diff --git a/paramecio/citoplasma/adminutils.py b/paramecio/citoplasma/adminutils.py index bcef999..c890ab4 100644 --- a/paramecio/citoplasma/adminutils.py +++ b/paramecio/citoplasma/adminutils.py @@ -6,6 +6,7 @@ from paramecio.citoplasma.urls import make_url from paramecio.citoplasma.i18n import I18n from paramecio.citoplasma.httputils import GetPostFiles from paramecio.citoplasma.keyutils import create_key_encrypt, create_key_encrypt_256, create_key +from paramecio.cromosoma.formsutils import generate_csrf from bottle import response,request from paramecio.cromosoma.webmodel import WebModel from time import time @@ -135,7 +136,7 @@ def check_login(): return False -def login_model(ModelLogin, session=''): +def login_model(ModelLogin, session='', enable_tries=False): """ Function for standard login """ @@ -157,17 +158,12 @@ def login_model(ModelLogin, session=''): user_admin.conditions=['WHERE username=%s', [username]] - arr_user=user_admin.select_a_row_where(['id', 'password', 'privileges', 'lang', 'num_tries', 'email']) + arr_user=user_admin.select_a_row_where(['id', 'username', 'password', 'privileges', 'lang', 'num_tries', 'email']) if arr_user==False: - s=get_session() - - s['csrf_token']=create_key_encrypt() - - s.save() connection.close() - return {'error': 1, 'csrf_token': s['csrf_token']} + return {'error': 1, 'csrf_token': generate_csrf()} else: num_tries=int(arr_user['num_tries']) @@ -183,6 +179,7 @@ def login_model(ModelLogin, session=''): s[session+'privileges']=arr_user['privileges'] s[session+'lang']=arr_user['lang'] s[session+'email']=arr_user['email'] + s[session+'username']=arr_user['username'] if s['lang']=='': s['lang']=I18n.default_lang @@ -224,27 +221,17 @@ def login_model(ModelLogin, session=''): user_admin.valid_fields=['num_tries'] user_admin.reset_require() - - user_admin.update({'num_tries': arr_user['num_tries']+1}) - - s=get_session() - - s['csrf_token']=create_key_encrypt() - - s.save() + + if enable_tries: + user_admin.update({'num_tries': arr_user['num_tries']+1}) connection.close() - return {'error': 1, 'csrf_token': s['csrf_token']} + return {'error': 1, 'csrf_token': generate_csrf()} else: - s=get_session() - - s['csrf_token']=create_key_encrypt() - - s.save() connection.close() - return {'error': 1, 'csrf_token': s['csrf_token']} + return {'error': 1, 'csrf_token': generate_csrf()} diff --git a/paramecio/citoplasma/plugins.py b/paramecio/citoplasma/plugins.py index 08e8510..f809364 100644 --- a/paramecio/citoplasma/plugins.py +++ b/paramecio/citoplasma/plugins.py @@ -103,7 +103,13 @@ class DbPlugin(object): kwargs['db']=WebModel.connection() - rv = callback(*args, **kwargs) + try: + + rv = callback(*args, **kwargs) + + except: + kwargs['db'].close() + raise kwargs['db'].close() diff --git a/paramecio/modules/admin/templates/admin/home.html b/paramecio/modules/admin/templates/admin/home.html index 5882319..5bf7d79 100644 --- a/paramecio/modules/admin/templates/admin/home.html +++ b/paramecio/modules/admin/templates/admin/home.html @@ -82,7 +82,6 @@ ${HeaderHTML.header_home()|n} <%block name="content"> -