Login now working

da92a8ad · Franco (nextime) Lanza · 1190f6d8 · da92a8ad · da92a8ad · da92a8ad
Commit da92a8ad authored 7 years ago by Franco (nextime) Lanza
Hide whitespace changes
Inline Side-by-side

Showing with 27 additions and 42 deletions

users.conf conf/defaults/users.conf +2 -0

penguidom.py penguidom/penguidom.py +0 -2

auth.py penguidom/web/auth.py +20 -32

web.py penguidom/web/web.py +5 -8

No files found.
--- a/conf/defaults/users.conf
+++ b/conf/defaults/users.conf
+#username:salt:sha256 salted password
+admin:admin:d82494f05d6917ba02f7aaa29689ccb444bb73f20380876cb05d1f37537b7892
--- a/penguidom/penguidom.py
+++ b/penguidom/penguidom.py
@@ -135,5 +135,3 @@ class penguidomService(service.Service):
      cfg.readConfig()
      return cfg

-
-
--- a/penguidom/web/auth.py
+++ b/penguidom/web/auth.py
@@ -29,20 +29,13 @@ import twisted.cred.checkers
 import twisted.cred.error
 import logging
 from twisted.internet import defer
-try:
-   import hashlib
-   md5 = hashlib
-   md5.new = hashlib.md5
-   sha1 = hashlib.sha1
-except:
-   import md5
-   import sha1
-
 from nexlibs.utils import genutils
-
+import os, sys

 log = logging.getLogger("Webgui")

+USERFILE = os.path.join(os.path.abspath(os.path.dirname(sys.argv[0])), 'conf', 'users.conf')
+
 class mindFactory(object):

   loginsaved = False
@@ -62,39 +55,34 @@ class clientAuth(object):
      cred.credentials.IUsernamePassword,
   )

+   users = {}
   def __init__(self):
-      pass
+      with open(USERFILE) as fp:  
+         for cnt, line in enumerate(fp):
+            if not line.startswith('#') and len(line) > 0:
+               try:
+                  l = line.split(':')
+                  self.users[l[0]] = {'salt': l[1], 'hash': l[2].rstrip("\r\n")}
+               except:
+                  pass

   def checkAuth(self, usr, pwd):
-      log.debug("CheckAuth for "+str(usr)+" "+str(pwd))
-      return self.core.getAuth(usr, genutils.hashPwd(pwd))
+      log.debug("CheckAuth for "+str(usr))
+      if usr in self.users.keys():
+         return defer.succeed((genutils.hashPwd256("".join([self.users[usr]['salt'], pwd])) == self.users[usr]['hash']))
+      return defer.succeed(False)
      
   def getAuth(self, usr, pwd):
-      log.debug("getAuth for "+str(usr)+" "+str(pwd))
-      return self.checkAuth(usr, pwd).addCallback(self.getPerms, pwd)
-
-   def getPerms(self, res, pwd):
-      log.info("getPerms "+str(res))
-      """
-      if len(res) > 0:
-         if res[0].admin == True:
-            perms['admin'] = True
-         return perms
-      """
-      if len(res) > 0:
-         perms = res[0]
-         perms.loginpwd = pwd
-         return perms
-      return False
+      log.debug("getAuth for "+str(usr))
+      return self.checkAuth(usr, pwd)

   def requestAvatarId(self, c):
-      log.debug('AUTH: '+str(c)+" "+str(c.username))
+      log.debug('requestAvatarId: '+str(c.username))
      return self.checkAuth(c.username, c.password).addCallback(
-         self.getPerms, c.password).addCallback(
         self.AvatarResults, c)

   def AvatarResults(self, res, c):
-      log.debug("AvatarResults "+str(res)+" "+str(c))
+      log.debug("AvatarResults "+str(res)+" "+str(c.username))
      if res:
         return defer.succeed([c, res])
      raise cred.error.UnauthorizedLogin()
--- a/penguidom/web/web.py
+++ b/penguidom/web/web.py
@@ -202,8 +202,6 @@ class RootPage(rend.Page):
      

   def child_(self, ctx):
-      if str(self.core.configGet('web', 'enableusergui')).lower() not in ['yes', '1', 'y','true']:
-         return "Permission Denied"
      html = """
         Redirecting...
      """
@@ -278,7 +276,7 @@ class SessionWrapper(guard.SessionWrapper):
   def renderHTTP( self, ctx):
      request = inevow.IRequest(ctx)
      host=request.getHeader('host')
-      log.info("USERNAME: "+str(request.getUser())+" "+str(request.getPassword()))
+      log.info("USERNAME: "+str(request.getUser()))
      log.debug("SessionWrapper HOST CALLED: "+str(host))
      return guard.SessionWrapper.renderHTTP(self, ctx)

@@ -302,7 +300,6 @@ class SessionWrapper(guard.SessionWrapper):
         request.args["username"] = [request.getUser()]
         request.args["password"] = [request.getPassword()]

-      log.info("Calling Guard..."+str(request.args))
      return guard.SessionWrapper.locateChild(self, ctx, segments)
      

@@ -529,13 +526,13 @@ class PenguidomAuthRealm(object):
               resc.core = self.core
               return (inevow.IResource, resc, noLogout)
            else:
-               # Qui dovrebbe arrivare in caso di autenticazione
-               # avatarId dovrebbe contenere il ritorno al checkauth
+               # Here it is, we are authenticated.
+               # avatarId should contain the results of the authentication
+               # process
               resc = RootAuthPage(avatarId, self.port, mind)
               resc.realm = self
               resc.core = self.core
-               if str(self.core.configGet('web', 'enableajaxgui')).lower() in ['yes', '1', 'y','true']:
-                  resc.putChild('sockjs', ajax.getSocketJSResource(self.core))
+               resc.putChild('sockjs', ajax.getSocketJSResource(self.core))
               return (inevow.IResource, resc, resc.logout)
      raise NotImplementedError("Can't support that interface.")