paramecio/parameciofm
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Fixes in autologin

Browse source
This commit is contained in:
Antonio de la Rosa 2015-12-14 04:49:25 +01:00
parent f8e92f9285
commit e2eee21600
10 changed files with 210 additions and 165 deletions
Download patch file Download diff file Expand all files Collapse all files

3
paramecio/citoplasma/templates/admin/login.phtml
View file

@ -21,7 +21,7 @@
url: "${make_url('admin/login')}", url: "${make_url('admin/login')}",
method: "POST", method: "POST",
dataType: "json", dataType: "json",
data: {'username': $('#username_form').val(), 'password': $('#password_form').val()} data: {'username': $('#username_form').val(), 'password': $('#password_form').val(), 'remember_login': $('#remember_login').val()}
}).done(function(data) { }).done(function(data) {
if(data.error==0) if(data.error==0)
@ -56,6 +56,7 @@
${lang('admin', 'login', 'Paramecio Login')} ${lang('admin', 'login', 'Paramecio Login')}
</div> </div>
${forms|n} ${forms|n}
<div class="form">${lang('admin', 'remember_login', 'Remember login?')} <input type="checkbox" id="remember_login" name="remember_login" value="1"></div>
<div id="submit_block"> <div id="submit_block">
<input type="submit" value="${lang('common', 'login', 'Login')}" class="submit" id="login_submit"/> <input type="submit" value="${lang('common', 'login', 'Login')}" class="submit" id="login_submit"/>
<span id="loading">&nbsp;</span> <span id="loading">&nbsp;</span>

133
paramecio/cromosoma/usermodel.py
View file

@ -15,6 +15,7 @@ class UserModel(WebModel):
self.email_field='email' self.email_field='email'
self.username_field='username' self.username_field='username'
self.yes_repeat_password=True self.yes_repeat_password=True
self.check_user=True
def create_forms(self, arr_fields={}): def create_forms(self, arr_fields={}):
@ -56,77 +57,81 @@ class UserModel(WebModel):
return False return False
# Check if passwords matches if self.check_user==True:
if self.password_field in dict_values: # Check if passwords matches
dict_values['repeat_password']=dict_values.get('repeat_password', '') if self.password_field in dict_values:
if dict_values['repeat_password']!=dict_values[self.password_field]:
if dict_values[self.password_field].strip()!="": dict_values['repeat_password']=dict_values.get('repeat_password', '')
if dict_values['repeat_password']!=dict_values[self.password_field]:
self.fields[self.password_field].error=True if dict_values[self.password_field].strip()!="":
self.fields[self.password_field].txt_error=I18n.lang('common', 'error_passwords_no_match', 'Error: passwords doesn\'t match')
self.fields[self.password_field].error=True
self.fields[self.password_field].txt_error=I18n.lang('common', 'error_passwords_no_match', 'Error: passwords doesn\'t match')
return False
# Check if exists user with same email or password
get_id=0
if self.updated:
# Need the id
GetPostFiles.obtain_get()
GetPostFiles.obtain_post()
get_id=GetPostFiles.get.get(self.name_field_id, '0')
post_id=GetPostFiles.post.get(self.name_field_id, '0')
if get_id!='0':
get_id=int(get_id)
if post_id!='0':
get_id=int(post_id)
pass
get_id=int(get_id)
sql_id=''
original_conditions=self.conditions
self.reset_conditions()
if self.username_field in dict_values:
self.conditions=['WHERE (username=%s', [dict_values[self.username_field]]]
if self.email_field in dict_values:
if len(self.conditions[1])>0:
self.conditions[0]+=' OR email=%s)'
else:
self.conditions[0]='WHERE (email=%s)'
self.conditions[1]=[]
self.conditions[1].append([dict_values[self.email_field]])
if get_id>0:
self.conditions[0]+=' AND '+self.name_field_id+'!=%s'
self.conditions[1].append(get_id)
if self.select_count()>0:
self.fields[self.username_field].error=True
self.fields[self.username_field].txt_error=I18n.lang('common', 'error_username_or_password_exists', 'Error: username or email exists in database')
return False return False
# Check if exists user with same email or password
get_id=0
if self.updated:
# Need the id
GetPostFiles.obtain_get()
GetPostFiles.obtain_post()
get_id=GetPostFiles.get.get(self.name_field_id, '0') self.conditions=original_conditions
post_id=GetPostFiles.post.get(self.name_field_id, '0')
if get_id!='0':
get_id=int(get_id)
if post_id!='0':
get_id=int(post_id)
pass
sql_id=''
original_conditions=self.conditions
self.reset_conditions()
if self.username_field in dict_values:
self.conditions=['WHERE (username=%s', [dict_values[self.username_field]]]
if self.email_field in dict_values:
if len(self.conditions[1])>0:
self.conditions[0]+=' OR email=%s)'
else:
self.conditions[0]='WHERE (email=%s)'
self.conditions[1]=[]
self.conditions[1].append([dict_values[self.email_field]])
if get_id>0:
self.conditions[0]+=' AND '+self.name_field_id+'!=%s'
self.conditions[1].append(get_id)
if self.select_count()>0:
self.fields[self.username_field].error=True
self.fields[self.username_field].txt_error=I18n.lang('common', 'error_username_or_password_exists', 'Error: username or email exists in database')
return False
self.conditions=original_conditions
return fields, values, update_values return fields, values, update_values

61
paramecio/cromosoma/webmodel.py
View file

@ -632,35 +632,44 @@ class WebModel:
self.fields[k].error=False self.fields[k].error=False
if (self.fields[k].protected==None or self.fields[k].protected==False or external_agent==False) and k in self.valid_fields: if (self.fields[k].protected==None or self.fields[k].protected==False or external_agent==False):
self.fields[k].update=updated_field[errors_set] if k in self.valid_fields:
value=self.fields[k].check(value)
if self.fields[k].check_blank==False or self.updated==False:
# If error checking, value=False self.fields[k].update=updated_field[errors_set]
if self.fields[k].error==True and self.fields[k].required==True: value=self.fields[k].check(value)
if self.fields[k].check_blank==False or self.updated==False:
#Error, need this fields. # If error checking, value=False
self.num_errors+=1
self.fields_errors[k].append("Error: "+v.label+" field required") if self.fields[k].error==True and self.fields[k].required==True:
error=True #Error, need this fields.
self.num_errors+=1
else:
self.fields_errors[k].append("Error: "+v.label+" field required")
error=True
else:
fields.append(k) fields.append(k)
final_value=self.fields[k].quot_open+value+self.fields[k].quot_close final_value=self.fields[k].quot_open+value+self.fields[k].quot_close
values.append(final_value) values.append(final_value)
update_values.append(f_update(k, final_value)) update_values.append(f_update(k, final_value))
else:
self.num_errors+=1
self.fields_errors[k].append("Error: "+self.fields[k].label+" is not in valid fields")
self.fields[k].error=True
self.fields[k].txt_error="Error: "+self.fields[k].label+" is not in valid fields"
error=True
else: else:
self.num_errors+=1 self.num_errors+=1
@ -702,7 +711,7 @@ class WebModel:
for k, v in self.fields.items(): for k, v in self.fields.items():
self.required_save[k]=self.fields[k].required self.required_save[k]=self.fields[k].required
self.fields[k].required=0 self.fields[k].required=False
#Reload the require field in fields #Reload the require field in fields
@ -777,9 +786,9 @@ class PhangoField:
self.size=size self.size=size
# Protected, if this value != None, cannot use it in insert or update. # Protected, if this value != False, cannot use it in insert or update.
self.protected=None self.protected=False
# $quote_open is used if you need a more flexible sql sentence, # $quote_open is used if you need a more flexible sql sentence,
# @warning USE THIS FUNCTION IF YOU KNOW WHAT YOU ARE DOING # @warning USE THIS FUNCTION IF YOU KNOW WHAT YOU ARE DOING

14
paramecio/i18n/en-US/admin.py
View file

@ -2,19 +2,19 @@
from paramecio.citoplasma.i18n import I18n from paramecio.citoplasma.i18n import I18n
I18n.l['admin']['users_admin']='User's Admin'
I18n.l['admin']['applications']='Applications' I18n.l['admin']['applications']='Applications'
I18n.l['admin']['administrator']='Administrator' I18n.l['admin']['administrator']='Administrator'
I18n.l['admin']['selected_privileges']='Selected privileges' I18n.l['admin']['login']='Paramecio Login'
I18n.l['admin']['users_admin']='User\'s Admin'
I18n.l['admin']['sign_up']='Paramecio Sign up' I18n.l['admin']['sign_up']='Paramecio Sign up'
I18n.l['admin']['welcome_to_paramecio']='Welcome to Paramecio Admin!!!'
I18n.l['admin']['login']='Paramecio Login'
I18n.l['admin']['without_privileges']='Without privileges' I18n.l['admin']['without_privileges']='Without privileges'
I18n.l['admin']['welcome_to_paramecio']='Welcome to Paramecio Admin!!!'
I18n.l['admin']['selected_privileges']='Selected privileges'

56
paramecio/i18n/en-US/common.py
View file

@ -2,41 +2,41 @@
from paramecio.citoplasma.i18n import I18n from paramecio.citoplasma.i18n import I18n
I18n.l['common']['edit']='Edit'
I18n.l['common']['search']='Search' I18n.l['common']['search']='Search'
I18n.l['common']['error_username_or_password_exists']='Error: username or email exists in database'
I18n.l['common']['repeat_password']='Repeat Password'
I18n.l['common']['error_passwords_no_match']='Error: passwords doesn\'t match'
I18n.l['common']['add_new_item']='Add new item'
I18n.l['common']['home']='Home'
I18n.l['common']['login']='Login'
I18n.l['common']['no']='No'
I18n.l['common']['edit_new_item']='Edit item'
I18n.l['common']['password_no_match']='Passwords doesn\'t match'
I18n.l['common']['sign_up']='Sign up'
I18n.l['common']['yes']='Yes'
I18n.l['common']['error_login']='Error, wrong username or password'
I18n.l['common']['task_successful']='Task successful'
I18n.l['common']['delete']='Delete' I18n.l['common']['delete']='Delete'
I18n.l['common']['error_login']='Error, wrong username or password'
I18n.l['common']['add_item']='Add new item' I18n.l['common']['add_item']='Add new item'
I18n.l['common']['edit']='Edit'
I18n.l['common']['edit_new_item']='Edit item'
I18n.l['common']['error_username_or_password_exists']='Error: username or email exists in database'
I18n.l['common']['last']='Last' I18n.l['common']['last']='Last'
I18n.l['common']['no']='No'
I18n.l['common']['add_new_item']='Add new item'
I18n.l['common']['yes']='Yes'
I18n.l['common']['options']='Options' I18n.l['common']['options']='Options'
I18n.l['common']['password_no_match']='Passwords doesn't match'
I18n.l['common']['login']='Login'
I18n.l['common']['error_passwords_no_match']='Error: passwords doesn't match'
I18n.l['common']['sign_up']='Sign up'
I18n.l['common']['task_successful']='Task successful'
I18n.l['common']['repeat_password']='Repeat Password'
I18n.l['common']['home']='Home'

14
paramecio/i18n/es-ES/admin.py
View file

@ -2,19 +2,19 @@
from paramecio.citoplasma.i18n import I18n from paramecio.citoplasma.i18n import I18n
I18n.l['admin']['users_admin']='Usuarios de administración'
I18n.l['admin']['applications']='Applications' I18n.l['admin']['applications']='Applications'
I18n.l['admin']['administrator']='Administrador' I18n.l['admin']['administrator']='Administrador'
I18n.l['admin']['selected_privileges']='Selected privileges' I18n.l['admin']['login']='Entrar en Paramecio'
I18n.l['admin']['users_admin']='Usuarios de administración'
I18n.l['admin']['sign_up']='Entrar en Paramecio' I18n.l['admin']['sign_up']='Entrar en Paramecio'
I18n.l['admin']['welcome_to_paramecio']='Bienvenido a la administración de este site!!'
I18n.l['admin']['login']='Entrar en Paramecio'
I18n.l['admin']['without_privileges']='Without privileges' I18n.l['admin']['without_privileges']='Without privileges'
I18n.l['admin']['welcome_to_paramecio']='Bienvenido a la administración de este site!!'
I18n.l['admin']['selected_privileges']='Selected privileges'

56
paramecio/i18n/es-ES/common.py
View file

@ -2,41 +2,41 @@
from paramecio.citoplasma.i18n import I18n from paramecio.citoplasma.i18n import I18n
I18n.l['common']['edit']='Edit'
I18n.l['common']['search']='Search' I18n.l['common']['search']='Search'
I18n.l['common']['error_username_or_password_exists']='Error: username or email exists in database'
I18n.l['common']['repeat_password']='Repeat Password'
I18n.l['common']['error_passwords_no_match']='Error: passwords doesn\'t match'
I18n.l['common']['add_new_item']='Add new item'
I18n.l['common']['home']='Home'
I18n.l['common']['login']='Login'
I18n.l['common']['no']='No'
I18n.l['common']['edit_new_item']='Edit item'
I18n.l['common']['password_no_match']='Passwords doesn\'t match'
I18n.l['common']['sign_up']='Sign up'
I18n.l['common']['yes']='Yes'
I18n.l['common']['error_login']='Error, wrong username or password'
I18n.l['common']['task_successful']='Task successful'
I18n.l['common']['delete']='Delete' I18n.l['common']['delete']='Delete'
I18n.l['common']['error_login']='Error, wrong username or password'
I18n.l['common']['add_item']='Add new item' I18n.l['common']['add_item']='Add new item'
I18n.l['common']['edit']='Edit'
I18n.l['common']['edit_new_item']='Edit item'
I18n.l['common']['error_username_or_password_exists']='Error: username or email exists in database'
I18n.l['common']['last']='Last' I18n.l['common']['last']='Last'
I18n.l['common']['no']='No'
I18n.l['common']['add_new_item']='Add new item'
I18n.l['common']['yes']='Yes'
I18n.l['common']['options']='Options' I18n.l['common']['options']='Options'
I18n.l['common']['password_no_match']='Passwords doesn't match'
I18n.l['common']['login']='Login'
I18n.l['common']['error_passwords_no_match']='Error: passwords doesn't match'
I18n.l['common']['sign_up']='Sign up'
I18n.l['common']['task_successful']='Task successful'
I18n.l['common']['repeat_password']='Repeat Password'
I18n.l['common']['home']='Home'

34
paramecio/modules/admin/index.py
View file

@ -5,7 +5,7 @@ from paramecio.modules.admin.models.admin import UserAdmin
from paramecio.citoplasma.i18n import load_lang, I18n from paramecio.citoplasma.i18n import load_lang, I18n
from paramecio.citoplasma.urls import make_url, add_get_parameters from paramecio.citoplasma.urls import make_url, add_get_parameters
from paramecio.citoplasma.sessions import get_session from paramecio.citoplasma.sessions import get_session
from bottle import get,post from bottle import get,post,response
from settings import config from settings import config
from settings import config_admin from settings import config_admin
from paramecio.citoplasma.lists import SimpleList from paramecio.citoplasma.lists import SimpleList
@ -16,6 +16,9 @@ from paramecio.cromosoma.coreforms import PasswordForm
from importlib import import_module, reload from importlib import import_module, reload
from bottle import redirect from bottle import redirect
from collections import OrderedDict from collections import OrderedDict
from time import time
from hashlib import sha512
from os import urandom
#from citoplasma.login import LoginClass #from citoplasma.login import LoginClass
# Check login # Check login
@ -118,8 +121,8 @@ def login():
GetPostFiles.obtain_post() GetPostFiles.obtain_post()
GetPostFiles.post.get('username', '') GetPostFiles.post['username']=GetPostFiles.post.get('username', '')
GetPostFiles.post.get('password', '') GetPostFiles.post['password']=GetPostFiles.post.get('password', '')
username=user_admin.fields['username'].check(GetPostFiles.post['username']) username=user_admin.fields['username'].check(GetPostFiles.post['username'])
@ -142,6 +145,31 @@ def login():
s['login']=1 s['login']=1
s['privileges']=arr_user['privileges'] s['privileges']=arr_user['privileges']
remember_login=GetPostFiles.post.get('remember_login', '0')
if remember_login=='1':
timestamp=time()+315360000
random_text=sha512(urandom(10)).hexdigest()
#Update user with autologin token
user_admin.check_user=False
user_admin.conditions=['WHERE username=%s', [username]]
user_admin.valid_fields=['token_login']
user_admin.reset_require()
if user_admin.update({'token_login': random_text}):
response.set_cookie('remember_login', random_text, expires=timestamp)
else:
print(user_admin.query_error)
return {'error': 0} return {'error': 0}
else: else:
return {'error': 1} return {'error': 1}

2
paramecio/modules/admin/media/css/login.css
View file

@ -23,7 +23,7 @@ body {
} }
input { input[type="text"], input[type="password"] {
width:100%; width:100%;
border: solid #bcbcbc 1px; border: solid #bcbcbc 1px;

2
paramecio/modules/admin/models/admin.py
View file

@ -40,6 +40,8 @@ class UserAdmin(UserModel):
self.register(corefields.CharField('token_recovery')) self.register(corefields.CharField('token_recovery'))
self.register(corefields.CharField('token_login'))
self.register(PrivilegesField('privileges')) self.register(PrivilegesField('privileges'))
""" """