Авторизация с использованием шифрованых cookies для фреймворка Bottle

  1
  2
  3
  4
  5
  6
  7
  8
  9
 10
 11
 12
 13
 14
 15
 16
 17
 18
 19
 20
 21
 22
 23
 24
 25
 26
 27
 28
 29
 30
 31
 32
 33
 34
 35
 36
 37
 38
 39
 40
 41
 42
 43
 44
 45
 46
 47
 48
 49
 50
 51
 52
 53
 54
 55
 56
 57
 58
 59
 60
 61
 62
 63
 64
 65
 66
 67
 68
 69
 70
 71
 72
 73
 74
 75
 76
 77
 78
 79
 80
 81
 82
 83
 84
 85
 86
 87
 88
 89
 90
 91
 92
 93
 94
 95
 96
 97
 98
 99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
# -*- coding: UTF-8 -*-

# THIRD-PARTY MODULES
from bottle import request, response

#LOCAL MODULES
import database
#Here you can import your database module, this is a demo import

class User:

    def __init__(self):
        self.db = database.Database() #database connection
        self.COOKIE_SECRET_KEY = 'my_very_secret_key' #change this key by yours
        self.loggedin = False
        self.credentials = None
        self.validate() #validating user to see if he is logged in
    
    def authenticate(self, email, password):
    
        ''' @type email str
            @type password dict
            
            Checks user credentials and authenticates him in system.
        '''
        
        user = self.db.find_user(email, password) #if user exitsts

        if user:
            self.set_cookie(user['user_id'])
            self.loggedin = True
            self.credentials = user
            return True
                
        return False
        
    def logout(self):
    
        '''Initiates user logout by destoying cookie.'''
        
        self.remove_cookie()
        self.loggedin = False
        self.credentials = None

        return True
        
    def register(self, email, password):
    
        ''' @type email str
            @type password str
            @type accepted str
            
            Get email, password and age acceptance from register page, 
            checks if email is already registered, hashes password with 
            md5 and store user data.
        '''

        if not self.db.find_user(email): #no user exists
            uid = self.db.add_user(email, password)

            if uid: #if user added successful
                self.set_cookie(uid)
                self.loggedin = True
                self.credentials = self.db.return_user_by_objectid(uid)
                return True

        return False    

    def validate(self):
    
        ''' Validates user email credential by decrypting encrypted cookie.
            Indicates that user is logged in and verified. If verification
            fails - destroys cookie by calling logout method ( because of
            possible cookie fraud ). Stores user info in credentials
            attribute in case of successful decryption.
        '''
        
        uid = request.get_cookie('__utmb', secret=self.COOKIE_SECRET_KEY)
        user = self.db.return_user_by_objectid(uid)

        if user:
            self.loggedin = True
            self.credentials = user
            return True
            
        self.logout()
        return None
        
    #COOKIES
        
    def set_cookie(self, uid):
        
        '''Sets user cookie based on his uid.'''
            
        response.set_cookie( 
                '__utmb',
                uid,
                secret=self.COOKIE_SECRET_KEY,
                expires=time.time() + ( 3600*24*365 ),
                domain='mydomain.com',
                path='/'
        )
        
    def remove_cookie(self):
    
        '''Destroys user cookie.'''
        
        response.set_cookie(
                '__utmb',
                '',
                secret=self.COOKIE_SECRET_KEY,
                expires=time.time() - ( 3600*24*365 ),
                domain='mydomain.com',
                path='/'
        )
29 марта 2012, 19:12 1 bender
blog comments powered by Disqus