parent
cb20f159fb
commit
2d075f867a
@ -1,34 +0,0 @@
|
||||
# -*- encoding: utf-8 -*-
|
||||
#
|
||||
# Copyright 2012, Martin Zimmermann <info@posativ.org>. All rights reserved.
|
||||
# License: BSD Style, 2 clauses. see isso/__init__.py
|
||||
|
||||
from os.path import join, dirname
|
||||
|
||||
from mako.lookup import TemplateLookup
|
||||
from itsdangerous import SignatureExpired, BadSignature
|
||||
|
||||
from isso.wsgi import setcookie
|
||||
|
||||
|
||||
mako = TemplateLookup(directories=[join(dirname(__file__), 'templates')], input_encoding='utf-8')
|
||||
render = lambda template, **context: mako.get_template(template).render_unicode(**context)
|
||||
|
||||
|
||||
def index(app, environ, request):
|
||||
|
||||
if request.method == 'POST':
|
||||
if request.form.getfirst('secret') == app.SECRET:
|
||||
return 301, '', {
|
||||
'Location': '/admin/',
|
||||
'Set-Cookie': setcookie('admin', app.signer.dumps('*'),
|
||||
max_age=app.MAX_AGE, path='/')}
|
||||
return 403, '', {}
|
||||
else:
|
||||
try:
|
||||
app.unsign(request.cookies.get('admin', ''))
|
||||
except (SignatureExpired, BadSignature):
|
||||
return 200, render('login.mako').encode('utf-8'), {'Content-Type': 'text/html'}
|
||||
|
||||
ctx = {'app': app, 'request': request}
|
||||
return 200, render('admin.mako', **ctx).encode('utf-8'), {'Content-Type': 'text/html'}
|
File diff suppressed because one or more lines are too long
File diff suppressed because it is too large
Load Diff
@ -0,0 +1,32 @@
|
||||
# -*- encoding: utf-8 -*-
|
||||
#
|
||||
# Copyright 2012, Martin Zimmermann <info@posativ.org>. All rights reserved.
|
||||
# License: BSD Style, 2 clauses. see isso/__init__.py
|
||||
|
||||
from os.path import join, dirname
|
||||
|
||||
from werkzeug.wrappers import Response
|
||||
from werkzeug.exceptions import abort
|
||||
from werkzeug.utils import redirect
|
||||
|
||||
from itsdangerous import SignatureExpired, BadSignature
|
||||
|
||||
|
||||
def index(app, environ, request):
|
||||
|
||||
if request.method == 'POST':
|
||||
print request.form.get('secret'), app.signer.secret_key
|
||||
if request.form.get('secret') == app.signer.secret_key:
|
||||
resp = redirect('/admin/', 301)
|
||||
resp.set_cookie('admin', app.signer.dumps('*'), max_age=app.MAX_AGE)
|
||||
return resp
|
||||
else:
|
||||
return abort(403)
|
||||
else:
|
||||
try:
|
||||
app.unsign(request.cookies.get('admin', ''))
|
||||
except (SignatureExpired, BadSignature):
|
||||
return Response(app.render('login.j2'), content_type='text/html')
|
||||
|
||||
ctx = {'app': app, 'request': request}
|
||||
return Response(app.render('admin.j2', app=app, request=request), content_type='text/html')
|
Loading…
Reference in new issue