anoopmb
/
frappe
1
0
Derivar 0
Código Questões 0 Pedidos de integração 0 Lançamentos 0 Wiki Trabalho
Não pode escolher mais do que 25 tópicos Os tópicos devem começar com uma letra ou um número, podem incluir traços ('-') e podem ter até 35 caracteres.
2496 Cometimentos
1 Ramo
314 MiB
 
 
 
 
 
 
Árvore: e06b12b0ad
Ramos Etiquetas
${ item.name }
Criar ramo ${ searchTerm }
de 'e06b12b0ad'
${ noResults }
frappe/webnotes/auth.py

277 linhas
8.2 KiB
Em bruto Responsabilidade Histórico 

  1. # Copyright (c) 2012 Web Notes Technologies Pvt Ltd (http://erpnext.com)

  2. # 

  3. # MIT License (MIT)

  4. # 

  5. # Permission is hereby granted, free of charge, to any person obtaining a 

  6. # copy of this software and associated documentation files (the "Software"), 

  7. # to deal in the Software without restriction, including without limitation 

  8. # the rights to use, copy, modify, merge, publish, distribute, sublicense, 

  9. # and/or sell copies of the Software, and to permit persons to whom the 

  10. # Software is furnished to do so, subject to the following conditions:

  11. # 

  12. # The above copyright notice and this permission notice shall be included in 

  13. # all copies or substantial portions of the Software.

  14. # 

  15. # THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, 

  16. # INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A 

  17. # PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT 

  18. # HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF 

  19. # CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE 

  20. # OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.

  21. # 

  22. 

  23. from __future__ import unicode_literals

  24. import webnotes

  25. import webnotes.db

  26. import webnotes.utils

  27. import webnotes.profile

  28. import conf

  29. from webnotes.sessions import Session

  30. 

  31. 

  32. class HTTPRequest:

  33. 	def __init__(self):

  34. 

  35. 		# Get Environment variables

  36. 		self.domain = webnotes.get_env_vars('HTTP_HOST')

  37. 		if self.domain and self.domain.startswith('www.'):

  38. 			self.domain = self.domain[4:]

  39. 

  40. 		# language

  41. 		self.set_lang(webnotes.get_env_vars('HTTP_ACCEPT_LANGUAGE'))

  42. 		

  43. 		webnotes.remote_ip = webnotes.get_env_vars('REMOTE_ADDR')

  44. 

  45. 		# load cookies

  46. 		webnotes.cookie_manager = CookieManager()

  47. 

  48. 		webnotes.request_method = webnotes.get_env_vars("REQUEST_METHOD")

  49. 		

  50. 		# override request method. All request to be of type POST, but if _type == "POST" then commit

  51. 		if webnotes.form_dict.get("_type"):

  52. 			webnotes.request_method = webnotes.form_dict.get("_type")

  53. 			del webnotes.form_dict["_type"]

  54. 

  55. 		# set db

  56. 		self.connect()

  57. 

  58. 		# login

  59. 		webnotes.login_manager = LoginManager()

  60. 

  61. 		# start session

  62. 		webnotes.session_obj = Session()

  63. 		webnotes.session = webnotes.session_obj.data

  64. 

  65. 		# check status

  66. 		if webnotes.conn.get_global("__session_status")=='stop':

  67. 			webnotes.msgprint(webnotes.conn.get_global("__session_status_message"))

  68. 			raise webnotes.SessionStopped('Session Stopped')

  69. 

  70. 		# load profile

  71. 		self.setup_profile()

  72. 

  73. 		# run login triggers

  74. 		if webnotes.form_dict.get('cmd')=='login':

  75. 			webnotes.login_manager.run_trigger('on_login_post_session')

  76. 

  77. 		# write out cookies

  78. 		webnotes.cookie_manager.set_cookies()

  79. 

  80. 	def set_lang(self, lang):

  81. 		try:

  82. 			from startup import lang_list

  83. 		except ImportError, e:

  84. 			return

  85. 		

  86. 		if not lang: 

  87. 			return

  88. 		if ";" in lang: # not considering weightage

  89. 			lang = lang.split(";")[0]

  90. 		if "," in lang:

  91. 			lang = lang.split(",")

  92. 		else:

  93. 			lang = [lang]

  94. 		

  95. 		for l in lang:

  96. 			code = l.strip()

  97. 			if code in lang_list:

  98. 				webnotes.lang = code

  99. 				return

  100. 				

  101. 			# check if parent language (pt) is setup, if variant (pt-BR)

  102. 			if "-" in code:

  103. 				code = code.split("-")[0]

  104. 				if code in lang_list:

  105. 					webnotes.lang = code

  106. 					return

  107. 

  108. 	def setup_profile(self):

  109. 		webnotes.user = webnotes.profile.Profile()

  110. 

  111. 	def get_db_name(self):

  112. 		"""get database name from conf"""

  113. 		return conf.db_name

  114. 

  115. 	def connect(self, ac_name = None):

  116. 		"""connect to db, from ac_name or db_name"""

  117. 		webnotes.conn = webnotes.db.Database(user = self.get_db_name(), \

  118. 			password = getattr(conf,'db_password', ''))

  119. 

  120. class LoginManager:

  121. 	def __init__(self):

  122. 		if webnotes.form_dict.get('cmd')=='login':

  123. 			# clear cache

  124. 			from webnotes.sessions import clear_cache

  125. 			clear_cache(webnotes.form_dict.get('usr'))				

  126. 

  127. 			self.authenticate()

  128. 			self.post_login()

  129. 			webnotes.response['message'] = 'Logged In'

  130. 	

  131. 	def post_login(self):

  132. 		self.run_trigger()

  133. 		self.validate_ip_address()

  134. 		self.validate_hour()

  135. 	

  136. 	def authenticate(self, user=None, pwd=None):

  137. 		if not (user and pwd):	

  138. 			user, pwd = webnotes.form_dict.get('usr'), webnotes.form_dict.get('pwd')

  139. 		if not (user and pwd):

  140. 			self.fail('Incomplete login details')

  141. 		

  142. 		self.check_if_enabled(user)

  143. 		self.user = self.check_password(user, pwd)

  144. 	

  145. 	def check_if_enabled(self, user):

  146. 		"""raise exception if user not enabled"""

  147. 		from webnotes.utils import cint

  148. 		if user=='Administrator': return

  149. 		if not cint(webnotes.conn.get_value('Profile', user, 'enabled')):

  150. 			self.fail('User disabled or missing')

  151. 

  152. 	def check_password(self, user, pwd):

  153. 		"""check password"""

  154. 		user = webnotes.conn.sql("""select `user` from __Auth where `user`=%s 

  155. 			and `password`=password(%s)""", (user, pwd))

  156. 		if not user:

  157. 			self.fail('Incorrect password')

  158. 		else:

  159. 			return user[0][0] # in correct case

  160. 	

  161. 	def fail(self, message):

  162. 		webnotes.response['message'] = message

  163. 		raise webnotes.AuthenticationError

  164. 		

  165. 	

  166. 	def run_trigger(self, method='on_login'):

  167. 		try:

  168. 			from startup import event_handlers

  169. 			if hasattr(event_handlers, method):

  170. 				getattr(event_handlers, method)(self)

  171. 			return

  172. 		except ImportError, e:

  173. 			pass

  174. 	

  175. 	def validate_ip_address(self):

  176. 		"""check if IP Address is valid"""

  177. 		ip_list = webnotes.conn.get_value('Profile', self.user, 'restrict_ip', ignore=True)

  178. 		

  179. 		if not ip_list:

  180. 			return

  181. 

  182. 		ip_list = ip_list.replace(",", "\n").split('\n')

  183. 		ip_list = [i.strip() for i in ip_list]

  184. 

  185. 		for ip in ip_list:

  186. 			if webnotes.remote_ip.startswith(ip):

  187. 				return

  188. 			

  189. 		webnotes.msgprint('Not allowed from this IP Address')

  190. 		raise webnotes.AuthenticationError

  191. 

  192. 	def validate_hour(self):

  193. 		"""check if user is logging in during restricted hours"""

  194. 		login_before = int(webnotes.conn.get_value('Profile', self.user, 'login_before', ignore=True) or 0)

  195. 		login_after = int(webnotes.conn.get_value('Profile', self.user, 'login_after', ignore=True) or 0)

  196. 		

  197. 		if not (login_before or login_after):

  198. 			return

  199. 			

  200. 		from webnotes.utils import now_datetime

  201. 		current_hour = int(now_datetime().strftime('%H'))

  202. 				

  203. 		if login_before and current_hour > login_before:

  204. 			webnotes.msgprint('Not allowed to login after restricted hour', raise_exception=1)

  205. 

  206. 		if login_after and current_hour < login_after:

  207. 			webnotes.msgprint('Not allowed to login before restricted hour', raise_exception=1)

  208. 	

  209. 	def login_as_guest(self):

  210. 		"""login as guest"""

  211. 		self.user = 'Guest'

  212. 		self.post_login()

  213. 

  214. 	def logout(self, arg='', user=None):

  215. 		if not user: user = webnotes.session.user

  216. 		self.user = user

  217. 		self.run_trigger('on_logout')

  218. 		if user in ['demo@erpnext.com', 'Administrator']:

  219. 			webnotes.conn.sql('delete from tabSessions where sid=%s', webnotes.session.get('sid'))

  220. 			webnotes.cache().delete_value("session:" + webnotes.session.get("sid"))

  221. 		else:

  222. 			from webnotes.sessions import clear_sessions

  223. 			clear_sessions(user)

  224. 			

  225. class CookieManager:

  226. 	def __init__(self):

  227. 		import Cookie

  228. 		webnotes.cookies = Cookie.SimpleCookie()

  229. 		self.get_incoming_cookies()

  230. 

  231. 	def get_incoming_cookies(self):

  232. 		import os

  233. 		cookies = {}

  234. 		if 'HTTP_COOKIE' in os.environ:

  235. 			c = os.environ['HTTP_COOKIE']

  236. 			webnotes.cookies.load(c)

  237. 			for c in webnotes.cookies.values():

  238. 				cookies[c.key] = c.value

  239. 					

  240. 		webnotes.incoming_cookies = cookies

  241. 		

  242. 	def set_cookies(self):		

  243. 		if not webnotes.session.get('sid'): return		

  244. 		import datetime

  245. 

  246. 		# sid expires in 3 days

  247. 		expires = datetime.datetime.now() + datetime.timedelta(days=3)

  248. 		expires = expires.strftime('%a, %d %b %Y %H:%M:%S')

  249. 		

  250. 		webnotes.cookies[b'sid'] = webnotes.session['sid'].encode('utf-8')

  251. 		webnotes.cookies[b'sid'][b'expires'] = expires.encode('utf-8')

  252. 		webnotes.cookies[b'sid'][b'path'] = b'/'

  253. 		

  254. 	def set_remember_me(self):

  255. 		from webnotes.utils import cint

  256. 		

  257. 		if not cint(webnotes.form_dict.get('remember_me')): return

  258. 		

  259. 		remember_days = webnotes.conn.get_value('Control Panel', None,

  260. 			'remember_for_days') or 7

  261. 			

  262. 		import datetime

  263. 		expires = datetime.datetime.now() + \

  264. 					datetime.timedelta(days=remember_days)

  265. 		expires = expires.strftime('%a, %d %b %Y %H:%M:%S')

  266. 

  267. 		webnotes.cookies[b'remember_me'] = 1

  268. 		for k in webnotes.cookies.keys():

  269. 			webnotes.cookies[k][b'expires'] = expires.encode('utf-8')

  270. 

  271. 

  272. def update_password(user, password):

  273. 	webnotes.conn.sql("""insert into __Auth (user, `password`) 

  274. 		values (%s, password(%s)) 

  275. 		on duplicate key update `password`=password(%s)""", (user, 

  276. 		password, password))

  277.