35
35
from ivle.webapp.base.plugins import CookiePlugin
36
36
import ivle.database
39
"""Determines whether the user is logged in or not (looking at sessions),
40
and if not, presents the login page. Returns a User object, or None
43
If the user was already logged in, nothing is written to req. Returns
44
the User object for the logged in user.
46
If the user was not logged in, but manages to authenticate due to
47
included postdata with a valid username/password, throws a redirect
48
back to the same page (to avoid leaving POSTDATA in the browser).
50
If the user is not logged in, or fails to authenticate, a full page is
51
written to req. Returns None. The caller should immediately terminate.
53
# Get the user details from the session, if already logged in
54
# (None means not logged in yet)
55
user = get_user_details(req)
57
# Check the session to see if someone is logged in. If so, go with it.
58
# No security is required here. You must have already been authenticated
59
# in order to get a 'login_name' variable in the session.
60
if user is not None and user.state == "enabled":
61
# Only allow users to authenticate if their account is ENABLED
66
# Check if there is any postdata containing login information
67
if user is None and req.method == 'POST':
68
fields = req.get_fieldstorage()
69
username = fields.getfirst('user')
70
password = fields.getfirst('pass')
71
if username is not None:
72
# From this point onwards, we will be showing an error message
76
badlogin = "No password supplied."
79
user = authenticate.authenticate(req.store,
80
username.value, password.value)
81
except AuthError, msg:
84
# Must have got an error. Do not authenticate.
86
elif user.password_expired:
87
badlogin = "Your password has expired."
88
elif user.account_expired:
89
badlogin = "Your account has expired."
91
# Success - Set the session and redirect to avoid POSTDATA
92
session = req.get_session()
93
session['login'] = user.login
95
user.last_login = datetime.datetime.now()
98
# Create cookies for plugins that might request them.
99
for plugin in req.plugin_index[CookiePlugin]:
100
for cookie in plugin.cookies:
101
# The function can be None if they just need to be
103
if plugin.cookies[cookie] is not None:
104
req.add_cookie(mod_python.Cookie.Cookie(cookie,
105
plugin.cookies[cookie](user), path='/'))
107
req.throw_redirect(req.uri)
109
# Present the HTML login page
110
req.content_type = "text/html"
112
req.write_html_head_foot = True
39
# XXX: Move this elsewhere, as it's just in storage now...
114
41
# User is not logged in or their account is not enabled.
115
42
if user is not None:
116
43
# Only possible if no errors occured thus far
139
66
req.store.commit()
140
67
req.throw_redirect(req.uri)
142
# Write the HTML for the login page
143
# If badlogin, display an error message indicating a failed login
144
req.write("""<div id="ivle_padding">
145
<p>Welcome to the Informatics Virtual Learning Environment.
146
Please log in to access your files and assessment.</p>
148
if badlogin is not None:
149
req.write("""<p class="error">%s</p>
151
req.write("""<form action="" method="post">
153
<tr><td>Username:</td><td><input name="user" type="text" /></td></tr>
154
<tr><td>Password:</td><td><input name="pass" type="password" /></td></tr>
155
<tr><td colspan="2"><input type="submit" value="Login" /></td></tr>
159
# Write the "Message of the Day" document, if it exists.
161
req.sendfile(ivle.conf.motd_path)
164
req.write('</div>\n')
168
69
def get_user_details(req):
169
70
"""Gets the name of the logged in user, without presenting a login box
170
71
or attempting to authenticate.