anoopmb
/
frappe
1
0
Forka 0
Codice Problemi 0 Pull Requests 0 Rilasci 0 Wiki Attività
Non puoi selezionare più di 25 argomenti Gli argomenti devono iniziare con una lettera o un numero, possono includere trattini ('-') e possono essere lunghi fino a 35 caratteri.
2888 Commit
1 Ramo (Branch)
314 MiB
 
 
 
 
 
 
Albero (Tree): a83f391c67
Rami (Branch) Tag
${ item.name }
Crea branch ${ searchTerm }
da 'a83f391c67'
${ noResults }
frappe/webnotes/auth.py

287 righe
8.6 KiB
Originale Blame Cronologia 

  1. # Copyright (c) 2012 Web Notes Technologies Pvt Ltd (http://erpnext.com)

  2. # 

  3. # MIT License (MIT)

  4. # 

  5. # Permission is hereby granted, free of charge, to any person obtaining a 

  6. # copy of this software and associated documentation files (the "Software"), 

  7. # to deal in the Software without restriction, including without limitation 

  8. # the rights to use, copy, modify, merge, publish, distribute, sublicense, 

  9. # and/or sell copies of the Software, and to permit persons to whom the 

  10. # Software is furnished to do so, subject to the following conditions:

  11. # 

  12. # The above copyright notice and this permission notice shall be included in 

  13. # all copies or substantial portions of the Software.

  14. # 

  15. # THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, 

  16. # INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A 

  17. # PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT 

  18. # HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF 

  19. # CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE 

  20. # OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.

  21. # 

  22. 

  23. from __future__ import unicode_literals

  24. import webnotes

  25. import webnotes.db

  26. import webnotes.utils

  27. import webnotes.profile

  28. import conf

  29. from webnotes.sessions import Session

  30. 

  31. 

  32. class HTTPRequest:

  33. 	def __init__(self):

  34. 

  35. 		# Get Environment variables

  36. 		self.domain = webnotes.get_env_vars('HTTP_HOST')

  37. 		if self.domain and self.domain.startswith('www.'):

  38. 			self.domain = self.domain[4:]

  39. 

  40. 		# language

  41. 		self.set_lang(webnotes.get_env_vars('HTTP_ACCEPT_LANGUAGE'))

  42. 		

  43. 		webnotes.remote_ip = webnotes.get_env_vars('REMOTE_ADDR')

  44. 

  45. 		# load cookies

  46. 		webnotes.cookie_manager = CookieManager()

  47. 

  48. 		webnotes.request_method = webnotes.get_env_vars("REQUEST_METHOD")

  49. 		

  50. 		# override request method. All request to be of type POST, but if _type == "POST" then commit

  51. 		if webnotes.form_dict.get("_type"):

  52. 			webnotes.request_method = webnotes.form_dict.get("_type")

  53. 			del webnotes.form_dict["_type"]

  54. 

  55. 		# set db

  56. 		self.connect()

  57. 

  58. 		# login

  59. 		webnotes.login_manager = LoginManager()

  60. 

  61. 		# start session

  62. 		webnotes.session_obj = Session()

  63. 		webnotes.session = webnotes.session_obj.data

  64. 

  65. 		# check status

  66. 		if webnotes.conn.get_global("__session_status")=='stop':

  67. 			webnotes.msgprint(webnotes.conn.get_global("__session_status_message"))

  68. 			raise webnotes.SessionStopped('Session Stopped')

  69. 

  70. 		# load profile

  71. 		self.setup_profile()

  72. 

  73. 		# run login triggers

  74. 		if webnotes.form_dict.get('cmd')=='login':

  75. 			webnotes.login_manager.run_trigger('on_login_post_session')

  76. 

  77. 		# write out cookies

  78. 		webnotes.cookie_manager.set_cookies()

  79. 

  80. 	def set_lang(self, lang):

  81. 		try:

  82. 			from startup import lang_list

  83. 		except ImportError, e:

  84. 			return

  85. 		

  86. 		if not lang: 

  87. 			return

  88. 		if ";" in lang: # not considering weightage

  89. 			lang = lang.split(";")[0]

  90. 		if "," in lang:

  91. 			lang = lang.split(",")

  92. 		else:

  93. 			lang = [lang]

  94. 		

  95. 		for l in lang:

  96. 			code = l.strip()

  97. 			if code in lang_list:

  98. 				webnotes.lang = code

  99. 				return

  100. 				

  101. 			# check if parent language (pt) is setup, if variant (pt-BR)

  102. 			if "-" in code:

  103. 				code = code.split("-")[0]

  104. 				if code in lang_list:

  105. 					webnotes.lang = code

  106. 					return

  107. 

  108. 	def setup_profile(self):

  109. 		webnotes.user = webnotes.profile.Profile()

  110. 

  111. 	def get_db_name(self):

  112. 		"""get database name from conf"""

  113. 		return conf.db_name

  114. 

  115. 	def connect(self, ac_name = None):

  116. 		"""connect to db, from ac_name or db_name"""

  117. 		webnotes.conn = webnotes.db.Database(user = self.get_db_name(), \

  118. 			password = getattr(conf,'db_password', ''))

  119. 

  120. class LoginManager:

  121. 	def __init__(self):

  122. 		if webnotes.form_dict.get('cmd')=='login':

  123. 			# clear cache

  124. 			from webnotes.sessions import clear_cache

  125. 			clear_cache(webnotes.form_dict.get('usr'))

  126. 

  127. 			self.authenticate()

  128. 			self.post_login()

  129. 			info = webnotes.conn.get_value("Profile", self.user, ["user_type", "first_name", "last_name"], as_dict=1)

  130. 			if info.user_type=="Partner":

  131. 				webnotes.response["message"] = "No App"

  132. 				full_name = " ".join(filter(None, [info.first_name, info.last_name]))

  133. 				webnotes.response["full_name"] = full_name

  134. 				webnotes.add_cookies["full_name"] = full_name

  135. 			else:

  136. 				webnotes.response['message'] = 'Logged In'

  137. 	

  138. 	def post_login(self):

  139. 		self.run_trigger()

  140. 		self.validate_ip_address()

  141. 		self.validate_hour()

  142. 	

  143. 	def authenticate(self, user=None, pwd=None):

  144. 		if not (user and pwd):	

  145. 			user, pwd = webnotes.form_dict.get('usr'), webnotes.form_dict.get('pwd')

  146. 		if not (user and pwd):

  147. 			self.fail('Incomplete login details')

  148. 		

  149. 		self.check_if_enabled(user)

  150. 		self.user = self.check_password(user, pwd)

  151. 	

  152. 	def check_if_enabled(self, user):

  153. 		"""raise exception if user not enabled"""

  154. 		from webnotes.utils import cint

  155. 		if user=='Administrator': return

  156. 		if not cint(webnotes.conn.get_value('Profile', user, 'enabled')):

  157. 			self.fail('User disabled or missing')

  158. 

  159. 	def check_password(self, user, pwd):

  160. 		"""check password"""

  161. 		user = webnotes.conn.sql("""select `user` from __Auth where `user`=%s 

  162. 			and `password`=password(%s)""", (user, pwd))

  163. 		if not user:

  164. 			self.fail('Incorrect password')

  165. 		else:

  166. 			return user[0][0] # in correct case

  167. 	

  168. 	def fail(self, message):

  169. 		webnotes.response['message'] = message

  170. 		raise webnotes.AuthenticationError

  171. 		

  172. 	

  173. 	def run_trigger(self, method='on_login'):

  174. 		try:

  175. 			from startup import event_handlers

  176. 			if hasattr(event_handlers, method):

  177. 				getattr(event_handlers, method)(self)

  178. 			return

  179. 		except ImportError, e:

  180. 			pass

  181. 	

  182. 	def validate_ip_address(self):

  183. 		"""check if IP Address is valid"""

  184. 		ip_list = webnotes.conn.get_value('Profile', self.user, 'restrict_ip', ignore=True)

  185. 		

  186. 		if not ip_list:

  187. 			return

  188. 

  189. 		ip_list = ip_list.replace(",", "\n").split('\n')

  190. 		ip_list = [i.strip() for i in ip_list]

  191. 

  192. 		for ip in ip_list:

  193. 			if webnotes.remote_ip.startswith(ip):

  194. 				return

  195. 			

  196. 		webnotes.msgprint('Not allowed from this IP Address')

  197. 		raise webnotes.AuthenticationError

  198. 

  199. 	def validate_hour(self):

  200. 		"""check if user is logging in during restricted hours"""

  201. 		login_before = int(webnotes.conn.get_value('Profile', self.user, 'login_before', ignore=True) or 0)

  202. 		login_after = int(webnotes.conn.get_value('Profile', self.user, 'login_after', ignore=True) or 0)

  203. 		

  204. 		if not (login_before or login_after):

  205. 			return

  206. 			

  207. 		from webnotes.utils import now_datetime

  208. 		current_hour = int(now_datetime().strftime('%H'))

  209. 				

  210. 		if login_before and current_hour > login_before:

  211. 			webnotes.msgprint('Not allowed to login after restricted hour', raise_exception=1)

  212. 

  213. 		if login_after and current_hour < login_after:

  214. 			webnotes.msgprint('Not allowed to login before restricted hour', raise_exception=1)

  215. 	

  216. 	def login_as_guest(self):

  217. 		"""login as guest"""

  218. 		self.user = 'Guest'

  219. 		self.post_login()

  220. 

  221. 	def logout(self, arg='', user=None):

  222. 		if not user: user = webnotes.session.user

  223. 		self.user = user

  224. 		self.run_trigger('on_logout')

  225. 		if user in ['demo@erpnext.com', 'Administrator']:

  226. 			webnotes.conn.sql('delete from tabSessions where sid=%s', webnotes.session.get('sid'))

  227. 			webnotes.cache().delete_value("session:" + webnotes.session.get("sid"))

  228. 		else:

  229. 			from webnotes.sessions import clear_sessions

  230. 			clear_sessions(user)

  231. 		webnotes.add_cookies["full_name"] = ""

  232. 			

  233. 			

  234. class CookieManager:

  235. 	def __init__(self):

  236. 		import Cookie

  237. 		webnotes.cookies = Cookie.SimpleCookie()

  238. 		self.get_incoming_cookies()

  239. 

  240. 	def get_incoming_cookies(self):

  241. 		import os

  242. 		cookies = {}

  243. 		if 'HTTP_COOKIE' in os.environ:

  244. 			c = os.environ['HTTP_COOKIE']

  245. 			webnotes.cookies.load(c)

  246. 			for c in webnotes.cookies.values():

  247. 				cookies[c.key] = c.value

  248. 					

  249. 		webnotes.incoming_cookies = cookies

  250. 		

  251. 	def set_cookies(self):		

  252. 		if not webnotes.session.get('sid'): return		

  253. 		import datetime

  254. 

  255. 		# sid expires in 3 days

  256. 		expires = datetime.datetime.now() + datetime.timedelta(days=3)

  257. 		expires = expires.strftime('%a, %d %b %Y %H:%M:%S')

  258. 		

  259. 		webnotes.cookies[b'sid'] = webnotes.session['sid'].encode('utf-8')

  260. 		webnotes.cookies[b'sid'][b'expires'] = expires.encode('utf-8')

  261. 		

  262. 		webnotes.cookies[b'country'] = webnotes.session.get("session_country")

  263. 		

  264. 	def set_remember_me(self):

  265. 		from webnotes.utils import cint

  266. 		

  267. 		if not cint(webnotes.form_dict.get('remember_me')): return

  268. 		

  269. 		remember_days = webnotes.conn.get_value('Control Panel', None,

  270. 			'remember_for_days') or 7

  271. 			

  272. 		import datetime

  273. 		expires = datetime.datetime.now() + \

  274. 					datetime.timedelta(days=remember_days)

  275. 		expires = expires.strftime('%a, %d %b %Y %H:%M:%S')

  276. 

  277. 		webnotes.cookies[b'remember_me'] = 1

  278. 		for k in webnotes.cookies.keys():

  279. 			webnotes.cookies[k][b'expires'] = expires.encode('utf-8')

  280. 

  281. 

  282. def update_password(user, password):

  283. 	webnotes.conn.sql("""insert into __Auth (user, `password`) 

  284. 		values (%s, password(%s)) 

  285. 		on duplicate key update `password`=password(%s)""", (user, 

  286. 		password, password))

  287.