|
|
import sqlite3
|
|
|
import os
|
|
|
import logging
|
|
|
from os.path import dirname as dn
|
|
|
from datetime import datetime
|
|
|
import crypt
|
|
|
|
|
|
log = logging.getLogger(__name__)
|
|
|
ROOT = dn(dn(dn(os.path.realpath(__file__))))
|
|
|
|
|
|
def get_sqlite_conn_cur():
|
|
|
conn = sqlite3.connect(os.path.join(ROOT, 'auth.sqlite'))
|
|
|
cur = conn.cursor()
|
|
|
return conn, cur
|
|
|
|
|
|
|
|
|
def admin_auth(username, password):
|
|
|
conn, cur = get_sqlite_conn_cur()
|
|
|
password_crypt = crypt.crypt(password, '6a')
|
|
|
|
|
|
try:
|
|
|
cur.execute("SELECT * FROM users WHERE username=?", (username,))
|
|
|
data = cur.fetchone()
|
|
|
except sqlite3.OperationalError as e:
|
|
|
data = None
|
|
|
log.error(e)
|
|
|
|
|
|
if data:
|
|
|
if data[3]:
|
|
|
if data[1] == username and data[2] == password_crypt and data[4]:
|
|
|
log.info('user %s authenticated correctly', username)
|
|
|
return True
|
|
|
else:
|
|
|
log.error('user %s is disabled', username)
|
|
|
|
|
|
return False
|
|
|
|
|
|
def authfunc(environ, username, password):
|
|
|
conn, cur = get_sqlite_conn_cur()
|
|
|
password_crypt = crypt.crypt(password, '6a')
|
|
|
|
|
|
try:
|
|
|
cur.execute("SELECT * FROM users WHERE username=?", (username,))
|
|
|
data = cur.fetchone()
|
|
|
except sqlite3.OperationalError as e:
|
|
|
data = None
|
|
|
log.error(e)
|
|
|
if data:
|
|
|
if data[3]:
|
|
|
if data[1] == username and data[2] == password_crypt:
|
|
|
log.info('user %s authenticated correctly', username)
|
|
|
if environ:
|
|
|
http_accept = environ.get('HTTP_ACCEPT')
|
|
|
|
|
|
if http_accept.startswith('application/mercurial') or \
|
|
|
environ['PATH_INFO'].find('raw-file') != -1:
|
|
|
cmd = environ['PATH_INFO']
|
|
|
for qry in environ['QUERY_STRING'].split('&'):
|
|
|
if qry.startswith('cmd'):
|
|
|
cmd += "|" + qry
|
|
|
|
|
|
try:
|
|
|
cur.execute('''INSERT INTO
|
|
|
user_logs
|
|
|
VALUES(?,?,?,?)''',
|
|
|
(None, data[0], cmd, datetime.now()))
|
|
|
conn.commit()
|
|
|
except Exception as e:
|
|
|
conn.rollback()
|
|
|
log.error(e)
|
|
|
|
|
|
return True
|
|
|
else:
|
|
|
log.error('user %s is disabled', username)
|
|
|
|
|
|
return False
|
|
|
|
|
|
def create_user_table():
|
|
|
'''
|
|
|
Create a auth database
|
|
|
'''
|
|
|
conn, cur = get_sqlite_conn_cur()
|
|
|
try:
|
|
|
log.info('creating table %s', 'users')
|
|
|
cur.execute('''DROP TABLE IF EXISTS users ''')
|
|
|
cur.execute('''CREATE TABLE users
|
|
|
(id INTEGER PRIMARY KEY AUTOINCREMENT,
|
|
|
username TEXT,
|
|
|
password TEXT,
|
|
|
active INTEGER,
|
|
|
admin INTEGER)''')
|
|
|
log.info('creating table %s', 'user_logs')
|
|
|
cur.execute('''DROP TABLE IF EXISTS user_logs ''')
|
|
|
cur.execute('''CREATE TABLE user_logs
|
|
|
(id INTEGER PRIMARY KEY AUTOINCREMENT,
|
|
|
user_id INTEGER,
|
|
|
last_action TEXT,
|
|
|
last_action_date DATETIME)''')
|
|
|
conn.commit()
|
|
|
except:
|
|
|
conn.rollback()
|
|
|
raise
|
|
|
|
|
|
cur.close()
|
|
|
|
|
|
def create_user(username, password, admin=False):
|
|
|
conn, cur = get_sqlite_conn_cur()
|
|
|
password_crypt = crypt.crypt(password, '6a')
|
|
|
log.info('creating user %s', username)
|
|
|
try:
|
|
|
cur.execute('''INSERT INTO users values (?,?,?,?,?) ''',
|
|
|
(None, username, password_crypt, 1, admin))
|
|
|
conn.commit()
|
|
|
except:
|
|
|
conn.rollback()
|
|
|
raise
|
|
|
|
|
|
if __name__ == "__main__":
|
|
|
create_user_table()
|
|
|
create_user('marcink', 'qweqwe', True)
|
|
|
create_user('lukaszd', 'qweqwe')
|
|
|
create_user('adriand', 'qweqwe')
|
|
|
create_user('radek', 'qweqwe')
|
|
|
create_user('skrzeka', 'qweqwe')
|
|
|
create_user('bart', 'qweqwe')
|
|
|
create_user('maho', 'qweqwe')
|
|
|
create_user('michalg', 'qweqwe')
|
|
|
|
|
|
#authfunc('', 'marcink', 'qweqwe')
|
|
|
|
