AdminSecurity.py :  » Web-Frameworks » Webware » Webware-1.0.2 » WebKit » Admin » Python Open Source

Home
Python Open Source
1.3.1.2 Python
2.Ajax
3.Aspect Oriented
4.Blog
5.Build
6.Business Application
7.Chart Report
8.Content Management Systems
9.Cryptographic
10.Database
11.Development
12.Editor
13.Email
14.ERP
15.Game 2D 3D
16.GIS
17.GUI
18.IDE
19.Installer
20.IRC
21.Issue Tracker
22.Language Interface
23.Log
24.Math
25.Media Sound Audio
26.Mobile
27.Network
28.Parser
29.PDF
30.Project Management
31.RSS
32.Search
33.Security
34.Template Engines
35.Test
36.UML
37.USB Serial
38.Web Frameworks
39.Web Server
40.Web Services
41.Web Unit
42.Wiki
43.Windows
44.XML
Python Open Source » Web Frameworks » Webware 
Webware » Webware 1.0.2 » WebKit » Admin » AdminSecurity.py
from AdminPage import AdminPage

# Set this to 0 if you want to allow everyone to access secure pages
# with no login required. This should instead come from a config file.
requireLogin = 1

if not requireLogin:


  class AdminSecurity(AdminPage):

    def writeHTML(self):
      session = self.session()
      request = self.request()
      # Are they logging out?
      if request.hasField('logout'):
        # They are logging out. Clear all session variables:
        session.values().clear()
      # write the page
      AdminPage.writeHTML(self)

else:


  class AdminSecurity(AdminPage):

    def writeHTML(self):
      session = self.session()
      request = self.request()
      trans = self.transaction()
      app = self.application()
      # Are they logging in?
      if request.hasField('login') \
          and request.hasField('username') \
          and request.hasField('password'):
        # They are logging in. Get login id and clear session:
        loginid = session.value('loginid', None)
        session.values().clear()
        # Check if this is a valid user/password
        username = request.field('username')
        password = request.field('password')
        if self.isValidUserAndPassword(username, password) \
            and request.field('loginid', 'nologin') == loginid:
          # Success; log them in and send the page:
          session.setValue('authenticated_user_admin', username)
          AdminPage.writeHTML(self)
        else:
          # Failed login attempt; have them try again:
          request.fields()['extra'] = 'Login failed.' \
            ' Please try again.' \
            ' (And make sure cookies are enabled.)'
          app.forward(trans, 'LoginPage')
          return
      # Are they logging out?
      elif request.hasField('logout'):
        # They are logging out. Clear all session variables:
        session.values().clear()
        request.fields()['extra'] = 'You have been logged out.'
        app.forward(trans, 'LoginPage')
        return
      # Are they already logged in?
      elif session.value('authenticated_user_admin', None):
        # They are already logged in; write the HTML for this page:
        AdminPage.writeHTML(self)
      else:
        # They need to log in.
        app.forward(trans, 'LoginPage')
        return

    def isValidUserAndPassword(self, username, password):
      # Replace this with a database lookup, or whatever you're using
      # for authentication...
      adminPassword = self.application().setting('AdminPassword')
      return username == 'admin' and adminPassword \
          and password == adminPassword
www.java2java.com | Contact Us
Copyright 2009 - 12 Demo Source and Support. All rights reserved.
All other trademarks are property of their respective owners.