Show More
| @@ -41,15 +41,16 b' except ImportError:' | |||||
| 41 | class AuthenticatedHandler(web.RequestHandler): |
|
41 | class AuthenticatedHandler(web.RequestHandler): | |
| 42 | """A RequestHandler with an authenticated user.""" |
|
42 | """A RequestHandler with an authenticated user.""" | |
| 43 | def get_current_user(self): |
|
43 | def get_current_user(self): | |
| 44 |
|
|
44 | user_id = self.get_secure_cookie("user") | |
| 45 |
if |
|
45 | if user_id == '': | |
| 46 | # cookie doesn't exist, or is invalid. Clear to prevent repeated |
|
46 | user_id = 'anonymous' | |
| 47 | # 'Invalid cookie signature' warnings. |
|
47 | if user_id is None: | |
| 48 | self.clear_cookie('password') |
|
48 | # prevent extra Invalid cookie sig warnings: | |
| 49 |
self.clear_cookie( |
|
49 | self.clear_cookie('user') | |
| 50 | if self.application.password and self.application.password != password: |
|
50 | if not self.application.password: | |
| 51 | return None |
|
51 | user_id = 'anonymous' | |
| 52 | return self.get_secure_cookie("user") or 'anonymous' |
|
52 | return user_id | |
|
|
53 | ||||
| 53 |
|
54 | |||
| 54 | class NBBrowserHandler(AuthenticatedHandler): |
|
55 | class NBBrowserHandler(AuthenticatedHandler): | |
| 55 | @web.authenticated |
|
56 | @web.authenticated | |
| @@ -64,8 +65,9 b' class LoginHandler(AuthenticatedHandler):' | |||||
| 64 | self.render('login.html', user_id=user_id) |
|
65 | self.render('login.html', user_id=user_id) | |
| 65 |
|
66 | |||
| 66 | def post(self): |
|
67 | def post(self): | |
|
|
68 | pwd = self.get_argument("password", default=u'') | |||
|
|
69 | if self.application.password and pwd == self.application.password: | |||
| 67 | self.set_secure_cookie("user", self.get_argument("name", default=u'')) |
|
70 | self.set_secure_cookie("user", self.get_argument("name", default=u'')) | |
| 68 | self.set_secure_cookie("password", self.get_argument("password", default=u'')) |
|
|||
| 69 | url = self.get_argument("next", default="/") |
|
71 | url = self.get_argument("next", default="/") | |
| 70 | self.redirect(url) |
|
72 | self.redirect(url) | |
| 71 |
|
73 | |||
| @@ -176,13 +178,10 b' class AuthenticatedZMQStreamHandler(ZMQStreamHandler):' | |||||
| 176 | self.on_message = self.on_first_message |
|
178 | self.on_message = self.on_first_message | |
| 177 |
|
179 | |||
| 178 | def get_current_user(self): |
|
180 | def get_current_user(self): | |
| 179 |
|
|
181 | user_id = self.get_secure_cookie("user") | |
| 180 | if password is None: |
|
182 | if user_id == '' or (user_id is None and not self.application.password): | |
| 181 | # clear cookies, to prevent future Invalid cookie signature warnings |
|
183 | user_id = 'anonymous' | |
| 182 | self._cookies = Cookie.SimpleCookie() |
|
184 | return user_id | |
| 183 | if self.application.password and self.application.password != password: |
|
|||
| 184 | return None |
|
|||
| 185 | return self.get_secure_cookie("user") or 'anonymous' |
|
|||
| 186 |
|
185 | |||
| 187 | def _inject_cookie_message(self, msg): |
|
186 | def _inject_cookie_message(self, msg): | |
| 188 | """Inject the first message, which is the document cookie, |
|
187 | """Inject the first message, which is the document cookie, | |
General Comments 0
You need to be logged in to leave comments.
Login now