add basic session support

This commit is contained in:
Damien Churchill 2009-04-27 13:01:20 +00:00
parent c4cdd70a4e
commit e837493757
4 changed files with 83 additions and 7 deletions

View File

@ -23,6 +23,9 @@ Copyright:
(function(){
Ext.deluge.LoginWindow = Ext.extend(Ext.Window, {
firstShow: true,
constructor: function(config) {
config = Ext.apply({
layout: 'fit',
@ -45,6 +48,7 @@ Copyright:
Ext.deluge.LoginWindow.superclass.initComponent.call(this);
Deluge.Events.on('logout', this.onLogout, this);
this.on('show', this.onShow, this);
this.on('beforeshow', this.onBeforeShow, this);
this.addButton({
text: _('Login'),
@ -82,10 +86,11 @@ Copyright:
var passwordField = this.loginForm.items.get('password');
Deluge.Client.web.login(passwordField.getValue(), {
success: function(result) {
if (result == true) {
if (result) {
Deluge.Events.fire('login');
this.hide();
passwordField.setRawValue('');
Deluge.UI.cookies.set("session", result);
} else {
Ext.MessageBox.show({
title: _('Login Failed'),
@ -105,7 +110,40 @@ Copyright:
},
onLogout: function() {
this.show();
var session = Deluge.UI.cookies.get("session", false);
if (session) {
Deluge.Client.web.delete_session(session, {
success: function(result) {
Deluge.UI.cookies.set("session", false);
this.show();
},
scope: this
});
}
},
onBeforeShow: function() {
var session = Deluge.UI.cookies.get("session", false);
if (session) {
Deluge.Client.web.check_session(session, {
success: function(result) {
if (result) {
Deluge.Events.fire('login');
this.loginForm.items.get('password').setRawValue('');
this.hide();
} else {
Deluge.UI.cookies.set("session", false);
this.show();
}
},
failure: function(result) {
Deluge.UI.cookies.set("session", false);
this.show();
},
scope: this
});
return false;
}
},
onShow: function() {

View File

@ -49,11 +49,14 @@ Deluge.UI = {
items: [this.MainPanel]
});
Deluge.Login.show();
Deluge.Events.on("connect", this.onConnect, this);
Deluge.Events.on("disconnect", this.onDisconnect, this);
Deluge.Client = new Ext.ux.util.RpcClient({url: '/json'});
Deluge.Client = new Ext.ux.util.RpcClient({
url: '/json'
});
Deluge.Client.on('connected', function(e) {
Deluge.Login.show();
});
this.update = this.update.bind(this);
},

View File

@ -25,6 +25,7 @@
import os
import time
import base64
import random
import urllib
import hashlib
import logging
@ -427,6 +428,35 @@ class WebApi(JSONComponent):
d.callback(True)
return d
def _create_session(self, login='admin'):
m = hashlib.md5()
m.update(login)
m.update(str(time.time()))
m.update(str(random.getrandbits(999)))
m.update(m.hexdigest())
session_id = m.hexdigest()
config = component.get("DelugeWeb").config
config["sessions"][session_id] = {
"login": login
}
return session_id
@export
def check_session(self, session_id):
d = Deferred()
config = component.get("DelugeWeb").config
d.callback(session_id in config["sessions"])
return d
@export
def delete_session(self, session_id):
d = Deferred()
config = component.get("DelugeWeb").config
del config["sessions"][session_id]
d.callback(True)
return d
@export
def login(self, password):
"""Method to allow the webui to authenticate
@ -436,7 +466,11 @@ class WebApi(JSONComponent):
m.update(config['pwd_salt'])
m.update(password)
d = Deferred()
d.callback(m.hexdigest() == config['pwd_md5'])
if m.hexdigest() == config['pwd_md5']:
# Change this to return a session id
d.callback(self._create_session())
else:
d.callback(False)
return d
@export

View File

@ -26,6 +26,7 @@ import os
import time
import locale
import shutil
import signal
import urllib
import gettext
import hashlib
@ -71,7 +72,7 @@ CONFIG_DEFAULTS = {
"pwd_salt": "16f65d5c79b7e93278a28b60fed2431e",
"pwd_md5": "2c9baa929ca38fb5c9eb5b054474d1ce",
"base": "",
"sessions": [],
"sessions": {},
"sidebar_show_zero": False,
"sidebar_show_trackers": False,
"show_keyword_search": False,