##// END OF EJS Templates
upstream » kallithea
RSS

Clone from https://kallithea-scm.org/repos/kallithea

implemented admin page login
marcink -
r45:a886f5eb default
parent child Browse files
Show More
Show file before | Show file after | Hide comments
@@ -9,6 +9,9 b' from mercurial import ui, hg'
9 from mercurial.error import RepoError
9 from mercurial.error import RepoError
10 from ConfigParser import ConfigParser
10 from ConfigParser import ConfigParser
11 from pylons_app.lib import auth
11 from pylons_app.lib import auth
12 from pylons_app.model.forms import LoginForm
13 import formencode
14 import formencode.htmlfill as htmlfill
12 log = logging.getLogger(__name__)
15 log = logging.getLogger(__name__)
13
16
14 class AdminController(BaseController):
17 class AdminController(BaseController):
@@ -16,10 +19,38 b' class AdminController(BaseController):'
16
19
17 def __before__(self):
20 def __before__(self):
18 c.staticurl = g.statics
21 c.staticurl = g.statics
19 c.admin_user = True
22 c.admin_user = session.get('admin_user')
23 c.admin_username = session.get('admin_username')
20
24
21 def index(self):
25 def index(self):
22 # Return a rendered template
26 # Return a rendered template
27 if request.POST:
28 #import Login Form validator class
29 login_form = LoginForm()
30
31 try:
32 c.form_result = login_form.to_python(dict(request.params))
33 if auth.authfunc(None, c.form_result['username'], c.form_result['password']) and\
34 c.form_result['username'] == 'admin':
35 session['admin_user'] = True
36 session['admin_username'] = c.form_result['username']
37 session.save()
38 return redirect(url('admin_home'))
39 else:
40 raise formencode.Invalid('Login Error', None, None,
41 error_dict={'username':'invalid login',
42 'password':'invalid password'})
43
44 except formencode.Invalid, error:
45 c.form_result = error.value
46 c.form_errors = error.error_dict or {}
47 html = render('/admin.html')
48
49 return htmlfill.render(
50 html,
51 defaults=c.form_result,
52 encoding="UTF-8"
53 )
23 return render('/admin.html')
54 return render('/admin.html')
24
55
25 def repos_manage(self):
56 def repos_manage(self):
Show file before | Show file after | Hide comments
@@ -23,32 +23,30 b' def authfunc(environ, username, password'
23 except sqlite3.OperationalError as e:
23 except sqlite3.OperationalError as e:
24 data = None
24 data = None
25 log.error(e)
25 log.error(e)
26
27 if data:
26 if data:
28 if data[3]:
27 if data[3]:
29 if data[1] == username and data[2] == password_crypt:
28 if data[1] == username and data[2] == password_crypt:
30 log.info('user %s authenticated correctly', username)
29 log.info('user %s authenticated correctly', username)
31
30 if environ:
32 http_accept = environ.get('HTTP_ACCEPT')
31 http_accept = environ.get('HTTP_ACCEPT')
33
32
34 if http_accept.startswith('application/mercurial') or \
33 if http_accept.startswith('application/mercurial') or \
35 environ['PATH_INFO'].find('raw-file') != -1:
34 environ['PATH_INFO'].find('raw-file') != -1:
36 cmd = environ['PATH_INFO']
35 cmd = environ['PATH_INFO']
37 for qry in environ['QUERY_STRING'].split('&'):
36 for qry in environ['QUERY_STRING'].split('&'):
38 if qry.startswith('cmd'):
37 if qry.startswith('cmd'):
39 cmd += "|" + qry
38 cmd += "|" + qry
40
41 try:
42 cur.execute('''INSERT INTO
43 user_logs
44 VALUES(?,?,?,?)''',
45 (None, data[0], cmd, datetime.now()))
46 conn.commit()
47 except Exception as e:
48 conn.rollback()
49 log.error(e)
50
51
39
40 try:
41 cur.execute('''INSERT INTO
42 user_logs
43 VALUES(?,?,?,?)''',
44 (None, data[0], cmd, datetime.now()))
45 conn.commit()
46 except Exception as e:
47 conn.rollback()
48 log.error(e)
49
52 return True
50 return True
53 else:
51 else:
54 log.error('user %s is disabled', username)
52 log.error('user %s is disabled', username)
Show file before | Show file after | Hide comments
@@ -12,7 +12,7 b' from webhelpers.html.tags import (auto_d'
12 javascript_link, link_to, link_to_if,
12 javascript_link, link_to, link_to_if,
13 link_to_unless, ol, required_legend,
13 link_to_unless, ol, required_legend,
14 select, stylesheet_link,
14 select, stylesheet_link,
15 submit, text, textarea, title, ul, xml_declaration)
15 submit, text, password, textarea, title, ul, xml_declaration)
16 from webhelpers.text import (chop_at, collapse, convert_accented_entities,
16 from webhelpers.text import (chop_at, collapse, convert_accented_entities,
17 convert_misc_characters, convert_misc_entities,
17 convert_misc_characters, convert_misc_entities,
18 lchop, plural, rchop, remove_formatting, replace_whitespace,
18 lchop, plural, rchop, remove_formatting, replace_whitespace,
Show file before | Show file after | Hide comments
@@ -31,33 +31,28 b' class ValidAuthToken(formencode.validato'
31 def validate_python(self, value, state):
31 def validate_python(self, value, state):
32
32
33 if value != authentication_token():
33 if value != authentication_token():
34 raise formencode.Invalid(self.message('invalid_token', state, search_number = value), value, state)
34 raise formencode.Invalid(self.message('invalid_token', state, search_number=value), value, state)
35
35
36
36
37 class WireTransferForm(object):
37 class LoginForm(formencode.Schema):
38 '''
38 allow_extra_fields = True
39 A factory wrapper class. It might return the instance of class for a validation, but also it can
39 filter_extra_fields = True
40 return the list for select fields values.
40 username = UnicodeString(
41 @param ret_type: type to return defaut: 'class'
41 strip=True,
42 '''
42 min=3,
43 #class attributes here
43 not_empty=True,
44 #it might be fetched from db,from models and so on
44 messages={
45 recipients_list = [
45 'empty':_('Please enter a login'),
46 (1, 'a'),
46 'tooShort':_('Enter a value %(min)i characters long or more')}
47 (2, 'b')
47 )
48 ]
49
48
50 def _form(self):
49 password = UnicodeString(
51 class _WireTransferForm(formencode.Schema):
50 strip=True,
52 allow_extra_fields = True
51 min=3,
53 _authentication_token = ValidAuthToken()
52 not_empty=True,
54 account_number = Regex(r'[0-9]{26}', not_empty = True, messages = {
53 messages={
55 'invalid': _("Account number is invalid, it must be 26 digits")})
54 'empty':_('Please enter a password'),
56 title = UnicodeString(not_empty = True, min = 3, strip = True)
55 'tooShort':_('Enter a value %(min)i characters long or more')}
57 recipient = formencode.All(OneOf([i[0] for i in WireTransferForm.recipients_list],
56 )
58 testValueList = True, hideList = True), Int())
59 recipient_address = UnicodeString(not_empty = True, strip = True)
60 amount = Number(not_empty = True, min = 1)
61
57
62 return _WireTransferForm()
63
58
Show file before | Show file after | Hide comments
@@ -1,5 +1,14 b''
1 ## -*- coding: utf-8 -*-
1 ## -*- coding: utf-8 -*-
2 <%inherit file="base/base.html"/>
2 <%inherit file="base/base.html"/>
3 <%def name="get_form_error(element)">
4 %if type(c.form_errors) == dict:
5 %if c.form_errors.get(element,False):
6 <span class="error-message">
7 ${c.form_errors.get(element,'')}
8 </span>
9 %endif
10 %endif
11 </%def>
3 <%def name="title()">
12 <%def name="title()">
4 ${_('Repository managment')}
13 ${_('Repository managment')}
5 </%def>
14 </%def>
@@ -36,10 +45,12 b''
36 <tr>
45 <tr>
37 <td>${_('Username')}</td>
46 <td>${_('Username')}</td>
38 <td>${h.text('username')}</td>
47 <td>${h.text('username')}</td>
48 <td>${get_form_error('username')} </td>
39 </tr>
49 </tr>
40 <tr>
50 <tr>
41 <td>${_('Password')}</td>
51 <td>${_('Password')}</td>
42 <td>${h.text('password')}</td>
52 <td>${h.password('password')}</td>
53 <td>${get_form_error('password')}</td>
43 </tr>
54 </tr>
44 <tr>
55 <tr>
45 <td></td>
56 <td></td>
Show file before | Show file after | Hide comments
@@ -9,7 +9,7 b''
9 <h1>${c.repos_prefix} Mercurial Repositories</h1>
9 <h1>${c.repos_prefix} Mercurial Repositories</h1>
10 <ul class="page-nav">
10 <ul class="page-nav">
11 <li class="current">Home</li>
11 <li class="current">Home</li>
12 <li>${h.link_to(u'Admin',h.url('admin_home'))}</li>
12 <li><a href="/_admin/">Admin</a></li>
13 </ul>
13 </ul>
14 </div>
14 </div>
15
15
General Comments 0
You need to be logged in to leave comments. Login now