anoopmb
/
frappe
1
0
Fork 0
Code Issues 0 Pull Requests 0 Releases 0 Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
4460 Commits
1 Branch
314 MiB
 
 
 
 
 
 
Tree: 3968f66d5f
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from '3968f66d5f'
${ noResults }
frappe/webnotes/auth.py

251 lines
7.5 KiB
Raw Blame History 

  1. # Copyright (c) 2013, Web Notes Technologies Pvt. Ltd. and Contributors

  2. # MIT License. See license.txt 

  3. 

  4. from __future__ import unicode_literals

  5. import webnotes

  6. import webnotes.db

  7. import webnotes.utils

  8. import webnotes.profile

  9. from webnotes import conf

  10. from webnotes.sessions import Session

  11. 

  12. 

  13. class HTTPRequest:

  14. 	def __init__(self):

  15. 		# Get Environment variables

  16. 		self.domain = webnotes.request.host

  17. 		if self.domain and self.domain.startswith('www.'):

  18. 			self.domain = self.domain[4:]

  19. 

  20. 		# language

  21. 		self.set_lang(webnotes.get_request_header('HTTP_ACCEPT_LANGUAGE'))

  22. 		

  23. 		# load cookies

  24. 		webnotes.local.cookie_manager = CookieManager()

  25. 		

  26. 		# override request method. All request to be of type POST, but if _type == "POST" then commit

  27. 		if webnotes.form_dict.get("_type"):

  28. 			webnotes.local.request_method = webnotes.form_dict.get("_type")

  29. 			del webnotes.form_dict["_type"]

  30. 

  31. 		# set db

  32. 		self.connect()

  33. 

  34. 		# login

  35. 		webnotes.local.login_manager = LoginManager()

  36. 

  37. 		# start session

  38. 		webnotes.local.session_obj = Session()

  39. 		webnotes.local.session = webnotes.local.session_obj.data

  40. 

  41. 		# check status

  42. 		if webnotes.conn.get_global("__session_status")=='stop':

  43. 			webnotes.msgprint(webnotes.conn.get_global("__session_status_message"))

  44. 			raise webnotes.SessionStopped('Session Stopped')

  45. 

  46. 		# load profile

  47. 		self.setup_profile()

  48. 

  49. 		# run login triggers

  50. 		if webnotes.form_dict.get('cmd')=='login':

  51. 			webnotes.local.login_manager.run_trigger('on_session_creation')

  52. 

  53. 		# write out cookies

  54. 		webnotes.local.cookie_manager.set_cookies()

  55. 

  56. 	def set_lang(self, lang):

  57. 		import translate

  58. 		lang_list = translate.get_all_languages() or []

  59. 

  60. 		if not lang: 

  61. 			return

  62. 		if ";" in lang: # not considering weightage

  63. 			lang = lang.split(";")[0]

  64. 		if "," in lang:

  65. 			lang = lang.split(",")

  66. 		else:

  67. 			lang = [lang]

  68. 			

  69. 		for l in lang:

  70. 			code = l.strip()

  71. 			if code in lang_list:

  72. 				webnotes.local.lang = code

  73. 				return

  74. 				

  75. 			# check if parent language (pt) is setup, if variant (pt-BR)

  76. 			if "-" in code:

  77. 				code = code.split("-")[0]

  78. 				if code in lang_list:

  79. 					webnotes.local.lang = code

  80. 					return

  81. 					

  82. 	def setup_profile(self):

  83. 		webnotes.local.user = webnotes.profile.Profile()

  84. 

  85. 	def get_db_name(self):

  86. 		"""get database name from conf"""

  87. 		return conf.db_name

  88. 

  89. 	def connect(self, ac_name = None):

  90. 		"""connect to db, from ac_name or db_name"""

  91. 		webnotes.local.conn = webnotes.db.Database(user = self.get_db_name(), \

  92. 			password = getattr(conf,'db_password', ''))

  93. 

  94. class LoginManager:

  95. 	def __init__(self):

  96. 		if webnotes.form_dict.get('cmd')=='login':

  97. 			# clear cache

  98. 			webnotes.clear_cache(user = webnotes.form_dict.get('usr'))

  99. 

  100. 			self.authenticate()

  101. 			self.post_login()

  102. 			info = webnotes.conn.get_value("Profile", self.user, ["user_type", "first_name", "last_name"], as_dict=1)

  103. 			if info.user_type=="Website User":

  104. 				webnotes._response.set_cookie("system_user", "no")

  105. 				webnotes.response["message"] = "No App"

  106. 			else:

  107. 				webnotes._response.set_cookie("system_user", "yes")

  108. 				webnotes.response['message'] = 'Logged In'

  109. 

  110. 			full_name = " ".join(filter(None, [info.first_name, info.last_name]))

  111. 			webnotes.response["full_name"] = full_name

  112. 			webnotes._response.set_cookie("full_name", full_name)

  113. 			webnotes._response.set_cookie("user_id", self.user)

  114. 

  115. 	def post_login(self):

  116. 		self.run_trigger('on_login')

  117. 		self.validate_ip_address()

  118. 		self.validate_hour()

  119. 	

  120. 	def authenticate(self, user=None, pwd=None):

  121. 		if not (user and pwd):	

  122. 			user, pwd = webnotes.form_dict.get('usr'), webnotes.form_dict.get('pwd')

  123. 		if not (user and pwd):

  124. 			self.fail('Incomplete login details')

  125. 		

  126. 		self.check_if_enabled(user)

  127. 		self.user = self.check_password(user, pwd)

  128. 	

  129. 	def check_if_enabled(self, user):

  130. 		"""raise exception if user not enabled"""

  131. 		from webnotes.utils import cint

  132. 		if user=='Administrator': return

  133. 		if not cint(webnotes.conn.get_value('Profile', user, 'enabled')):

  134. 			self.fail('User disabled or missing')

  135. 

  136. 	def check_password(self, user, pwd):

  137. 		"""check password"""

  138. 		user = webnotes.conn.sql("""select `user` from __Auth where `user`=%s 

  139. 			and `password`=password(%s)""", (user, pwd))

  140. 		if not user:

  141. 			self.fail('Incorrect password')

  142. 		else:

  143. 			return user[0][0] # in correct case

  144. 	

  145. 	def fail(self, message):

  146. 		webnotes.response['message'] = message

  147. 		raise webnotes.AuthenticationError

  148. 		

  149. 	

  150. 	def run_trigger(self, method='on_login'):

  151. 		for method in webnotes.get_hooks().get("method", []):

  152. 			webnotes.get_attr(method)(self)

  153. 	

  154. 	def validate_ip_address(self):

  155. 		"""check if IP Address is valid"""

  156. 		ip_list = webnotes.conn.get_value('Profile', self.user, 'restrict_ip', ignore=True)

  157. 		

  158. 		if not ip_list:

  159. 			return

  160. 

  161. 		ip_list = ip_list.replace(",", "\n").split('\n')

  162. 		ip_list = [i.strip() for i in ip_list]

  163. 

  164. 		for ip in ip_list:

  165. 			if webnotes.get_request_header('REMOTE_ADDR', '').startswith(ip) or webnotes.get_request_header('X-Forwarded-For', '').startswith(ip):

  166. 				return

  167. 			

  168. 		webnotes.msgprint('Not allowed from this IP Address')

  169. 		raise webnotes.AuthenticationError

  170. 

  171. 	def validate_hour(self):

  172. 		"""check if user is logging in during restricted hours"""

  173. 		login_before = int(webnotes.conn.get_value('Profile', self.user, 'login_before', ignore=True) or 0)

  174. 		login_after = int(webnotes.conn.get_value('Profile', self.user, 'login_after', ignore=True) or 0)

  175. 		

  176. 		if not (login_before or login_after):

  177. 			return

  178. 			

  179. 		from webnotes.utils import now_datetime

  180. 		current_hour = int(now_datetime().strftime('%H'))

  181. 				

  182. 		if login_before and current_hour > login_before:

  183. 			webnotes.msgprint('Not allowed to login after restricted hour', raise_exception=1)

  184. 

  185. 		if login_after and current_hour < login_after:

  186. 			webnotes.msgprint('Not allowed to login before restricted hour', raise_exception=1)

  187. 	

  188. 	def login_as_guest(self):

  189. 		"""login as guest"""

  190. 		self.user = 'Guest'

  191. 		self.post_login()

  192. 

  193. 	def logout(self, arg='', user=None):

  194. 		if not user: user = webnotes.session.user

  195. 		self.run_trigger('on_logout')

  196. 		if user in ['demo@erpnext.com', 'Administrator']:

  197. 			webnotes.conn.sql('delete from tabSessions where sid=%s', webnotes.session.get('sid'))

  198. 			webnotes.cache().delete_value("session:" + webnotes.session.get("sid"))

  199. 		else:

  200. 			from webnotes.sessions import clear_sessions

  201. 			clear_sessions(user)

  202. 

  203. 		if user == webnotes.session.user:

  204. 			webnotes.session.sid = ""

  205. 			webnotes._response.delete_cookie("full_name")

  206. 			webnotes._response.delete_cookie("user_id")

  207. 			webnotes._response.delete_cookie("sid")

  208. 			webnotes._response.set_cookie("full_name", "")

  209. 			webnotes._response.set_cookie("user_id", "")

  210. 			webnotes._response.set_cookie("sid", "")

  211. 

  212. class CookieManager:

  213. 	def __init__(self):

  214. 		pass

  215. 		

  216. 	def set_cookies(self):

  217. 		if not webnotes.session.get('sid'): return		

  218. 		import datetime

  219. 

  220. 		# sid expires in 3 days

  221. 		expires = datetime.datetime.now() + datetime.timedelta(days=3)

  222. 		if webnotes.session.sid:

  223. 			webnotes._response.set_cookie("sid", webnotes.session.sid, expires = expires)

  224. 		if webnotes.session.session_country:

  225. 			webnotes._response.set_cookie('country', webnotes.session.get("session_country"))

  226. 		

  227. 	def set_remember_me(self):

  228. 		from webnotes.utils import cint

  229. 		

  230. 		if not cint(webnotes.form_dict.get('remember_me')): return

  231. 		

  232. 		remember_days = webnotes.conn.get_value('Control Panel', None,

  233. 			'remember_for_days') or 7

  234. 			

  235. 		import datetime

  236. 		expires = datetime.datetime.now() + \

  237. 					datetime.timedelta(days=remember_days)

  238. 

  239. 		webnotes._response.set_cookie["remember_me"] = 1

  240. 

  241. 

  242. def _update_password(user, password):

  243. 	webnotes.conn.sql("""insert into __Auth (user, `password`) 

  244. 		values (%s, password(%s)) 

  245. 		on duplicate key update `password`=password(%s)""", (user, 

  246. 		password, password))

  247. 	

  248. @webnotes.whitelist()

  249. def get_logged_user():

  250. 	return webnotes.session.user