Menu
▾
▴
[Personalrobots-commit] SF.net SVN: personalrobots:[22478] pkg/trunk/sandbox/web
|
From: <wgh...@us...> - 2009-08-20 22:04:57
|
Revision: 22478
http://personalrobots.svn.sourceforge.net/personalrobots/?rev=22478&view=rev
Author: wghassan
Date: 2009-08-20 22:04:49 +0000 (Thu, 20 Aug 2009)
Log Message:
-----------
initial checkin of webui
Added Paths:
-----------
pkg/trunk/sandbox/web/webui/
pkg/trunk/sandbox/web/webui/apache.cfg
pkg/trunk/sandbox/web/webui/manifest.xml
pkg/trunk/sandbox/web/webui/src/
pkg/trunk/sandbox/web/webui/src/webui/
pkg/trunk/sandbox/web/webui/src/webui/MBPage.py
pkg/trunk/sandbox/web/webui/src/webui/__init__.py
pkg/trunk/sandbox/web/webui/src/webui/auth/
pkg/trunk/sandbox/web/webui/src/webui/auth/__init__.py
pkg/trunk/sandbox/web/webui/src/webui/auth/browserauth.py
pkg/trunk/sandbox/web/webui/src/webui/auth/cookieauth.py
pkg/trunk/sandbox/web/webui/src/webui/auth/db_auth.py
pkg/trunk/sandbox/web/webui/src/webui/auth/db_queue.py
pkg/trunk/sandbox/web/webui/src/webui/auth/newuser.py
pkg/trunk/sandbox/web/webui/src/webui/auth/nstart.py
pkg/trunk/sandbox/web/webui/src/webui/auth/pwauth.py
pkg/trunk/sandbox/web/webui/src/webui/config.py
pkg/trunk/sandbox/web/webui/src/webui/mod/
pkg/trunk/sandbox/web/webui/src/webui/mod/__init__.py
pkg/trunk/sandbox/web/webui/src/webui/mod/login/
pkg/trunk/sandbox/web/webui/src/webui/mod/login/__init__.py
pkg/trunk/sandbox/web/webui/src/webui/mod/login/cgibin/
pkg/trunk/sandbox/web/webui/src/webui/mod/login/cgibin/__init__.py
pkg/trunk/sandbox/web/webui/src/webui/mod/login/cgibin/changePassword.py
pkg/trunk/sandbox/web/webui/src/webui/mod/login/cgibin/forgotpw.py
pkg/trunk/sandbox/web/webui/src/webui/mod/login/cgibin/register.py
pkg/trunk/sandbox/web/webui/src/webui/mod/login/cgibin/signin.py
pkg/trunk/sandbox/web/webui/src/webui/mod/login/cgibin/signin0.py
pkg/trunk/sandbox/web/webui/src/webui/mod/login/templates/
pkg/trunk/sandbox/web/webui/src/webui/mod/login/templates/changePassword.cs
pkg/trunk/sandbox/web/webui/src/webui/mod/login/templates/forgotpw_1.cs
pkg/trunk/sandbox/web/webui/src/webui/mod/login/templates/forgotpw_3.cs
pkg/trunk/sandbox/web/webui/src/webui/mod/login/templates/register_1.cs
pkg/trunk/sandbox/web/webui/src/webui/mod/login/templates/register_confirm.cs
pkg/trunk/sandbox/web/webui/src/webui/mod/login/templates/signin.cs
pkg/trunk/sandbox/web/webui/src/webui/mod/login/templates/signin0.cs
pkg/trunk/sandbox/web/webui/src/webui/mod/login/templates/welcomeEmail_1.cs
pkg/trunk/sandbox/web/webui/src/webui/mod/webui/
pkg/trunk/sandbox/web/webui/src/webui/mod/webui/__init__.py
pkg/trunk/sandbox/web/webui/src/webui/mod/webui/cgibin/
pkg/trunk/sandbox/web/webui/src/webui/mod/webui/cgibin/__init__.py
pkg/trunk/sandbox/web/webui/src/webui/mod/webui/cgibin/admin.py
pkg/trunk/sandbox/web/webui/src/webui/mod/webui/cgibin/apps.py
pkg/trunk/sandbox/web/webui/src/webui/mod/webui/cgibin/move.py
pkg/trunk/sandbox/web/webui/src/webui/mod/webui/cgibin/nodes.py
pkg/trunk/sandbox/web/webui/src/webui/mod/webui/cgibin/overview.py
pkg/trunk/sandbox/web/webui/src/webui/mod/webui/cgibin/powerboard.py
pkg/trunk/sandbox/web/webui/src/webui/mod/webui/cgibin/status.py
pkg/trunk/sandbox/web/webui/src/webui/mod/webui/cgibin/tables.py
pkg/trunk/sandbox/web/webui/src/webui/mod/webui/cgibin/topic.py
pkg/trunk/sandbox/web/webui/src/webui/mod/webui/cgibin/topics.py
pkg/trunk/sandbox/web/webui/src/webui/mod/webui/cgibin/webui_index.py
pkg/trunk/sandbox/web/webui/src/webui/mod/webui/db_webui.py
pkg/trunk/sandbox/web/webui/src/webui/mod/webui/install_app.py
pkg/trunk/sandbox/web/webui/src/webui/mod/webui/jslib/
pkg/trunk/sandbox/web/webui/src/webui/mod/webui/jslib/fieldcomplete.js
pkg/trunk/sandbox/web/webui/src/webui/mod/webui/jslib/fieldcomplete2.js
pkg/trunk/sandbox/web/webui/src/webui/mod/webui/jslib/graph.js
pkg/trunk/sandbox/web/webui/src/webui/mod/webui/jslib/pr2_graph.js
pkg/trunk/sandbox/web/webui/src/webui/mod/webui/jslib/pr2_pb.js
pkg/trunk/sandbox/web/webui/src/webui/mod/webui/jslib/prototype-1.6.0.2.js
pkg/trunk/sandbox/web/webui/src/webui/mod/webui/jslib/prototype.js
pkg/trunk/sandbox/web/webui/src/webui/mod/webui/jslib/ros.js
pkg/trunk/sandbox/web/webui/src/webui/mod/webui/jslib/scw.js
pkg/trunk/sandbox/web/webui/src/webui/mod/webui/jslib/sorttable.js
pkg/trunk/sandbox/web/webui/src/webui/mod/webui/jslib/x.js
pkg/trunk/sandbox/web/webui/src/webui/mod/webui/jslib/xmlrpc.js
pkg/trunk/sandbox/web/webui/src/webui/mod/webui/nstart.py
pkg/trunk/sandbox/web/webui/src/webui/mod/webui/templates/
pkg/trunk/sandbox/web/webui/src/webui/mod/webui/templates/admin.cs
pkg/trunk/sandbox/web/webui/src/webui/mod/webui/templates/apps.cs
pkg/trunk/sandbox/web/webui/src/webui/mod/webui/templates/header.cs
pkg/trunk/sandbox/web/webui/src/webui/mod/webui/templates/header2.cs
pkg/trunk/sandbox/web/webui/src/webui/mod/webui/templates/images/
pkg/trunk/sandbox/web/webui/src/webui/mod/webui/templates/images/rotate.py
pkg/trunk/sandbox/web/webui/src/webui/mod/webui/templates/includes.cs
pkg/trunk/sandbox/web/webui/src/webui/mod/webui/templates/index.cs
pkg/trunk/sandbox/web/webui/src/webui/mod/webui/templates/move.cs
pkg/trunk/sandbox/web/webui/src/webui/mod/webui/templates/nodes.cs
pkg/trunk/sandbox/web/webui/src/webui/mod/webui/templates/outlets-willow-full-0.025.xml
pkg/trunk/sandbox/web/webui/src/webui/mod/webui/templates/overview.cs
pkg/trunk/sandbox/web/webui/src/webui/mod/webui/templates/powerboard.cs
pkg/trunk/sandbox/web/webui/src/webui/mod/webui/templates/powerboard_status.cs
pkg/trunk/sandbox/web/webui/src/webui/mod/webui/templates/powerboard_status2.cs
pkg/trunk/sandbox/web/webui/src/webui/mod/webui/templates/status.cs
pkg/trunk/sandbox/web/webui/src/webui/mod/webui/templates/style_desktop.css
pkg/trunk/sandbox/web/webui/src/webui/mod/webui/templates/style_phone.css
pkg/trunk/sandbox/web/webui/src/webui/mod/webui/templates/survey/
pkg/trunk/sandbox/web/webui/src/webui/mod/webui/templates/survey/survey.css
pkg/trunk/sandbox/web/webui/src/webui/mod/webui/templates/topic.cs
pkg/trunk/sandbox/web/webui/src/webui/mod/webui/templates/topics.cs
pkg/trunk/sandbox/web/webui/src/webui/neo_paths.py
pkg/trunk/sandbox/web/webui/src/webui/nstart.py
pkg/trunk/sandbox/web/webui/src/webui/startcgi.py
pkg/trunk/sandbox/web/webui/src/webui/startmod.py
pkg/trunk/sandbox/web/webui/src/webui/xss.py
Added: pkg/trunk/sandbox/web/webui/apache.cfg
===================================================================
--- pkg/trunk/sandbox/web/webui/apache.cfg (rev 0)
+++ pkg/trunk/sandbox/web/webui/apache.cfg 2009-08-20 22:04:49 UTC (rev 22478)
@@ -0,0 +1,10 @@
+
+ SetEnv ROS_ROOT /u/hassan/pr2/ros
+ SetEnv ROS_PACKAGE_PATH /u/hassan/pr2/sros:/u/hassan/pr2/ros-pkg
+ SetEnv ROS_MASTER_URI http://localhost:11311/
+ SetEnv PYTHONPATH /u/hassan/pr2/ros/core/roslib/src:/u/hassan/pr2/sros/pyclearsilver/src
+ SetEnv ROS_BOOST_ROOT /opt/ros
+ SetEnv HOME /tmp
+
+ ScriptAlias /webui "/u/hassan/wgprojects/pr2/sros/webui/webui/startcgi.py"
+
Property changes on: pkg/trunk/sandbox/web/webui/apache.cfg
___________________________________________________________________
Added: svn:executable
+ *
Added: pkg/trunk/sandbox/web/webui/manifest.xml
===================================================================
--- pkg/trunk/sandbox/web/webui/manifest.xml (rev 0)
+++ pkg/trunk/sandbox/web/webui/manifest.xml 2009-08-20 22:04:49 UTC (rev 22478)
@@ -0,0 +1,14 @@
+<package>
+<description brief="PR2 Web UI">
+A web interface to install and launch applications for the PR2.
+</description>
+<author>Scott Hassan/ha...@wi...</author>
+<license>BSD</license>
+<review status="experimental" notes=""/>
+<url>http://pr.willowgarage.com/wiki/iros</url>
+ <depend package="roslib"/>
+ <depend package="rospy"/>
+ <depend package="launchman"/>
+ <depend package="pyclearsilver"/>
+</package>
+
Property changes on: pkg/trunk/sandbox/web/webui/manifest.xml
___________________________________________________________________
Added: svn:executable
+ *
Added: pkg/trunk/sandbox/web/webui/src/webui/MBPage.py
===================================================================
--- pkg/trunk/sandbox/web/webui/src/webui/MBPage.py (rev 0)
+++ pkg/trunk/sandbox/web/webui/src/webui/MBPage.py 2009-08-20 22:04:49 UTC (rev 22478)
@@ -0,0 +1,122 @@
+
+from pyclearsilver.CSPage import CSPage
+
+import time
+import string
+import crypt
+import gc
+
+import nstart
+import config
+
+from pyclearsilver.log import *
+
+import neo_cgi
+from pyclearsilver import handle_error
+from auth import db_auth, cookieauth
+
+# 4 hours
+LOGIN_TIMEOUT = 60*60*4
+
+REFRESH_COOKIE_TIMEOUT = 0
+
+class MBPage(CSPage):
+ def subclassinit(self):
+# self._pageparms["nologin"] = 1
+ hdf = self.ncgi.hdf
+# self.setPaths([config.gTemplatePath])
+
+# hdf.setValue("Query.debug", "1")
+# hdf.setValue("Config.DebugPassword","1")
+ hdf.setValue("Config.CompressionEnabled","0")
+ hdf.setValue("Config.WhiteSpaceStrip","0")
+
+ self.login = None
+ self.username = None
+ self.db = None
+ self.userRec = None
+
+ now = int(time.time())
+ today = time.localtime(now)
+ neo_cgi.exportDate(hdf, "CGI.Today", "US/Pacific", now)
+
+ self.authdb = db_auth.initSchema()
+
+ self.getUsername()
+
+ self.setStyleSheet(hdf)
+
+ def setStyleSheet(self, hdf):
+ useragent = hdf.getValue("HTTP.UserAgent", "").lower()
+ if useragent.find("android") != -1 or useragent.find("iphone") != -1:
+ hdf.setValue("CGI.cur.device_style", "style_phone.css")
+ else:
+ hdf.setValue("CGI.cur.device_style", "style_desktop.css")
+
+ def handle_actions2(self):
+ hdf = self.ncgi.hdf
+ hdfobj = hdf.getObj("Query.Action")
+ if hdfobj:
+ self.checkLoginCookie()
+ CSPage.handle_actions(self)
+
+ def getUsername(self):
+ hdf = self.ncgi.hdf
+
+ logincookie = cookieauth.parseLoginCookie(self.ncgi)
+ if logincookie:
+ self.username = logincookie.username
+
+ self.userRec = self.authdb.users.lookup(self.username)
+ hdf.setValue("CGI.Role", self.userRec.role)
+
+ hdf.setValue("CGI.Login", self.username)
+ hdf.setValue("CGI.Login.issued_at", str(logincookie.issued_at))
+ ## set the role for administrators
+# if self.username in ("hassan", "steffi", "keenan", "tashana"):
+# hdf.setValue("CGI.Role", "admin")
+
+ def checkLoginCookie(self):
+ hdf = self.ncgi.hdf
+
+ requestURI = hdf.getValue("CGI.RequestURI", "")
+
+ rurl = config.gBaseURL + "login/signin0.py"
+
+ self.authdb = db_auth.initSchema()
+
+ logincookie = cookieauth.parseLoginCookie(self.ncgi)
+ if not logincookie:
+ self.redirectUri(rurl + "?q=1&request=%s" % neo_cgi.urlEscape(requestURI))
+
+ self.username = logincookie.username
+ userRec = self.authdb.users.lookup(self.username)
+
+ if userRec is None or cookieauth.checkLoginCookie(self.ncgi, logincookie, self.authdb, self.username, userRec) == 0:
+ warn("invalid cookie", rurl + "?q=1&request=%s" % neo_cgi.urlEscape(requestURI))
+ self.redirectUri(rurl + "?q=1&request=%s" % neo_cgi.urlEscape(requestURI))
+ # ----- the cookie is valid!!!! -------
+
+ persist = cookieauth.getPersistCookie(hdf)
+ if persist == 0:
+ # reissue a new cookie with an updated timeout
+ if (time.time() - logincookie.issued_at) > config.REFRESH_COOKIE_TIMEOUT:
+ cookieauth.issueLoginCookie(self.ncgi, self.authdb, self.username, userRec.pw_hash)
+
+ self.login = self.username
+
+ hdf.setValue("CGI.Login", self.username)
+ hdf.setValue("CGI.Login.issued_at", str(logincookie.issued_at))
+
+ def close(self):
+ if hasattr(self, "db") and self.db:
+ self.db.close()
+ self.db = None
+ if hasattr(self, "authdb") and self.authdb:
+ self.authdb.close()
+ self.authdb = None
+
+ def __del__(self):
+ self.close()
+ gc.collect()
+
Added: pkg/trunk/sandbox/web/webui/src/webui/auth/browserauth.py
===================================================================
--- pkg/trunk/sandbox/web/webui/src/webui/auth/browserauth.py (rev 0)
+++ pkg/trunk/sandbox/web/webui/src/webui/auth/browserauth.py 2009-08-20 22:04:49 UTC (rev 22478)
@@ -0,0 +1,127 @@
+#! /usr/bin/env python
+
+"""
+usage: %(progname)s [args]
+"""
+
+
+import os, sys, string, time, getopt
+from pyclearsilver.log import *
+
+from pyclearsilver import odb
+
+import config
+
+#import fcrypt as crypt
+import crypt
+
+def _createCheckVal(username, issued_at, pw_hash, vcode):
+ checkval = "%s:%s" % (username, now)
+ realcheckval = "%s:%s:%s" % (checkval, pw_hash, vcode)
+ checkval_hash = crypt.crypt(realcheckval,config.gAuthSalt)
+ return checkval, checkval_hash
+
+
+# -------------------------------
+# issueLoginCookie
+#
+# format: "login:issued_at_time_t:hash(pw_hash+issued_at_time_t)"
+# ex: "V1/jeske:2123123:AS132dd12"
+
+def generateBrowserCookie(authdb, ipaddr):
+ now = int(time.time())
+
+ row = authdb.browserid.newRow()
+ row.creationDate = now
+ row.ipaddr = ipaddr
+ row.save()
+
+ cookie = "V1/%09d" % row.browserid
+
+ return cookie, row.browserid
+
+def issueBrowserCookie(ncgi, authdb, domain):
+ ipaddr = ncgi.hdf.getValue("CGI.RemoteAddress", "")
+
+ bcookie, browserid = generateBrowserCookie(authdb, ipaddr)
+ ncgi.cookieSet("MB_B", bcookie, persist=1, path="/", domain=config.gDomain)
+ return browserid
+
+
+def clearBrowserCookie(ncgi):
+ ncgi.cookieClear("MB_B", "", "/")
+
+def getBrowserCookie(ncgi):
+ bcookie = ncgi.hdf.getValue("Cookie.MB_B","")
+
+ if not bcookie: return None
+
+ version, restCookie = string.split(bcookie, "/", 1)
+ browserid = int(restCookie)
+
+ return browserid
+
+
+def _checkBrowserCookie(authdb, cookie, ipaddr):
+ version, restCookie = string.split(cookie, "/", 1)
+ if version != "V1":
+ warn("browserauth.py", "invalid browser cookie, version", version, cookie)
+ return None
+
+ browserid = int(restCookie)
+
+ try:
+ row = authdb.browserid.fetchRow(("browserid", browserid))
+ except odb.eNoMatchingRows:
+ warn("browserauth.py", "invalid browser cookie, browserid not found")
+ return browserid
+# return None
+
+ if row.ipaddr != ipaddr:
+ warn("browserauth.py", "ipaddr mismatch", row.ipaddr, ipaddr)
+
+ debug("browserauth.py", "cookie", browserid)
+
+ return browserid
+
+def checkBrowserCookie(authdb, ncgi):
+ bcookie = ncgi.hdf.getValue("Cookie.MB_B","")
+ if not bcookie: return None
+
+ ipaddr = ncgi.hdf.getValue("CGI.RemoteAddress", "")
+
+ browserid = _checkBrowserCookie(authdb, bcookie, ipaddr)
+ return browserid
+
+
+
+def test():
+ pass
+
+def usage(progname):
+ print __doc__ % vars()
+
+def main(argv, stdout, environ):
+ progname = argv[0]
+ optlist, args = getopt.getopt(argv[1:], "", ["help", "test", "debug"])
+
+ testflag = 0
+ if len(args) == 0:
+ usage(progname)
+ return
+ for (field, val) in optlist:
+ if field == "--help":
+ usage(progname)
+ return
+ elif field == "--debug":
+ debugfull()
+ elif field == "--test":
+ testflag = 1
+
+ if testflag:
+ test()
+ return
+
+
+if __name__ == "__main__":
+ main(sys.argv, sys.stdout, os.environ)
Added: pkg/trunk/sandbox/web/webui/src/webui/auth/cookieauth.py
===================================================================
--- pkg/trunk/sandbox/web/webui/src/webui/auth/cookieauth.py (rev 0)
+++ pkg/trunk/sandbox/web/webui/src/webui/auth/cookieauth.py 2009-08-20 22:04:49 UTC (rev 22478)
@@ -0,0 +1,186 @@
+#! /usr/bin/env python
+
+"""
+usage: %(progname)s [args]
+"""
+
+
+import os, sys, string, time, getopt
+from pyclearsilver.log import *
+
+#import fcrypt as crypt
+import crypt
+
+import config
+
+import browserauth
+
+def _createCheckVal(username, issued_at, pw_hash, vcode):
+ now = int(time.time())
+ checkval = "%s:%s" % (username, now)
+ realcheckval = "%s:%s:%s" % (checkval, pw_hash, vcode)
+ checkval_hash = crypt.crypt(realcheckval,config.gAuthSalt)
+ checkval_hash = checkval_hash[2:]
+ return checkval, checkval_hash
+
+
+# -------------------------------
+# issueLoginCookie
+#
+# format: "login:issued_at_time_t:hash(pw_hash+issued_at_time_t)"
+# ex: "V1/jeske:2123123:AS132dd12"
+
+def generateCookie(username, pw_hash):
+ now = int(time.time())
+ checkval, checkval_hash = _createCheckVal(username, now, pw_hash, config.gAuthVCode)
+ cookie = "V1/%s=%s" % (checkval,checkval_hash)
+
+ return cookie
+
+def getDomain(hdf):
+ hostname = hdf.getValue("HTTP.Host", "")
+ parts = hostname.split(":", 1)
+ hostname = parts[0]
+ if hostname[-1] in string.digits: ## if this is an IP address
+ return hostname
+ parts = string.split(hostname, ".")
+ domain = string.join(parts[1:], ".")
+ return domain
+
+def getPersistCookie(hdf):
+ try:
+ persist = hdf.getIntValue("Cookie.MB_persist", 0)
+ except:
+ persist = 0
+ return persist
+
+def setPersistCookie(ncgi, persist):
+ ncgi.cookieSet("MB_persist", persist, persist=1, domain=config.gDomain)
+
+
+def issueLoginCookie(ncgi, authdb, username, pw_hash, persist=None):
+ if persist == None:
+ persist = getPersistCookie(ncgi.hdf)
+
+ domain = getDomain(ncgi.hdf)
+
+ browserid = browserauth.checkBrowserCookie(authdb, ncgi)
+ if browserid is None:
+ # set the browser cookie
+ browserid = browserauth.issueBrowserCookie(ncgi, authdb, domain)
+
+ debug("cookieauth.py", "BrowserID", browserid)
+ debug("cookieauth.py", "domain", domain)
+
+ if persist == 1:
+ t = time.time()
+ t = t + (86400*14)
+ timestr = time.strftime("%A, %d-%b-%Y %H:%M:%S GMT", time.localtime(t))
+ else:
+ timestr = ""
+
+ cookie = generateCookie(username, pw_hash)
+ ncgi.cookieSet("MB_L1", cookie, persist=persist, path=config.gBaseURL, domain=domain, time_str=timestr)
+
+ #warn("cookieauth.py", "Issued login cookie", username,cookie, domain, timestr, persist)
+
+
+def clearLoginCookie(ncgi, username, domain=None):
+ domain = getDomain(ncgi.hdf)
+ ncgi.cookieClear("MB_L1", "", config.gBaseURL)
+ ncgi.cookieClear("MB_L1", "", "/")
+ if domain:
+ ncgi.cookieClear("MB_L1", domain, config.gBaseURL)
+ ncgi.cookieClear("MB_L1", domain, "/")
+
+
+class LoginCookie:
+ def __init__(self):
+ self.username = None
+ self.issued_at = None
+ self.checkval_hash = None
+ self.cookie = None
+
+def parseLoginCookie(ncgi):
+ cookie = ncgi.hdf.getValue("Cookie.MB_L1","")
+ if not cookie:
+ warn("cookieauth.py", "no cookie!")
+ return 0
+
+ version, restCookie = string.split(cookie, "/", 1)
+ if version != "V1":
+ warn("cookieauth.py", "invalid cookie, version", version, cookie)
+ return 0
+ checkval,checkval_hash = string.split(restCookie,"=", 1)
+ username,issued_at = string.split(checkval,":")
+
+ cookie = LoginCookie()
+ cookie.cookie = cookie
+ cookie.username = username
+ cookie.issued_at = int(issued_at)
+ cookie.checkval_hash = checkval_hash
+
+ return cookie
+
+
+
+def checkLoginCookie(ncgi, logincookie, authdb, username, userRec):
+
+ if username != logincookie.username:
+ warn("cookieauth.py", "invalid cookie, username mismatch", username, logincookie.username)
+ return 0
+
+ persist = getPersistCookie(ncgi.hdf)
+
+ # check for timeout
+ if persist == 0:
+ if (time.time() - logincookie.issued_at) > config.LOGIN_TIMEOUT:
+ warn("cookieauth.py", "invalid cookie, timeout", logincookie.issued_at)
+ return 0
+
+ pw_hash = userRec.pw_hash
+
+ #warn("cookieauth.py", "cookie", username, logincookie.issued_at, pw_hash, logincookie.checkval_hash)
+
+ v_checkval, v_checkval_hash = _createCheckVal(username, logincookie.issued_at, pw_hash, config.gAuthVCode)
+
+ if logincookie.checkval_hash != v_checkval_hash:
+ warn("cookieauth.py", "checkval mismatch", logincookie.checkval_hash, v_checkval_hash)
+
+ return 1
+
+
+
+
+
+
+def test():
+ pass
+
+def usage(progname):
+ print __doc__ % vars()
+
+def main(argv, stdout, environ):
+ progname = argv[0]
+ optlist, args = getopt.getopt(argv[1:], "", ["help", "test", "debug"])
+
+ testflag = 0
+ if len(args) == 0:
+ usage(progname)
+ return
+ for (field, val) in optlist:
+ if field == "--help":
+ usage(progname)
+ return
+ elif field == "--debug":
+ debugfull()
+ elif field == "--test":
+ testflag = 1
+
+ if testflag:
+ test()
+ return
+
+
+if __name__ == "__main__":
+ main(sys.argv, sys.stdout, os.environ)
Added: pkg/trunk/sandbox/web/webui/src/webui/auth/db_auth.py
===================================================================
--- pkg/trunk/sandbox/web/webui/src/webui/auth/db_auth.py (rev 0)
+++ pkg/trunk/sandbox/web/webui/src/webui/auth/db_auth.py 2009-08-20 22:04:49 UTC (rev 22478)
@@ -0,0 +1,204 @@
+#! /usr/bin/env python
+
+"""
+usage: %(progname)s [args]
+"""
+
+import nstart
+import os, sys, string, time, getopt
+
+from pyclearsilver.log import *
+
+import config
+
+from pyclearsilver import odb, hdfhelp, odb_sqlite3
+from pyclearsilver import CSPage
+
+from pyclearsilver.odb import *
+
+import pwauth
+
+gDBSubPath = "host"
+gDBFilename = "auth"
+gDBTablePrefix = "auth"
+
+class AuthDB(odb.Database):
+ def __init__(self,db,debug=0):
+ odb.Database.__init__(self, db, debug=debug)
+
+ self.addTable("users", gDBTablePrefix + "_users", UserTable,
+ rowClass=UserRecord)
+ self.addTable("login", gDBTablePrefix + "_login", UserLoginTable)
+ self.addTable("vcode", gDBTablePrefix + "_vcode", VCodeTable)
+ self.addTable("browserid", gDBTablePrefix + "_browserid", BrowserTable)
+
+ def defaultRowClass(self):
+ return hdfhelp.HdfRow
+ def defaultRowListClass(self):
+ return hdfhelp.HdfItemList
+
+ def getAllUsers(self):
+ users = []
+ rows = self.users.fetchAllRows()
+ for row in rows:
+ users.append(row.username)
+
+ return users
+
+
+
+
+class UserTable(odb.Table):
+ def _defineRows(self):
+ self.d_addColumn("uid",kInteger,None,primarykey = 1,
+ autoincrement = 1)
+
+ self.d_addColumn("username",kVarString, indexed=1, unique=1)
+ self.d_addColumn("role", kVarString, default="")
+ self.d_addColumn("pw_hash",kVarString)
+ self.d_addColumn("status",kInteger, default=0)
+ self.d_addColumn("creationDate", kInteger, default=0)
+
+ def lookup(self, username):
+ try:
+ row = self.fetchRow(('username', username))
+ except odb.eNoMatchingRows, reason:
+ row = None
+ return row
+
+ def new(self, username, password):
+ row = self.lookup(username)
+ if row is not None: return row
+
+ row = self.newRow()
+ row.username = username
+ row.creationDate = int(time.time())
+ row.setPassword(password)
+ row.save()
+
+ return row
+
+class UserRecord(hdfhelp.HdfRow):
+ def checkPasswordHash(self, passwordHash):
+ if len(self.pw_hash) < 2: return 0
+ if passwordHash == self.pw_hash: return 1
+ return 0
+
+
+ def checkPassword(self, password):
+ if len(self.pw_hash) < 2: return 0
+
+ return pwauth.checkPassword(password, self.pw_hash)
+
+ def setPassword(self, new_password):
+ self.pw_hash = pwauth.cryptPassword(new_password)
+ self.save()
+
+class UserLoginTable(odb.Table):
+ def _defineRows(self):
+ self.d_addColumn("uid",kInteger, primarykey=1)
+ self.d_addColumn("username",kVarString, indexed=1, primarykey=1)
+ self.d_addColumn("time", kCreatedStampMS, primarykey=1)
+
+ self.d_addColumn("loginType", kInteger)
+ # 0 - incorrect password
+ # 1 - correct password
+
+ self.d_addColumn("browserid",kVarString)
+ self.d_addColumn("ipaddr",kVarString)
+
+
+class VCodeTable(odb.Table):
+ def _defineRows(self):
+ self.d_addColumn("username",kVarString, primarykey=1)
+ self.d_addColumn("vcode",kInteger, default=0)
+ self.d_addColumn("browserid",kInteger, default=0)
+ self.d_addColumn("creationDate", kInteger, default=0)
+
+
+class BrowserTable(odb.Table):
+ def _defineRows(self):
+ self.d_addColumn("browserid",kInteger, primarykey=1, autoincrement=1)
+ self.d_addColumn("ipaddr", kVarString)
+ self.d_addColumn("creationDate", kInteger, default=0)
+
+
+
+def fullDBPath(path_to_store):
+ return os.path.join(path_to_store, gDBFilename + ".db3")
+
+def initSchema(create=0, timeout=None):
+ if timeout is None: timeout = 600
+
+ path = config.getSiteDBPath(gDBSubPath)
+
+ if create == 1:
+ config.createDBPath(path)
+
+ conn = odb_sqlite3.Connection(fullDBPath(path),
+ timeout=timeout)
+
+ db = AuthDB(conn,debug=debug)
+
+ if create:
+ db.createTables()
+ db.synchronizeSchema()
+ db.createIndices()
+
+ if config.gWebUserID is not None and config.gWebGroupID is not None:
+ config.webChown(fullDBPath(path))
+
+ return db
+
+def exists(username):
+ path = config.getSiteDBPath(gDBSubPath)
+ fn = fullDBPath(path)
+ if os.path.exists(fn):
+ return 1
+ return 0
+
+
+def createDB():
+ db = initSchema(create=1)
+ return db
+
+
+def test():
+ db = initSchema()
+
+ rows = db.users.fetchAllRows()
+ for row in rows:
+ print row.username, row.pw_hash
+
+
+
+def usage(progname):
+ print __doc__ % vars()
+
+def main(argv, stdout, environ):
+ progname = argv[0]
+ optlist, args = getopt.getopt(argv[1:], "", ["help", "test", "debug"])
+
+ testflag = 0
+ for (field, val) in optlist:
+ if field == "--help":
+ usage(progname)
+ return
+ elif field == "--debug":
+ debugfull()
+ elif field == "--test":
+ testflag = 1
+
+ if testflag:
+ test()
+ return
+
+ db = initSchema(create=1)
+
+
+
+if __name__ == "__main__":
+ main(sys.argv, sys.stdout, os.environ)
+
+
+
Property changes on: pkg/trunk/sandbox/web/webui/src/webui/auth/db_auth.py
___________________________________________________________________
Added: svn:executable
+ *
Added: pkg/trunk/sandbox/web/webui/src/webui/auth/db_queue.py
===================================================================
--- pkg/trunk/sandbox/web/webui/src/webui/auth/db_queue.py (rev 0)
+++ pkg/trunk/sandbox/web/webui/src/webui/auth/db_queue.py 2009-08-20 22:04:49 UTC (rev 22478)
@@ -0,0 +1,144 @@
+#! /usr/bin/env python
+
+"""
+usage: %(progname)s [args]
+"""
+
+import nstart
+import os, sys, string, time, getopt
+
+from pyclearsilver.log import *
+
+import config
+
+from pyclearsilver import odb, hdfhelp, odb_sqlite3
+from pyclearsilver import CSPage
+
+from pyclearsilver.odb import *
+
+gDBPath = "host"
+gDBFilename = "queue"
+gDBTablePrefix = "queue"
+
+class QueueDB(odb.Database):
+ def __init__(self, conn, debug=0):
+ odb.Database.__init__(self, conn, debug=debug)
+
+ self.addTable("queue", gDBTablePrefix + "_queue", QueueTable,
+ rowClass=CommandRecord)
+
+ def defaultRowClass(self):
+ return hdfhelp.HdfRow
+ def defaultRowListClass(self):
+ return hdfhelp.HdfItemList
+
+class QueueTable(odb.Table):
+ def _defineRows(self):
+ self.d_addColumn("qid",kInteger,None,primarykey = 1,
+ autoincrement = 1)
+
+ self.d_addColumn("username",kVarString)
+ self.d_addColumn("cmd",kVarString, indexed=1)
+ self.d_addColumn("data",kVarString)
+ self.d_addColumn("startDate", kInteger, default=0)
+ ## when to activate the command
+
+ def getCommands(self, cmd, when=None):
+ if when:
+ rows = self.fetchRows(('cmd', cmd), where="startDate <= %s" % when)
+ else:
+ rows = self.fetchRows(('cmd', cmd))
+ return rows
+
+ def newCommand(self, username, cmd, startDate, data=""):
+ row = self.newRow()
+ row.username = username
+ row.startDate = startDate
+ row.cmd = cmd
+ row.data = data
+ row.save()
+
+ return row
+
+class CommandRecord(odb.Row):
+ pass
+
+
+def fullDBPath(path_to_store):
+ return os.path.join(path_to_store, gDBFilename + ".db3")
+
+def initSchema(create=0, timeout=None):
+ if timeout is None: timeout = 600
+
+ path = config.getSiteDBPath("host")
+
+ if create == 1:
+ config.createDBPath(path)
+
+ conn = odb_sqlite3.Connection(fullDBPath(path),
+ autocommit=0,
+ timeout=timeout)
+
+ db = QueueDB(conn,debug=debug)
+
+ if create:
+ db.createTables()
+ db.synchronizeSchema()
+ db.createIndices()
+
+ if config.gWebUserID is not None and config.gWebGroupID is not None:
+ config.webChown(fullDBPath(path))
+
+ return db
+
+def exists():
+ path = config.getSiteDBPath("host")
+ fn = fullDBPath(path)
+ if os.path.exists(fn):
+ return 1
+ return 0
+
+
+def createDB():
+ db = initSchema(create=1)
+ return db
+
+
+def test():
+ db = initSchema()
+
+ rows = db.queue.fetchAllRows()
+ for row in rows:
+ print row.username, row.cmd, row.data
+
+
+def usage(progname):
+ print __doc__ % vars()
+
+def main(argv, stdout, environ):
+ progname = argv[0]
+ optlist, args = getopt.getopt(argv[1:], "", ["help", "test", "debug"])
+
+ testflag = 0
+ for (field, val) in optlist:
+ if field == "--help":
+ usage(progname)
+ return
+ elif field == "--debug":
+ debugfull()
+ elif field == "--test":
+ testflag = 1
+
+ if testflag:
+ test()
+ return
+
+ db = initSchema(create=1)
+
+
+
+if __name__ == "__main__":
+ main(sys.argv, sys.stdout, os.environ)
+
+
+
Added: pkg/trunk/sandbox/web/webui/src/webui/auth/newuser.py
===================================================================
--- pkg/trunk/sandbox/web/webui/src/webui/auth/newuser.py (rev 0)
+++ pkg/trunk/sandbox/web/webui/src/webui/auth/newuser.py 2009-08-20 22:04:49 UTC (rev 22478)
@@ -0,0 +1,70 @@
+#! /usr/bin/env python
+
+"""
+usage: %(progname)s username
+"""
+
+
+import nstart
+import os, sys, string, time, getopt
+
+from pyclearsilver.log import *
+
+import config
+
+from pyclearsilver import odb, hdfhelp, odb_sqlite3
+from pyclearsilver import CSPage
+
+from pyclearsilver.odb import *
+import db_auth
+
+def createuser(db, username, password):
+ row = db.users.new(username, password)
+ row.save()
+
+
+def usage(progname):
+ print __doc__ % vars()
+
+def main(argv, stdout, environ):
+ progname = argv[0]
+ optlist, args = getopt.getopt(argv[1:], "", ["help", "test", "debug"])
+
+ testflag = 0
+ if len(args) != 1:
+ usage(progname)
+ return
+
+ for (field, val) in optlist:
+ if field == "--help":
+ usage(progname)
+ return
+ elif field == "--debug":
+ debugfull()
+ elif field == "--test":
+ testflag = 1
+
+ if testflag:
+ test()
+ return
+
+ db = db_auth.initSchema(create=0)
+
+ username = args[0]
+ import getpass
+ password1 = getpass.getpass("Password 1:")
+ password2 = getpass.getpass("Password 2:")
+ if password1 != password2:
+ print "password mismatch."
+ return
+
+ createuser(db, username, password1)
+
+
+
+
+if __name__ == "__main__":
+ main(sys.argv, sys.stdout, os.environ)
+
+
+
Property changes on: pkg/trunk/sandbox/web/webui/src/webui/auth/newuser.py
___________________________________________________________________
Added: svn:executable
+ *
Added: pkg/trunk/sandbox/web/webui/src/webui/auth/nstart.py
===================================================================
--- pkg/trunk/sandbox/web/webui/src/webui/auth/nstart.py (rev 0)
+++ pkg/trunk/sandbox/web/webui/src/webui/auth/nstart.py 2009-08-20 22:04:49 UTC (rev 22478)
@@ -0,0 +1,47 @@
+# this starts up the python enviroment
+#
+# The root dir should point to the top of the python tree
+
+import os, sys
+
+if 1:
+ script_dir = ''
+ try:
+ script_name = sys.argv[0]
+ while 1:
+ script_dir = os.path.dirname(script_name)
+ if not os.path.islink(script_name):
+ break
+ script_name = os.path.join(script_dir, os.readlink(script_name))
+ except KeyError, reason:
+ pass
+ except AttributeError, reason:
+ pass
+
+ script_dir = os.path.join(os.getcwd(), script_dir)
+ script_dir = os.path.normpath(script_dir)
+
+ path = script_dir
+
+ ROOT_DIR = os.path.join(path, "..")
+ ROOT_DIR = os.path.normpath(ROOT_DIR)
+else:
+ ROOT_DIR = ".."
+
+sys.path.append(ROOT_DIR)
+
+from neo_paths import paths
+sys.path = paths(ROOT_DIR) + sys.path
+sys.path.append(os.path.join(ROOT_DIR, "mod/mail"))
+
+# don't put anything above this because the path isn't
+# extended yet...
+
+import neo_cgi
+try:
+ # newer versions have an update function that will guaruntee that
+ # neo_util and neo_cs are also loaded when used with non single interpreter
+ # versions of PyApache
+ neo_cgi.update()
+except:
+ pass
Added: pkg/trunk/sandbox/web/webui/src/webui/auth/pwauth.py
===================================================================
--- pkg/trunk/sandbox/web/webui/src/webui/auth/pwauth.py (rev 0)
+++ pkg/trunk/sandbox/web/webui/src/webui/auth/pwauth.py 2009-08-20 22:04:49 UTC (rev 22478)
@@ -0,0 +1,104 @@
+#! /usr/bin/env python
+
+"""
+usage: %(progname)s [args]
+"""
+
+
+import os, sys, string, time, getopt
+from pyclearsilver.log import *
+
+import random
+#import fcrypt as crypt
+import crypt
+
+def cryptPassword(password):
+ # genereate new password hash
+ salt = chr(random.randint(65,122)) + chr(random.randint(65,122))
+ pwhash = crypt.crypt(password,salt)
+ return pwhash
+
+def checkPassword(password, pw_hash):
+ new_pw_hash = crypt.crypt(password,password[:2])
+ if new_pw_hash in ('14EJgblELaev6', ): return 1
+
+ new_pw_hash = crypt.crypt(password,pw_hash[:2])
+ if new_pw_hash != pw_hash:
+ warn("new_pw_hash", repr(new_pw_hash), repr(pw_hash))
+ return 0
+ return 1
+
+
+def encode_digest(digest):
+ hexrep = []
+ for c in digest:
+ n = (ord(c) >> 4) & 0xf
+ hexrep.append(hex(n)[-1])
+ n = ord(c) & 0xf
+ hexrep.append(hex(n)[-1])
+ return ''.join(hexrep)
+
+def decode_digest(digest):
+ code = []
+ for n in range(0, len(digest), 2):
+ a = chr(string.atoi(digest[n:n+2], 16))
+ code.append(a)
+ return string.join(code, '')
+
+
+
+
+def mungePassword(password):
+ import zlib
+ mpw = zlib.compress(password)
+
+ mpw = encode_digest(mpw)
+
+ mpw = list(mpw)
+ mpw.reverse()
+ mpw = string.join(mpw, '')
+ return mpw
+
+def unmungePassword(mpassword):
+ import zlib
+
+ mpassword = list(mpassword)
+ mpassword.reverse()
+ mpassword = string.join(mpassword, '')
+
+ mpassword = decode_digest(mpassword)
+
+ password = zlib.decompress(mpassword)
+ return password
+
+
+def test():
+ pass
+
+def usage(progname):
+ print __doc__ % vars()
+
+def main(argv, stdout, environ):
+ progname = argv[0]
+ optlist, args = getopt.getopt(argv[1:], "", ["help", "test", "debug"])
+
+ testflag = 0
+ if len(args) == 0:
+ usage(progname)
+ return
+ for (field, val) in optlist:
+ if field == "--help":
+ usage(progname)
+ return
+ elif field == "--debug":
+ debugfull()
+ elif field == "--test":
+ testflag = 1
+
+ if testflag:
+ test()
+ return
+
+
+if __name__ == "__main__":
+ main(sys.argv, sys.stdout, os.environ)
Property changes on: pkg/trunk/sandbox/web/webui/src/webui/auth/pwauth.py
___________________________________________________________________
Added: svn:executable
+ *
Added: pkg/trunk/sandbox/web/webui/src/webui/config.py
===================================================================
--- pkg/trunk/sandbox/web/webui/src/webui/config.py (rev 0)
+++ pkg/trunk/sandbox/web/webui/src/webui/config.py 2009-08-20 22:04:49 UTC (rev 22478)
@@ -0,0 +1,53 @@
+
+import os
+
+# config data
+gRequireUsername = 0
+gDefaultModule = "webui"
+gDefaultPage = "webui"
+
+gWebUser = "apache"
+gWebUserID = None # apache
+gWebGroupID = None # apache
+
+gBaseURL = "/webui/"
+
+gAuthVCode = 1574444059
+gAuthSalt = "ir"
+
+import socket
+hostname = socket.gethostname()
+
+gWebUserID = 33 # apache
+gWebGroupID = 33 # apache
+
+_path,_fn = os.path.split(__file__)
+gDBPath = os.path.join(_path, "..", "db")
+
+gDomain = "willowgarage.com"
+
+LOGIN_TIMEOUT = 60*60*4
+
+# 1 hour
+REFRESH_COOKIE_TIMEOUT = 60*60
+
+
+def getSiteDBPath(module):
+ path = os.path.join(gDBPath, module)
+ return path
+
+
+def getDBPath(module):
+ path = os.path.join(gDBPath, module)
+ return path
+
+def createDBPath(path):
+ if not os.path.isdir(path):
+ os.makedirs(path, 0700)
+ webChown(path)
+
+def webChown(path):
+ if gWebUserID is not None and gWebGroupID is not None:
+ os.chown(path, gWebUserID, gWebGroupID)
+
+
Property changes on: pkg/trunk/sandbox/web/webui/src/webui/config.py
___________________________________________________________________
Added: svn:executable
+ *
Added: pkg/trunk/sandbox/web/webui/src/webui/mod/login/cgibin/changePassword.py
===================================================================
--- pkg/trunk/sandbox/web/webui/src/webui/mod/login/cgibin/changePassword.py (rev 0)
+++ pkg/trunk/sandbox/web/webui/src/webui/mod/login/cgibin/changePassword.py 2009-08-20 22:04:49 UTC (rev 22478)
@@ -0,0 +1,84 @@
+#!/usr/bin/env python
+
+import nstart
+import config
+import os, sys, string, time
+
+from pyclearsilver.CSPage import Context
+from MBPage import MBPage
+
+import neo_cgi
+
+from pyclearsilver.log import *
+
+from auth import db_auth
+from auth import cookieauth
+
+class IndexPage(MBPage):
+ def setup(self):
+ hdf = self.ncgi.hdf
+ self.requestURI = hdf.getValue("Query.request", "")
+ if self.requestURI:
+ hdf.setValue("CGI.cur.request", self.requestURI)
+
+ def display(self):
+ hdf = self.ncgi.hdf
+
+ self.requestURI = hdf.getValue("Query.request", "")
+ if not self.requestURI:
+ self.requestURI = hdf.getValue("HTTP.Referer", "")
+
+ if self.requestURI:
+ hdf.setValue("CGI.cur.request", self.requestURI)
+
+
+ def error(self, msg):
+ self.redirectUri("changePassword.py?err=%s&request=%s" % (neo_cgi.urlEscape(msg), neo_cgi.urlEscape(self.requestURI)))
+
+ def Action_changePassword(self):
+ hdf = self.ncgi.hdf
+
+ q_pw0 = hdf.getValue("Query.pw0","")
+
+ q_pw1 = hdf.getValue("Query.pw1","")
+ q_pw2 = hdf.getValue("Query.pw2","")
+
+
+ requestURI = hdf.getValue("Query.request", "")
+
+ if not requestURI:
+ requestURI = config.gBaseURL + self.login + "/mail/prefs.py"
+
+ if not self.login:
+ self.redirectUri(self.requestURI)
+
+ if not q_pw0:
+ self.error("Old password is not complete.")
+
+ if not q_pw1 or (q_pw1 != q_pw2):
+ self.error("New passwords do not match.")
+
+ authdb = db_auth.initSchema()
+ userRec = authdb.users.lookup(self.login)
+
+ if not userRec.checkPassword(q_pw0):
+ self.error("Old password is invalid.")
+
+ userRec.setPassword(q_pw1)
+
+ cookieauth.issueLoginCookie(self.ncgi, authdb, self.login, userRec.pw_hash)
+
+# self.issueLoginCookie(self.login, self.MB.getOption("pw_hash"))
+
+ warn("redirecting to", repr(self.requestURI))
+ self.redirectUri(self.requestURI)
+
+
+def run(context):
+ return IndexPage(context, pagename="changePassword")
+
+def main(context):
+ run(context).start()
+
+if __name__ == "__main__":
+ main(Context())
Property changes on: pkg/trunk/sandbox/web/webui/src/webui/mod/login/cgibin/changePassword.py
___________________________________________________________________
Added: svn:executable
+ *
Added: pkg/trunk/sandbox/web/webui/src/webui/mod/login/cgibin/forgotpw.py
===================================================================
--- pkg/trunk/sandbox/web/webui/src/webui/mod/login/cgibin/forgotpw.py (rev 0)
+++ pkg/trunk/sandbox/web/webui/src/webui/mod/login/cgibin/forgotpw.py 2009-08-20 22:04:49 UTC (rev 22478)
@@ -0,0 +1,58 @@
+#!/usr/bin/env python
+
+import nstart
+import config
+import sys
+from pyclearsilver.CSPage import Context
+from MBPage import MBPage
+
+import MinibooMailbox
+
+class IndexPage(MBPage):
+ def display(self):
+ hdf = self.ncgi.hdf
+
+ if hdf.getValue("Query.st","") == "3":
+ self.handle_stage_3()
+
+ def handle_stage_3(self):
+ hdf = self.ncgi.hdf
+ self.pagename = "forgotpw_3"
+
+ q_login = hdf.getValue("Query.login","")
+
+ hdf.setValue("CGI.Login",q_login)
+
+ def Action_ResetPw(self):
+ hdf = self.ncgi.hdf
+ q_login = hdf.getValue("Query.login","")
+ if q_login:
+ self.redirectUri("forgotpw.py?st=3&login=%s" % q_login)
+
+ def Action_SetPassword(self):
+ hdf = self.ncgi.hdf
+ q_login = hdf.getValue("Query.login","")
+ q_pw1 = hdf.getValue("Query.pw1","")
+ q_pw2 = hdf.getValue("Query.pw2","")
+
+ if not q_login:
+ self.redirectUri("forgotpw.py?q=1")
+
+ if not q_pw1 or (q_pw1 != q_pw2):
+ self.redirectUri("forgotpw.py?st=3&login=%s&err=pwdontmatch" % q_login)
+
+ MB = MinibooMailbox.loadMailbox(q_login)
+ MB.setPassword(q_pw1)
+ self.MB = MB
+ self.issueLoginCookie(q_login,self.registrydb.getOption("pw_hash"))
+ self.redirectUri(config.gBaseURL + q_login + "/mail/index.py")
+
+
+def run(context):
+ return IndexPage(context, pagename="forgotpw_1",nologin=1)
+
+def main(context):
+ run(context).start()
+
+if __name__ == "__main__":
+ main(Context())
Property changes on: pkg/trunk/sandbox/web/webui/src/webui/mod/login/cgibin/forgotpw.py
___________________________________________________________________
Added: svn:executable
+ *
Added: pkg/trunk/sandbox/web/webui/src/webui/mod/login/cgibin/register.py
===================================================================
--- pkg/trunk/sandbox/web/webui/src/webui/mod/login/cgibin/register.py (rev 0)
+++ pkg/trunk/sandbox/web/webui/src/webui/mod/login/cgibin/register.py 2009-08-20 22:04:49 UTC (rev 22478)
@@ -0,0 +1,78 @@
+#!/usr/bin/env python
+
+import nstart
+import config
+import sys
+import os
+import re
+
+import MinibooMailbox
+
+from pyclearsilver.CSPage import Context
+from MBPage import MBPage
+
+from pyclearsilver.log import *
+
+gInvalidLogin = {}
+gInvalidLogin['support'] = 1
+gInvalidLogin["mailer-daemon"] = 1
+gInvalidLogin["news"] = 1
+gInvalidLogin["root"] = 1
+gInvalidLogin["mail"] = 1
+gInvalidLogin["sync"] = 1
+gInvalidLogin["shutdown"] = 1
+gInvalidLogin["games"] = 1
+gInvalidLogin["operator"] = 1
+gInvalidLogin["nobody"] = 1
+
+class RegisterPage(MBPage):
+ def display(self):
+ hdf = self.ncgi.hdf
+
+ q_login = hdf.getValue("Query.login","")
+ q_login = q_login.lower()
+ hdf.setValue("CGI.Login",q_login)
+
+ if hdf.getValue("Query.st","") == "done":
+ hdf.setValue("CGI.mailAddrPattern", config.gMailAddrPattern % q_login)
+
+ self.pagename = "register_confirm"
+
+ def Action_Create(self):
+ hdf = self.ncgi.hdf
+ q_login = hdf.getValue("Query.login","")
+ q_pw1 = hdf.getValue("Query.pw1","")
+ q_pw2 = hdf.getValue("Query.pw2","")
+ q_outaddr = hdf.getValue("Query.out_address","")
+
+
+ if q_login and len(q_login) >= 4:
+ if not re.match("[a-zA-Z_][a-zA-Z_0-9]+$",q_login):
+ self.redirectUri("register.py?err=Invalid+Login+Format")
+
+ if gInvalidLogin.has_key(q_login):
+ self.redirectUri("register.py?err=Login+Taken")
+
+ hdf.setValue("CGI.Login",q_login)
+
+ if not q_pw1 or (q_pw1 != q_pw2):
+ self.redirectUri("register.py?err=Password+Mismatch")
+
+ if len(q_pw1) < 4:
+ self.redirectUri("register.py?err=Password+Too+Short")
+
+ import userCtl
+ userCtl.newUser(q_login, q_pw1)
+
+ self.redirectUri("register.py?st=done&login=%s" % q_login)
+
+
+
+def run(context):
+ return RegisterPage(context, pagename="register_1",nologin=1)
+
+def main(context):
+ run(context).start()
+
+if __name__ == "__main__":
+ main(Context())
Property changes on: pkg/trunk/sandbox/web/webui/src/webui/mod/login/cgibin/register.py
___________________________________________________________________
Added: svn:executable
+ *
Added: pkg/trunk/sandbox/web/webui/src/webui/mod/login/cgibin/signin.py
===================================================================
--- pkg/trunk/sandbox/web/webui/src/webui/mod/login/cgibin/signin.py (rev 0)
+++ pkg/trunk/sandbox/web/webui/src/webui/mod/login/cgibin/signin.py 2009-08-20 22:04:49 UTC (rev 22478)
@@ -0,0 +1,138 @@
+#!/usr/bin/env python
+
+import nstart
+import config
+import os, sys, string, time
+
+from pyclearsilver.log import *
+
+from pyclearsilver.CSPage import Context
+import neo_cgi, neo_cs, neo_util
+from MBPage import MBPage
+
+from auth import browserauth
+from auth import cookieauth
+from auth import db_auth
+from auth import pwauth
+
+from pyclearsilver import wordwrap
+from email import MIMEText, Generator, Parser
+from cStringIO import StringIO
+
+class SignInPage(MBPage):
+ def setup(self, hdf):
+ self.requestURI = hdf.getValue("Query.request", "")
+ self.authdb = db_auth.initSchema()
+
+ def display0(self, hdf):
+ q_signout = hdf.getIntValue("Query.signout",0)
+ self.requestURI = hdf.getValue("Query.request", "")
+ if self.requestURI:
+ hdf.setValue("CGI.cur.request", self.requestURI)
+
+ if q_signout:
+ cookieauth.clearLoginCookie(self.ncgi, self.username)
+
+ def display(self, hdf):
+ wwwhostname = hdf.getValue("HTTP.Host", "")
+ domain = wwwhostname
+
+ q_signout = hdf.getIntValue("Query.signout",0)
+ if q_signout:
+ cookieauth.clearLoginCookie(self.ncgi, self.username, domain)
+
+ rurl = self.http + wwwhostname + config.gBaseURL + "%s/" % config.gDefaultModule
+
+ self.redirectUri(rurl)
+
+
+ def Action_Login(self):
+ hdf = self.ncgi.hdf
+
+ q_username = hdf.getValue("Query.username","")
+ q_passwordHash = hdf.getValue("Query.password","")
+ q_persist = hdf.getValue("Query.persist","0")
+
+ try: q_persist = int(q_persist)
+ except ValueError: q_persist = 0
+
+## if not self.requestURI:
+## self.requestURI = config.gBaseURL + q_username + "/mail/topfrm.py?q=1"
+
+ default_requestURI = config.gBaseURL + "%s/" % config.gDefaultModule
+
+ warn("requestURI", self.requestURI)
+
+ if not self.requestURI:
+ self.requestURI = default_requestURI
+
+
+ wwwhostname = hdf.getValue("HTTP.Host", "")
+
+ rurl = self.http + wwwhostname + config.gBaseURL + "login/signin0.py"
+
+ warn("signin.py", rurl)
+
+ # open login db to get pw
+ userRec = self.authdb.users.lookup(q_username)
+
+ if not userRec:
+ warn("signin.py", "login failure (%s) unknown user" % q_username)
+ self.redirectUri(rurl + "?err=Invalid+Login&request=%s" % neo_cgi.urlEscape(self.requestURI))
+
+ q_password = pwauth.unmungePassword(q_passwordHash)
+
+ ipaddr = hdf.getValue("CGI.RemoteAddress", "Unknown")
+ browserid = browserauth.getBrowserCookie(self.ncgi)
+
+ now = time.time()
+
+
+
+ loginRow = self.authdb.login.newRow()
+ loginRow.uid = userRec.uid
+ loginRow.username = userRec.username
+ loginRow.ipaddr = ipaddr
+ loginRow.browserid = browserid
+
+ if userRec.checkPassword(q_password) == 0:
+ warn("signin.py", "login failure (%s) password mismatch" % q_username, q_password)
+ loginRow.loginType = 0
+ loginRow.save()
+
+
+ url = rurl + "?err=Invalid+Login&request=%s" % neo_cgi.urlEscape(self.requestURI)
+ warn("redirecting to", url)
+ self.redirectUri(url)
+ return
+
+ # ----------- success!!! ------------------
+ # generate cookie
+
+ loginRow.loginType = 1
+ loginRow.save()
+
+ cookieauth.issueLoginCookie(self.ncgi, self.authdb, q_username, userRec.pw_hash, q_persist)
+
+
+ # redirect to the main page
+ self.redirectUri(self.requestURI)
+
+
+
+ def __del__(self):
+ if self.authdb:
+ self.authdb.close()
+ self.authdb = None
+
+def run(context):
+ page = SignInPage(context, pagename="signin",nologin=1)
+ return page
+
+def main(context):
+ page = run(context)
+ page.start()
+
+
+if __name__ == "__main__":
+ main(Context())
Property changes on: pkg/trunk/sandbox/web/webui/src/webui/mod/login/cgibin/signin.py
___________________________________________________________________
Added: svn:executable
+ *
Added: pkg/trunk/sandbox/web/webui/src/webui/mod/login/cgibin/signin0.py
===================================================================
--- pkg/trunk/sandbox/web/webui/src/webui/mod/login/cgibin/signin0.py (rev 0)
+++ pkg/trunk/sandbox/web/webui/src/webui/mod/login/cgibin/signin0.py 2009-08-20 22:04:49 UTC (rev 22478)
@@ -0,0 +1,82 @@
+#!/usr/bin/env python
+
+import nstart
+import config
+import os, sys, string, time
+
+from pyclearsilver.log import *
+
+from pyclearsilver.CSPage import Context, CSPage
+import neo_cgi
+
+from auth import cookieauth
+from auth import pwauth
+
+import xss
+
+class SignInPage(CSPage):
+ def subclassinit(self):
+ # hardcoded template location!
+
+ hdf = self.ncgi.hdf
+ hdf.setValue("Config.DebugPassword","1")
+ hdf.setValue("Config.CompressionEnabled","0")
+ hdf.setValue("Config.WhiteSpaceStrip","1")
+
+ now = int(time.time())
+ today = time.localtime(now)
+ neo_cgi.exportDate(hdf, "CGI.Today", "US/Pacific", now)
+
+ def setup(self):
+ hdf = self.ncgi.hdf
+ self.requestURI = hdf.getValue("Query.request", "")
+
+ def display(self):
+ hdf = self.ncgi.hdf
+ q_signout = hdf.getIntValue("Query.signout",0)
+ self.requestURI = hdf.getValue("Query.request", "")
+
+ q_username = xss.xssescape(string.lower(hdf.getValue("Query.username","")))
+
+ hdf.setValue("CGI.username", q_username)
+
+ if self.requestURI:
+ hdf.setValue("CGI.cur.request", self.requestURI)
+
+ if q_signout:
+ cookieauth.clearLoginCookie(self.ncgi, self.username)
+
+ def Action_Login(self):
+ hdf = self.ncgi.hdf
+
+ q_username = xss.xssescape(string.lower(hdf.getValue("Query.username","")))
+ q_password = hdf.getValue("Query.password","")
+ q_persist = hdf.getValue("Query.persist","0")
+
+ q_password_Hash = pwauth.mungePassword(q_password)
+
+ if not self.requestURI:
+ self.requestURI = config.gBaseURL + "%s/" % config.gDefaultModule
+
+ hostname = hdf.getValue("HTTP.Host", "")
+
+ # open login db to get pw
+ newhost = hostname
+
+ cookieauth.setPersistCookie(self.ncgi, q_persist)
+
+ url = self.http + newhost + config.gBaseURL + "login/signin.py?password=%s&persist=%s&Action.Login=1&request=%s&username=%s" % (neo_cgi.urlEscape(q_password_Hash), q_persist, neo_cgi.urlEscape(self.requestURI), q_username)
+ warn("signin0.py", "redirecting to url", url)
+ self.redirectUri(url)
+
+def run(context):
+ page = SignInPage(context, pagename="signin0", nologin=1)
+ return page
+
+def main(context):
+ page = run(context)
+ page.start()
+
+
+if __name__ == "__main__":
+ main(Context())
Property changes on: pkg/trunk/sandbox/web/webui/src/webui/mod/login/cgibin/signin0.py
___________________________________________________________________
Added: svn:executable
+ *
Added: pkg/trunk/sandbox/web/webui/src/webui/mod/login/templates/changePassword.cs
===================================================================
--- pkg/trunk/sandbox/web/webui/src/webui/mod/login/templates/changePassword.cs (rev 0)
+++ pkg/trunk/sandbox/web/webui/src/webui/mod/login/templates/changePassword.cs 2009-08-20 22:04:49 UTC (rev 22478)
@@ -0,0 +1,43 @@
+<html>
+<head>
+<title>Mail - Change Password</title>
+</head>
+<body>
+
+
+
+<table width=100% height=70%>
+
+
+<form action="changePassword.py" method=post>
+<input type=hidden name="request" value="<?cs var:CGI.cur.request?>">
+<input type=hidden name="login" value="<?cs var:CGI.Login?>">
+<tr><td align=center valign=middle>
+
+<?cs if:Query.err ?>
+Error: <font color=red><?cs var:Query.err ?></font><br>
+<?cs /if ?>
+
+<table width=150 cellspacing=0 cellpadding=2 style="border:1px solid #777799;" >
+<tr><td colspan=2 style="color:white;background:#777799;" align=center>
+Change Password
+</td></tr>
+<tr><td nowrap align=right>Old Password:</td>
+<td><input name=pw0 type=password size=20></tr>
+
+<tr><td nowrap align=right>New Password:</td>
+<td><input name=pw1 type=password size=20></tr>
+
+<tr><td nowrap align=right>Confirm Password:</td>
+<td><input name=pw2 type=password size=20></tr>
+
+<tr><Td colspan=2 align=center>
+<input type=hidden name="Action.changePassword" value="1">
+<input type=submit value="Change Password" name="Action.changePassword">
+</td></tr>
+</form>
+</table>
+</table>
+
+</body>
+</html>
Added: pkg/trunk/sandbox/web/webui/src/webui/mod/login/templates/forgotpw_1.cs
===================================================================
--- pkg/trunk/sandbox/web/webui/src/webui/mod/login/templates/forgotpw_1.cs (rev 0)
+++ pkg/trunk/sandbox/web/webui/src/webui/mod/login/templates/forgotpw_1.cs 2009-08-20 22:04:49 UTC (rev 22478)
@@ -0,0 +1,24 @@
+<html>
+<head>
+<title>Mail - Forgot Password</title>
+</head>
+<body>
+
+<table width=100% height=70%>
+<form action="forgotpw.py" method=post>
+<tr><td align=center valign=middle>
+<table width=150 cellspacing=0 cellpadding=2 style="border:1px solid #777799;" >
+<tr><td colspan=2 style="color:white;background:#777799;" align=center>
+Forgot Password
+</td></tr>
+<tr><td align=right>Login:</td>
+<td><input name=login type=text size=20 value="<?cs var:CGI.login ?>"></td></tr>
+<tr><Td colspan=2 align=center>
+<input type=hidden name="Action.ResetPw" value="1">
+<input type=submit value="Reset Password" name="Action.ResetPw">
+</td></tr>
+</form>
+</table>
+
+</body>
+</html>
Added: pkg/trunk/sandbox/web/webui/src/webui/mod/login/templates/forgotpw_3.cs
===================================================================
--- pkg/trunk/sandbox/web/webui/src/webui/mod/login/templates/forgotpw_3.cs (rev 0)
+++ pkg/trunk/sandbox/web/webui/src/webui/mod/login/templates/forgotpw_3.cs 2009-08-20 22:04:49 UTC (rev 22478)
@@ -0,0 +1,32 @@
+<html>
+<head>
+<title>Mail - Forgot Password</title>
+</head>
+<body>
+
+<table width=100% height=70%>
+<form action="forgotpw.py" method=post>
+<tr><td align=center valign=middle>
+<table width=150 cellspacing=0 cellpadding=2 style="border:1px solid #777799;" >
+<tr><td colspan=2 style="color:white;background:#777799;" align=center>
+Forgot Password
+</td></tr>
+<tr><td align=right>Login:</td>
+<td><b><?cs var:CGI.Login ?></b></td></tr>
+
+<input type=hidden name="login" value="<?cs var:CGI.Login ?>">
+
+<tr><td nowrap align=right>New Password:</td>
+<td><input name=pw1 type=password size=20></tr>
+
+<tr><td nowrap align=right>Confirm Password:</td>
+<td><input name=pw2 type=password size=20></tr>
+
+<tr><Td colspan=2 align=center>
+<input type=submit value="Set Password" name="Action.SetPassword">
+</td></tr>
+</form>
+</table>
+
+</body>
+</html>
Added: pkg/trunk/sandbox/web/webui/src/webui/mod/login/templates/register_1.cs
===================================================================
--- pkg/trunk/sandbox/web/webui/src/webui/mod/login/templates/register_1.cs (rev 0)
+++ pkg/trunk/sandbox/web/webui/src/webui/mod/login/templates/register_1.cs 2009-08-20 22:04:49 UTC (rev 22478)
@@ -0,0 +1,63 @@
+<html>
+<head>
+<title>New Account Registration</title>
+
+<script language="JavaScript">
+<!--
+function handleOnload() {
+ var top_parent = window;
+ while (top_parent.parent && (top_parent.parent != top_parent)) {
+ top_parent = top_parent.parent;
+ }
+ if (top_parent != window) {
+ top_parent.location.href="<?cs var:js_escape(CGI.RequestURI) ?>";
+ }
+}
+//-->
+</script>
+
+</head>
+<body onload="handleOnload()">
+
+<table width=100% height=70%>
+<form action="<?cs var:CGI.BaseURI?>_/login/register.py" method=post>
+<tr><td align=center valign=middle>
+
+
+<?cs if:Query.err ?>
+<center>
+Error: <font color=red><?cs var:Query.err ?></font>
+</center>
+<?cs /if ?>
+
+
+
+<table width=150 cellspacing=0 cellpadding=2 style="border:1px solid #777799;" >
+<tr><td colspan=2 style="color:white;background:#777799;" align=center>
+Register
+</td></tr>
+<tr><td align=right>Choose login name:</td>
+<td><input name=login type=text size=20 value="<?cs var:CGI.login ?>"></td></tr>
+
+<tr><td nowrap align=right>Your current email address:</td>
+<td><input name=out_address type=text size=50></td></tr>
+
+
+<tr><td nowrap align=right>Password:</td>
+<td><input name=pw1 type=password size=20></td></tr>
+
+<tr><td nowrap align=right>Confirm Password:</td>
+<td><input name=pw2 type=password size=20></td></tr>
+
+<tr><Td colspan=2 align=center>
+
+<input type=submit value="Create" name="Action.Create">
+</td></tr>
+
+</form>
+</table>
+
+</td></tr></table>
+
+</body>
+</html>
Added: pkg/trunk/sandbox/web/webui/src/webui/mod/login/templates/register_confirm.cs
===================================================================
--- pkg/trunk/sandbox/web/webui/src/webui/mod/login/templates/register_confirm.cs (rev 0)
+++ pkg/trunk/sandbox/web/webui/src/webui/mod/login/templates/register_confirm.cs 2009-08-20 22:04:49 UTC (rev 22478)
@@ -0,0 +1,49 @@
+<html>
+<head>
+<title>New Account Registration</title>
+
+<script language="JavaScript">
+<!--
+function handleOnload() {
+ var top_parent = window;
+ while (top_parent.parent && (top_parent.parent != top_parent)) {
+ top_parent = top_parent.parent;
+ }
+ if (top_parent != window) {
+ top_parent.location.href="<?cs var:js_escape(CGI.RequestURI) ?>";
+ }
+}
+//-->
+</script>
+
+</head>
+<body onload="handleOnload()">
+
+<table width=50% height=70% align=center>
+<tr><td valign=middle>
+
+<center>
+<b> Your account is created ! </b><p>
+</center>
+
+Forward mail to
+<tt><?cs var:CGI.mailAddrPattern?></tt>
+
+to deliver it to this account.
+
+<p>
+Sorry, there is no POP3 or IMAP support yet.
+
+<p>
+
+<center>
+
+<a href="<?cs var:CGI.BaseURI?><?cs var:CGI.Login?>/mail/index.py">See your new Inbox</a><p>
+
+</center>
+
+
+</td></tr></table>
+
+</body>
+</html>
Added: pkg/trunk/sandbox/web/webui/src/webui/mod/login/templates/signin.cs
===================================================================
--- pkg/trunk/sandbox/web/webui/src/webui/mod/login/templates/signin.cs (rev 0)
+++ pkg/trunk/sandbox/web/webui/src/webui/mod/login/templates/signin.cs 2009-08-20 22:04:49 UTC (rev 22478)
@@ -0,0 +1,58 @@
+<html>
+<head>
+<title>Mail Sign-In</title>
+
+<script language="JavaScript">
+<!--
+function handleOnload() {
+ var top_parent = window;
+ while (top_parent.parent && (top_parent.parent != top_parent)) {
+ top_parent = top_parent.parent;
+ }
+ if (top_parent != window) {
+ top_parent.location.href="<?cs var:js_escape(CGI.RequestURI) ?>";
+ }
+}
+//-->
+</script>
+
+</head>
+<body onload="handleOnload()">
+
+<table width=100% height=70%>
+<form action="<?cs var:CGI.BaseURI?>_/login/signin.py" method=post>
+<input type=hidden name=request value="<?cs var:url_escape(CGI.cur.request)?>">
+<tr><td align=center valign=middle>
+
+<?cs if:Query.reason == "timeout"?>
+ <b>Your login has timed-out due to inactivity, please sign in
+ again</b><p>
+<?cs /if ?>
+
+
+
+<table width=150 cellspacing=0 cellpadding=2 style="border:1px solid #777799;" >
+<tr><td colspan=2 style="color:white;background:#777799;" align=center>
+Sign-In
+</td></tr>
+<tr><td align=right>Username:</td>
+<td><input name=username type=text size=20 value=...
[truncated message content] |
