From 68431035d0b48294b6a94c4a8db8c78e104146b6 Mon Sep 17 00:00:00 2001 From: Jan Dittberner Date: Tue, 18 Apr 2006 19:27:33 +0000 Subject: [PATCH] - use database data for login git-svn-id: file:///home/www/usr01/svn/gnuviechadmin/gnuviech.info/gnuviechadmin/trunk@189 a67ec6bc-e5d5-0310-a910-815c51eb3124 --- backend/GnuviechAdmin/ServiceFacade.py | 4 +++- backend/GnuviechAdmin/SessionManager.py | 20 ++++++++++++++------ 2 files changed, 17 insertions(+), 7 deletions(-) diff --git a/backend/GnuviechAdmin/ServiceFacade.py b/backend/GnuviechAdmin/ServiceFacade.py index b9ad976..a91cd42 100644 --- a/backend/GnuviechAdmin/ServiceFacade.py +++ b/backend/GnuviechAdmin/ServiceFacade.py @@ -14,7 +14,9 @@ class ServiceFacade: gnuviech admin backend. """ def __init__(self): - dbconn = psycopg.connect('host=%(dbhost)s user=%(dbuser)s password=%(dbpassword)s dbname=%(dbname)s' % Settings.DBSETTINGS) + connstr = 'host=%(dbhost)s user=%(dbuser)s ' + \ + 'password=%(dbpassword)s dbname=%(dbname)s' + dbconn = psycopg.connect(connstr % Settings.DBSETTINGS) self.sessionManager = SessionManager(dbconn) self.domainManager = DomainManager(dbconn) diff --git a/backend/GnuviechAdmin/SessionManager.py b/backend/GnuviechAdmin/SessionManager.py index 3197320..07d8154 100644 --- a/backend/GnuviechAdmin/SessionManager.py +++ b/backend/GnuviechAdmin/SessionManager.py @@ -4,7 +4,7 @@ Session manager class for gnuviech-admin tool backend $Id$ """ import Settings -import os, sha, time, logging +import os, sha, time, logging, psycopg from threading import Timer SESSIONTIMEOUT=120 # 2 minutes @@ -45,11 +45,19 @@ class SessionManager: return self._sessions.keys() def newSession(self, login, password): - self._hashobj.update("%s,%s" % (time.time(), login)) - sessionid = self._hashobj.hexdigest() - self._sessions[sessionid] = Session(sessionid, login) - self.updateSession(sessionid) - return sessionid + cr = self._dbconn.cursor() + cr.execute('SELECT * FROM sysuser WHERE name=%(login)s AND md5pass=md5(%(password)s)' % + {'login': psycopg.QuotedString(login), + 'password' : psycopg.QuotedString(password)}) + self._dbconn.commit() + result = cr.fetchall() + if cr.rowcount == 1: + self._hashobj.update("%s,%s" % (time.time(), login)) + sessionid = self._hashobj.hexdigest() + self._sessions[sessionid] = Session(sessionid, login) + self.updateSession(sessionid) + return sessionid + raise InvalidLoginError def updateSession(self, sessionid): self.logger.debug("update session %s" % sessionid)