kallithea Changeset - 9db7782727b3

Changeset - 9db7782727b3

Parent rev.

Child rev.

[Not reviewed]

default

0 5 0

Marcin Kuzminski - 16 years ago 2010-04-07 19:39:31
marcin@python-blog.com

Static files for production fixed
Error handler for debug on, added
admin auth function authenticates only admins
changed creation of db

5 files changed with 33 insertions and 14 deletions:

development.ini

production.ini

pylons_app/config/middleware.py

pylons_app/controllers/admin.py

pylons_app/lib/auth.py

0 comments (0 inline, 0 general)

development.ini

➞

Show inline comments

@@ @@ -38,7 +38,6 @@ repos_name = etelko @@
 ################################################################################
 #set debug = false
 ################################
 ### LOGGING CONFIGURATION   ####
 ################################
@@ @@ -91,5 +90,5 @@ formatter = generic @@
 [formatter_generic]
 format = %(asctime)s,%(msecs)03d %(levelname)-5.5s [%(name)s] %(message)s
 datefmt = %H:%M:%S
+datefmt = %Y-%m-%d %H:%M:%S

production.ini

➞

Show inline comments

@@ @@ -26,7 +26,7 @@ port = 8001 @@
 [app:main]
 use = egg:pylons_app
 full_stack = true
-static_files = false
+static_files = true
 lang=en
 cache_dir = %(here)s/data
 repos_name = etelko
@@ @@ -90,5 +90,5 @@ formatter = generic @@
 [formatter_generic]
 format = %(asctime)s,%(msecs)03d %(levelname)-5.5s [%(name)s] %(message)s
 datefmt = %H:%M:%S
+datefmt = %Y-%m-%d %H:%M:%S

pylons_app/config/middleware.py

➞

Show inline comments

@@ @@ -52,7 +52,7 @@ def make_app(global_conf, full_stack=Tru @@
         # 500 when debug is disabled)
         if asbool(config['debug']):
             #don't handle 404, since mercurial does it for us.
             app = StatusCodeRedirect(app, [400, 401, 403])
+            app = StatusCodeRedirect(app, [400, 401, 403, 500])
         else:
             app = StatusCodeRedirect(app, [400, 401, 403, 500])

pylons_app/controllers/admin.py

➞

Show inline comments

@@ @@ -30,8 +30,7 @@ class AdminController(BaseController): @@
             try:
                 c.form_result = login_form.to_python(dict(request.params))
                 if auth.authfunc(None, c.form_result['username'], c.form_result['password']) and\
                     c.form_result['username'] == 'admin':
                 if auth.admin_auth(c.form_result['username'], c.form_result['password']):
                     session['admin_user'] = True
                     session['admin_username'] = c.form_result['username']
                     session.save()

pylons_app/lib/auth.py

➞

Show inline comments

@@ @@ -13,6 +13,28 @@ def get_sqlite_conn_cur(): @@
     cur = conn.cursor()
     return conn, cur
 def admin_auth(username, password):
     conn, cur = get_sqlite_conn_cur()
     password_crypt = crypt.crypt(password, '6a')
     try:
         cur.execute("SELECT * FROM users WHERE username=?", (username,))
         data = cur.fetchone()
     except sqlite3.OperationalError as e:
         data = None
         log.error(e)
     if data:
         if data[3]:
             if data[1] == username and data[2] == password_crypt and data[4]:
                 log.info('user %s authenticated correctly', username)
                 return True
         else:
             log.error('user %s is disabled', username)
     return False
 def authfunc(environ, username, password):
     conn, cur = get_sqlite_conn_cur()
     password_crypt = crypt.crypt(password, '6a')
@@ @@ -65,7 +87,8 @@ def create_user_table(): @@
                         (id INTEGER PRIMARY KEY AUTOINCREMENT,
                          username TEXT,
                          password TEXT,
                          active INTEGER)''')
                          active INTEGER,
                          admin INTEGER)''')
         log.info('creating table %s', 'user_logs')
         cur.execute('''DROP TABLE IF EXISTS user_logs ''')
         cur.execute('''CREATE TABLE user_logs
@@ @@ -80,14 +103,13 @@ def create_user_table(): @@
     cur.close()
 def create_user(username, password):
+def create_user(username, password, admin=False):
     conn, cur = get_sqlite_conn_cur()
     password_crypt = crypt.crypt(password, '6a')
     cur_date = datetime.now()
     log.info('creating user %s', username)
     try:
         cur.execute('''INSERT INTO users values (?,?,?,?) ''',
                     (None, username, password_crypt, 1,))
         cur.execute('''INSERT INTO users values (?,?,?,?,?) ''',
                     (None, username, password_crypt, 1, admin))
         conn.commit()
     except:
         conn.rollback()
@@ @@ -95,7 +117,7 @@ def create_user(username, password): @@
 if __name__ == "__main__":
     create_user_table()
     create_user('marcink', 'qweqwe')
+    create_user('marcink', 'qweqwe', True)
     create_user('lukaszd', 'qweqwe')
     create_user('adriand', 'qweqwe')
     create_user('radek', 'qweqwe')
@@ @@ -103,6 +125,5 @@ if __name__ == "__main__": @@
     create_user('bart', 'qweqwe')
     create_user('maho', 'qweqwe')
     create_user('michalg', 'qweqwe')
     create_user('admin', 'qwe123qwe')
     #authfunc('', 'marcink', 'qweqwe')

0 comments (0 inline, 0 general)