework from Google Code.
14 年之前
profile cleanup start and new auth table for better security
13 年之前
null issue in login
12 年之前
profile cleanup start and new auth table for better security
13 年之前
null issue in login
12 年之前
profile cleanup start and new auth table for better security
13 年之前
Sourced WebNotes Framework from Google Code.
14 年之前
profile cleanup start and new auth table for better security
13 年之前
Sourced WebNotes Framework from Google Code.
14 年之前
event_handlers file moved to startup
14 年之前
Sourced WebNotes Framework from Google Code.
14 年之前
new app ready to fly
13 年之前
[fix] [minor] [website]
12 年之前
[demo] New ERPNext Demo
12 年之前
Sourced WebNotes Framework from Google Code.
14 年之前
profile cleanup start and new auth table for better security
13 年之前
feature to restrict ip, by hours, cleanup of profile doctype
14 年之前
Removed invalid characters from code in auth.py
13 年之前
feature to restrict ip, by hours, cleanup of profile doctype
14 年之前
Removed invalid characters from code in auth.py
13 年之前
[wsgi] [minor]
12 年之前
Fix: IP authentication
13 年之前
Sourced WebNotes Framework from Google Code.
14 年之前
fix in ip address error
13 年之前
feature to restrict ip, by hours, cleanup of profile doctype
14 年之前
profile cleanup start and new auth table for better security
13 年之前
feature to restrict ip, by hours, cleanup of profile doctype
14 年之前
Sourced WebNotes Framework from Google Code.
14 年之前
feature to restrict ip, by hours, cleanup of profile doctype
14 年之前
Sourced WebNotes Framework from Google Code.
14 年之前
profile cleanup start and new auth table for better security
13 年之前
Sourced WebNotes Framework from Google Code.
14 年之前
Fixed logout issue
13 年之前
fixes to sessions
12 年之前
Sourced WebNotes Framework from Google Code.
14 年之前
profile cleanup start and new auth table for better security
13 年之前
blog sequence
13 年之前
rewrote session management:added copy in memcache that is looked up first before updating db
12 年之前
blog sequence
13 年之前
fixes to sessions
12 年之前
[fix] [issue] #630 - if logout user is current session user, blankout sid cookie
12 年之前
wsgi started
12 年之前
[fix] [issue] #630 - if logout user is current session user, blankout sid cookie
12 年之前
Sourced WebNotes Framework from Google Code.
14 年之前
wsgi started
12 年之前
Sourced WebNotes Framework from Google Code.
14 年之前
new cms with public folder
13 年之前
refactor unicode changes and merge with master with refactored email
13 年之前
fixes for unicode
13 年之前
Sourced WebNotes Framework from Google Code.
14 年之前
fixes for unicode
13 年之前
wsgi started
12 年之前
[geo ip] determine country using geoip; added country info in session and cookies
12 年之前
Sourced WebNotes Framework from Google Code.
14 年之前
refactor unicode changes and merge with master with refactored email
13 年之前
fixes for unicode
13 年之前
wsgi started
12 年之前
started fresh install and added country_info
12 年之前
[password] reset via link, added update page for portal user
12 年之前
started fresh install and added country_info
12 年之前
[minor] install fixes
12 年之前
 123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254 
  1. # Copyright (c) 2013, Web Notes Technologies Pvt. Ltd.

  2. # MIT License. See license.txt 

  3. 

  4. from __future__ import unicode_literals

  5. import webnotes

  6. import webnotes.db

  7. import webnotes.utils

  8. import webnotes.profile

  9. import conf

  10. from webnotes.sessions import Session

  11. 

  12. 

  13. class HTTPRequest:

  14. 	def __init__(self):

  15. 

  16. 		# Get Environment variables

  17. 		self.domain = webnotes.request.host

  18. 		if self.domain and self.domain.startswith('www.'):

  19. 			self.domain = self.domain[4:]

  20. 

  21. 		# language

  22. 		self.set_lang(webnotes.get_request_header('HTTP_ACCEPT_LANGUAGE'))

  23. 		

  24. 		# load cookies

  25. 		webnotes.local.cookie_manager = CookieManager()

  26. 		

  27. 		# override request method. All request to be of type POST, but if _type == "POST" then commit

  28. 		if webnotes.form_dict.get("_type"):

  29. 			webnotes.local.request_method = webnotes.form_dict.get("_type")

  30. 			del webnotes.form_dict["_type"]

  31. 

  32. 		# set db

  33. 		self.connect()

  34. 

  35. 		# login

  36. 		webnotes.local.login_manager = LoginManager()

  37. 

  38. 		# start session

  39. 		webnotes.local.session_obj = Session()

  40. 		webnotes.local.session = webnotes.local.session_obj.data

  41. 

  42. 		# check status

  43. 		if webnotes.conn.get_global("__session_status")=='stop':

  44. 			webnotes.msgprint(webnotes.conn.get_global("__session_status_message"))

  45. 			raise webnotes.SessionStopped('Session Stopped')

  46. 

  47. 		# load profile

  48. 		self.setup_profile()

  49. 

  50. 		# run login triggers

  51. 		if webnotes.form_dict.get('cmd')=='login':

  52. 			webnotes.local.login_manager.run_trigger('on_login_post_session')

  53. 

  54. 		# write out cookies

  55. 		webnotes.local.cookie_manager.set_cookies()

  56. 

  57. 	def set_lang(self, lang):

  58. 		import translate

  59. 		lang_list = translate.get_lang_dict()

  60. 		lang_list = lang_list and lang_list.values() or []

  61. 		

  62. 		if not lang: 

  63. 			return

  64. 		if ";" in lang: # not considering weightage

  65. 			lang = lang.split(";")[0]

  66. 		if "," in lang:

  67. 			lang = lang.split(",")

  68. 		else:

  69. 			lang = [lang]

  70. 			

  71. 		for l in lang:

  72. 			code = l.strip()

  73. 			if code in lang_list:

  74. 				webnotes.lang = code

  75. 				return

  76. 				

  77. 			# check if parent language (pt) is setup, if variant (pt-BR)

  78. 			if "-" in code:

  79. 				code = code.split("-")[0]

  80. 				if code in lang_list:

  81. 					webnotes.lang = code

  82. 					return

  83. 					

  84. 	def setup_profile(self):

  85. 		webnotes.user = webnotes.profile.Profile()

  86. 

  87. 	def get_db_name(self):

  88. 		"""get database name from conf"""

  89. 		return conf.db_name

  90. 

  91. 	def connect(self, ac_name = None):

  92. 		"""connect to db, from ac_name or db_name"""

  93. 		webnotes.local.conn = webnotes.db.Database(user = self.get_db_name(), \

  94. 			password = getattr(conf,'db_password', ''))

  95. 

  96. class LoginManager:

  97. 	def __init__(self):

  98. 		if webnotes.form_dict.get('cmd')=='login':

  99. 			# clear cache

  100. 			from webnotes.sessions import clear_cache

  101. 			clear_cache(webnotes.form_dict.get('usr'))

  102. 

  103. 			self.authenticate()

  104. 			self.post_login()

  105. 			info = webnotes.conn.get_value("Profile", self.user, ["user_type", "first_name", "last_name"], as_dict=1)

  106. 			if info.user_type=="Website User":

  107. 				webnotes.response["message"] = "No App"

  108. 			else:

  109. 				webnotes.response['message'] = 'Logged In'

  110. 

  111. 			full_name = " ".join(filter(None, [info.first_name, info.last_name]))

  112. 			webnotes.response["full_name"] = full_name

  113. 			webnotes._response.set_cookie("full_name", full_name)

  114. 	

  115. 	def post_login(self):

  116. 		self.run_trigger()

  117. 		self.validate_ip_address()

  118. 		self.validate_hour()

  119. 	

  120. 	def authenticate(self, user=None, pwd=None):

  121. 		if not (user and pwd):	

  122. 			user, pwd = webnotes.form_dict.get('usr'), webnotes.form_dict.get('pwd')

  123. 		if not (user and pwd):

  124. 			self.fail('Incomplete login details')

  125. 		

  126. 		self.check_if_enabled(user)

  127. 		self.user = self.check_password(user, pwd)

  128. 	

  129. 	def check_if_enabled(self, user):

  130. 		"""raise exception if user not enabled"""

  131. 		from webnotes.utils import cint

  132. 		if user=='Administrator': return

  133. 		if not cint(webnotes.conn.get_value('Profile', user, 'enabled')):

  134. 			self.fail('User disabled or missing')

  135. 

  136. 	def check_password(self, user, pwd):

  137. 		"""check password"""

  138. 		user = webnotes.conn.sql("""select `user` from __Auth where `user`=%s 

  139. 			and `password`=password(%s)""", (user, pwd))

  140. 		if not user:

  141. 			self.fail('Incorrect password')

  142. 		else:

  143. 			return user[0][0] # in correct case

  144. 	

  145. 	def fail(self, message):

  146. 		webnotes.response['message'] = message

  147. 		raise webnotes.AuthenticationError

  148. 		

  149. 	

  150. 	def run_trigger(self, method='on_login'):

  151. 		try:

  152. 			from startup import event_handlers

  153. 			if hasattr(event_handlers, method):

  154. 				getattr(event_handlers, method)(self)

  155. 		except ImportError, e:

  156. 			pass

  157. 			

  158. 		cp = webnotes.bean("Control Panel", "Control Panel")

  159. 		cp.run_method(method)

  160. 	

  161. 	def validate_ip_address(self):

  162. 		"""check if IP Address is valid"""

  163. 		ip_list = webnotes.conn.get_value('Profile', self.user, 'restrict_ip', ignore=True)

  164. 		

  165. 		if not ip_list:

  166. 			return

  167. 

  168. 		ip_list = ip_list.replace(",", "\n").split('\n')

  169. 		ip_list = [i.strip() for i in ip_list]

  170. 

  171. 		for ip in ip_list:

  172. 			if webnotes.get_request_header('REMOTE_ADDR', '').startswith(ip):

  173. 				return

  174. 			

  175. 		webnotes.msgprint('Not allowed from this IP Address')

  176. 		raise webnotes.AuthenticationError

  177. 

  178. 	def validate_hour(self):

  179. 		"""check if user is logging in during restricted hours"""

  180. 		login_before = int(webnotes.conn.get_value('Profile', self.user, 'login_before', ignore=True) or 0)

  181. 		login_after = int(webnotes.conn.get_value('Profile', self.user, 'login_after', ignore=True) or 0)

  182. 		

  183. 		if not (login_before or login_after):

  184. 			return

  185. 			

  186. 		from webnotes.utils import now_datetime

  187. 		current_hour = int(now_datetime().strftime('%H'))

  188. 				

  189. 		if login_before and current_hour > login_before:

  190. 			webnotes.msgprint('Not allowed to login after restricted hour', raise_exception=1)

  191. 

  192. 		if login_after and current_hour < login_after:

  193. 			webnotes.msgprint('Not allowed to login before restricted hour', raise_exception=1)

  194. 	

  195. 	def login_as_guest(self):

  196. 		"""login as guest"""

  197. 		self.user = 'Guest'

  198. 		self.post_login()

  199. 

  200. 	def logout(self, arg='', user=None):

  201. 		if not user: user = webnotes.session.user

  202. 		self.run_trigger('on_logout')

  203. 		if user in ['demo@erpnext.com', 'Administrator']:

  204. 			webnotes.conn.sql('delete from tabSessions where sid=%s', webnotes.session.get('sid'))

  205. 			webnotes.cache().delete_value("session:" + webnotes.session.get("sid"))

  206. 		else:

  207. 			from webnotes.sessions import clear_sessions

  208. 			clear_sessions(user)

  209. 			

  210. 		if user == webnotes.session.user:

  211. 			webnotes._response.delete_cookie("full_name")

  212. 			webnotes._response.delete_cookie("sid")

  213. 			webnotes._response.set_cookie("full_name", "")

  214. 			webnotes._response.set_cookie("sid", "")

  215. 		

  216. class CookieManager:

  217. 	def __init__(self):

  218. 		pass

  219. 		

  220. 	def set_cookies(self):		

  221. 		if not webnotes.session.get('sid'): return		

  222. 		import datetime

  223. 

  224. 		# sid expires in 3 days

  225. 		expires = datetime.datetime.now() + datetime.timedelta(days=3)

  226. 		if webnotes.session.sid:

  227. 			webnotes._response.set_cookie("sid", webnotes.session.sid, expires = expires)

  228. 		if webnotes.session.session_country:

  229. 			webnotes._response.set_cookie('country', webnotes.session.get("session_country"))

  230. 		

  231. 	def set_remember_me(self):

  232. 		from webnotes.utils import cint

  233. 		

  234. 		if not cint(webnotes.form_dict.get('remember_me')): return

  235. 		

  236. 		remember_days = webnotes.conn.get_value('Control Panel', None,

  237. 			'remember_for_days') or 7

  238. 			

  239. 		import datetime

  240. 		expires = datetime.datetime.now() + \

  241. 					datetime.timedelta(days=remember_days)

  242. 

  243. 		webnotes._response.set_cookie["remember_me"] = 1

  244. 

  245. 

  246. def _update_password(user, password):

  247. 	webnotes.conn.sql("""insert into __Auth (user, `password`) 

  248. 		values (%s, password(%s)) 

  249. 		on duplicate key update `password`=password(%s)""", (user, 

  250. 		password, password))

  251. 

  252. @webnotes.whitelist()

  253. def get_logged_user():

  254. 	return webnotes.session.user