Deluge
diff options
Diffstat (limited to 'deluge/ui/web/auth.py')
| -rw-r--r-- | deluge/ui/web/auth.py | 104 |
1 files changed, 52 insertions, 52 deletions
diff --git a/deluge/ui/web/auth.py b/deluge/ui/web/auth.py index 5ff450bf3..cc4350752 100644 --- a/deluge/ui/web/auth.py +++ b/deluge/ui/web/auth.py @@ -79,7 +79,7 @@ class Auth(JSONComponent): """ def __init__(self, config): - super(Auth, self).__init__("Auth") + super(Auth, self).__init__('Auth') self.worker = LoopingCall(self._clean_sessions) self.config = config @@ -90,18 +90,18 @@ class Auth(JSONComponent): self.worker.stop() def _clean_sessions(self): - session_ids = self.config["sessions"].keys() + session_ids = self.config['sessions'].keys() now = time.gmtime() for session_id in session_ids: - session = self.config["sessions"][session_id] + session = self.config['sessions'][session_id] - if "expires" not in session: - del self.config["sessions"][session_id] + if 'expires' not in session: + del self.config['sessions'][session_id] continue - if time.gmtime(session["expires"]) < now: - del self.config["sessions"][session_id] + if time.gmtime(session['expires']) < now: + del self.config['sessions'][session_id] continue def _create_session(self, request, login='admin'): @@ -116,75 +116,75 @@ class Auth(JSONComponent): m.update(os.urandom(32)) session_id = m.hexdigest() - expires, expires_str = make_expires(self.config["session_timeout"]) + expires, expires_str = make_expires(self.config['session_timeout']) checksum = str(make_checksum(session_id)) request.addCookie('_session_id', session_id + checksum, - path=request.base + "json", expires=expires_str) + path=request.base + 'json', expires=expires_str) - log.debug("Creating session for %s", login) + log.debug('Creating session for %s', login) - if isinstance(self.config["sessions"], list): - self.config["sessions"] = {} + if isinstance(self.config['sessions'], list): + self.config['sessions'] = {} - self.config["sessions"][session_id] = { - "login": login, - "level": AUTH_LEVEL_ADMIN, - "expires": expires + self.config['sessions'][session_id] = { + 'login': login, + 'level': AUTH_LEVEL_ADMIN, + 'expires': expires } return True def check_password(self, password): config = self.config - if "pwd_md5" in config.config: + if 'pwd_md5' in config.config: # We are using the 1.2-dev auth method - log.debug("Received a password via the 1.2-dev auth method") + log.debug('Received a password via the 1.2-dev auth method') m = hashlib.md5() - m.update(config["pwd_salt"]) + m.update(config['pwd_salt']) m.update(utf8_encoded(password)) if m.hexdigest() == config['pwd_md5']: # We want to move the password over to sha1 and remove # the old passwords from the config file. self._change_password(password) - del config.config["pwd_md5"] + del config.config['pwd_md5'] # Remove the older password if there is now. - if "old_pwd_md5" in config.config: - del config.config["old_pwd_salt"] - del config.config["old_pwd_md5"] + if 'old_pwd_md5' in config.config: + del config.config['old_pwd_salt'] + del config.config['old_pwd_md5'] return True - elif "old_pwd_md5" in config.config: + elif 'old_pwd_md5' in config.config: # We are using the 1.1 webui auth method - log.debug("Received a password via the 1.1 auth method") + log.debug('Received a password via the 1.1 auth method') from base64 import decodestring m = hashlib.md5() - m.update(decodestring(config["old_pwd_salt"])) + m.update(decodestring(config['old_pwd_salt'])) m.update(utf8_encoded(password)) - if m.digest() == decodestring(config["old_pwd_md5"]): + if m.digest() == decodestring(config['old_pwd_md5']): # We want to move the password over to sha1 and remove # the old passwords from the config file. self._change_password(password) - del config.config["old_pwd_salt"] - del config.config["old_pwd_md5"] + del config.config['old_pwd_salt'] + del config.config['old_pwd_md5'] return True - elif "pwd_sha1" in config.config: + elif 'pwd_sha1' in config.config: # We are using the 1.2 auth method - log.debug("Received a password via the 1.2 auth method") + log.debug('Received a password via the 1.2 auth method') s = hashlib.sha1() - s.update(config["pwd_salt"]) + s.update(config['pwd_salt']) s.update(utf8_encoded(password)) - if s.hexdigest() == config["pwd_sha1"]: + if s.hexdigest() == config['pwd_sha1']: return True else: # Can't detect which method we should be using so just deny # access. - log.debug("Failed to detect the login method") + log.debug('Failed to detect the login method') return False def check_request(self, request, method=None, level=None): @@ -202,39 +202,39 @@ class Auth(JSONComponent): :raises: Exception """ - session_id = get_session_id(request.getCookie("_session_id")) + session_id = get_session_id(request.getCookie('_session_id')) - if session_id not in self.config["sessions"]: + if session_id not in self.config['sessions']: auth_level = AUTH_LEVEL_NONE session_id = None else: - session = self.config["sessions"][session_id] - auth_level = session["level"] - expires, expires_str = make_expires(self.config["session_timeout"]) - session["expires"] = expires + session = self.config['sessions'][session_id] + auth_level = session['level'] + expires, expires_str = make_expires(self.config['session_timeout']) + session['expires'] = expires - _session_id = request.getCookie("_session_id") + _session_id = request.getCookie('_session_id') request.addCookie('_session_id', _session_id, - path=request.base + "json", expires=expires_str) + path=request.base + 'json', expires=expires_str) if method: - if not hasattr(method, "_json_export"): - raise Exception("Not an exported method") + if not hasattr(method, '_json_export'): + raise Exception('Not an exported method') - method_level = getattr(method, "_json_auth_level") + method_level = getattr(method, '_json_auth_level') if method_level is None: - raise Exception("Method has no auth level") + raise Exception('Method has no auth level') level = method_level if level is None: - raise Exception("No level specified to check against") + raise Exception('No level specified to check against') request.auth_level = auth_level request.session_id = session_id if auth_level < level: - raise AuthError("Not authenticated") + raise AuthError('Not authenticated') def _change_password(self, new_password): """ @@ -244,12 +244,12 @@ class Auth(JSONComponent): :param new_password: the password to change to :type new_password: string """ - log.debug("Changing password") + log.debug('Changing password') salt = hashlib.sha1(os.urandom(32)).hexdigest() s = hashlib.sha1(salt) s.update(utf8_encoded(new_password)) - self.config["pwd_salt"] = salt - self.config["pwd_sha1"] = s.hexdigest() + self.config['pwd_salt'] = salt + self.config['pwd_sha1'] = s.hexdigest() return True @export @@ -284,7 +284,7 @@ class Auth(JSONComponent): :param session_id: the id for the session to remove :type session_id: string """ - del self.config["sessions"][__request__.session_id] + del self.config['sessions'][__request__.session_id] return True @export(AUTH_LEVEL_NONE) |