summaryrefslogtreecommitdiffstats
path: root/py-bin
diff options
context:
space:
mode:
authoralice <alice@immerda.ch>2012-09-21 17:08:21 +0200
committeralice <alice@immerda.ch>2012-10-19 15:20:07 +0200
commitba4292ce2298b6e58fbc76ce5e02d5e35d9dc7e5 (patch)
tree01a5f7b38cc2a5218309eceae151f955326bf622 /py-bin
parent861d2dd07bfd53028d7efc0a551bdf05466b627b (diff)
no more password in session. adding jid now asks for jid password
Diffstat (limited to 'py-bin')
-rw-r--r--py-bin/jabberman.py51
-rw-r--r--py-bin/setup.py16
-rw-r--r--py-bin/templates/add_account_form.em2
3 files changed, 33 insertions, 36 deletions
diff --git a/py-bin/jabberman.py b/py-bin/jabberman.py
index e27a23e..d85144a 100644
--- a/py-bin/jabberman.py
+++ b/py-bin/jabberman.py
@@ -256,18 +256,19 @@ class JabberManager:
def __init__(self, session):
self.jadb = JabberDB()
self.session = session
- self.current_user, self.authenticated = None, False
+ self.current_user = None
def get_user(self):
return self.current_user
def authenticate(self):
- if self.authenticated == True:
- return True
- if (not "uid" in self.session) or (not "pass" in self.session):
+ if not self.current_user and "uid" in self.session:
+ self.current_user = self.jadb.get_web_user(self.session["uid"])
+
+ if self.current_user:
+ return (True, self.current_user)
+ else:
return (False, "Nicht angemeldet.")
- ok, status_or_user = self.login(self.session["uid"], self.session["pass"])
- return (ok, status_or_user)
def login(self, user_id, password):
ok, status = self.check_user_id(user_id)
@@ -276,16 +277,15 @@ class JabberManager:
self.current_user = self.jadb.login_user(user_id, password)
if self.current_user:
- self.__set_session(user_id, password = password)
+ self.__set_session(user_id)
else:
self.__clear_session()
return (False, "Benutzername oder Passwort falsch.")
- self.authenticated = True
return (True, self.current_user)
def logout(self):
- self.current_user, self.authenticated = None, False
+ self.current_user = None
self.__clear_session()
def prepare_user(self, user_id):
@@ -323,8 +323,8 @@ class JabberManager:
ok, status_or_user = self.jadb.activate_user(user_id, password, token)
if ok:
- self.current_user, self.authenticated = status_or_user, True
- self.__set_session(user_id, password = password)
+ self.current_user = status_or_user
+ self.__set_session(user_id)
else:
self.__clear_session()
return (False, status_or_user)
@@ -332,18 +332,14 @@ class JabberManager:
return (True, status)
def change_password(self, jid, password):
- if not self.authenticated:
+ if not self.current_user:
return (False, "Zugriff verweigert.")
user_id = self.current_user.email
ok, status = self.jadb.change_jid_password(user_id, jid, password)
if ok:
- if jid == self.current_user.get_primary_jid():
- self.__set_session(user_id, password = password)
return (True, "Passwort erfolgreich geaendert.")
else:
- if jid == self.current_user.get_primary_jid():
- self.__clear_session()
return (False, status)
def is_acceptable_password(self, password, password2):
@@ -362,27 +358,22 @@ class JabberManager:
default_acc = WebUser.derive_primary_jid(user_id)
return filter(lambda acc: acc.jid != default_acc, self.get_account_list(user_id))
- def add_account(self, jabber_id):
- if not self.authenticated:
+ def add_account(self, jabber_id, password):
+ if not self.current_user:
return (False, "Zugriff verweigert.")
-
+
ok, status = JabberManager.check_jabber_id(jabber_id)
if not ok:
return (False, status)
- try:
- password = self.session["pass"]
- except Exception:
- return (False, "Zugriff verweigert.")
-
- ok, status = self.jadb.add_account(self.current_user.email, jabber_id, self.session["pass"], check_only = True)
+ ok, status = self.jadb.add_account(self.current_user.email, jabber_id, password, check_only = True)
if not ok:
return (False, status)
- return self.jadb.add_account(self.current_user.email, jabber_id, self.session["pass"])
+ return self.jadb.add_account(self.current_user.email, jabber_id, password)
def remove_account(self, jabber_id):
- if not self.authenticated:
+ if not self.current_user:
return (False, "Zugriff verweigert.")
ok, status = JabberManager.check_jabber_id(jabber_id)
@@ -399,19 +390,15 @@ class JabberManager:
return self.jadb.remove_account(user_id, jabber_id)
- def __set_session(self, user_id, password = None, token = None):
+ def __set_session(self, user_id, token = None):
self.__clear_session()
self.session["uid"] = user_id
- if password:
- self.session["pass"] = password
if token:
self.session["tok"] = token
def __clear_session(self):
if self.session.get("uid"):
del(self.session["uid"])
- if self.session.get("pass"):
- del(self.session["pass"])
if self.session.get("token"):
del(self.session["tok"])
diff --git a/py-bin/setup.py b/py-bin/setup.py
index 49f8980..b2e8fbf 100644
--- a/py-bin/setup.py
+++ b/py-bin/setup.py
@@ -58,7 +58,7 @@ class SetupMixIn:
user = self.__authenticate(req)
if not user:
return
-
+
last_err = req.params.get("error", "")
domains = config.extra_domains
@@ -73,12 +73,20 @@ class SetupMixIn:
domain = req.params.get("domain", "")
account = req.params.get("name", "") + "@" + domain
-
+ password = req.params.get("password", "")
+ password2 = req.params.get("password2", "")
+
if domain not in config.extra_domains:
self.error_page(req, "Zugriff verweigert.")
return
-
- ok, status = self.jman.add_account(account)
+
+ ok, status = self.jman.is_acceptable_password(password, password2)
+ if not ok:
+ url = self.make_url([("cmd","add_account_form"), ("error", status)])
+ self.redirect_to(req, url)
+ return
+
+ ok, status = self.jman.add_account(account, password)
if not ok:
url = self.make_url([("cmd","add_account_form"), ("error", status)])
self.redirect_to(req, url)
diff --git a/py-bin/templates/add_account_form.em b/py-bin/templates/add_account_form.em
index ae88204..1fb8324 100644
--- a/py-bin/templates/add_account_form.em
+++ b/py-bin/templates/add_account_form.em
@@ -10,6 +10,8 @@
@[end for]
</select>
</p>
+ <p>Passwort: <input type="password" name="password"/></p>
+ <p>Passwort best├Ątigen: <input type="password" name="password2"/></p>
<p><input type="reset" value="Zur├╝cksetzen"/>
<input type="submit" name="submitted" value="Erstellen"/></p>
</form>