Commit bdd6bf777bdca23b5d330d227d0be93ea031c56f

Authored by soochanlee ago
1 parent c9d745c1d2
Exists in master

changing login logic to use python session

allowing multi login

Showing 5 changed files with 41 additions and 50 deletions Side-by-side Diff

project/project/controller/maria_db.py View file @ bdd6bf7
... ... @@ -35,12 +35,7 @@
35 35 return data
36 36  
37 37 def DelUserById(self, uid):
38   - query = "user del query"
39   - print "will delete user id [%s]"%uid
40   -# return -1
41 38  
42   -
43   -# def temp(self, uid):
44 39 #### confirming user
45 40 query_confirm_user = "SELECT count(*) from USER WHERE uid=%s AND status!='OUT';"%uid
46 41 self.cursor.execute(query_confirm_user)
... ... @@ -175,7 +170,6 @@
175 170 #print query_user
176 171 self.cursor.execute(query_user)
177 172 self.db.commit()
178   - print "db done"
179 173  
180 174 return 1
project/project/controller/models.py View file @ bdd6bf7
1 1  
2 2 class User():
3   - id = ''#db.Column(db.Integer, primary_key=True)
4   - nickname = ''#db.Column(db.String(64), index=True, unique=True)
5   - email = ''#db.Column(db.String(120), index=True, unique=True)
6   - posts = ''#db.relationship('Post', backref='author', lazy='dynamic')
  3 + id = ''
  4 + nickname = ''
  5 + email = ''
  6 + posts = ''
7 7  
8 8 def is_authenticated(self):
9 9 return True
... ... @@ -25,10 +25,10 @@
25 25  
26 26  
27 27 class Post():
28   - id = ''#db.Column(db.Integer, primary_key=True)
29   - body = ''#db.Column(db.String(140))
30   - timestamp = ''#db.Column(db.DateTime)
31   - user_id = ''#db.Column(db.Integer, db.ForeignKey('user.id'))
  28 + id = ''
  29 + body = ''
  30 + timestamp = ''
  31 + user_id = ''
32 32  
33 33 def __repr__(self):
34 34 return '<Post %r>' % (self.body)
project/project/controller/printer.py View file @ bdd6bf7
... ... @@ -22,7 +22,7 @@
22 22 ## Coded by Steve (2015.02.)
23 23 #################################################################
24 24  
25   -admin_user = {'id':'admin', 'passwd':'admin!@34', 'login':False, 'auth':'', 'fail_cnt':0, 'fail_date':0}
  25 +admin_user = {'id':'admin', 'passwd':'admin!@34', 'fail_cnt':0, 'fail_date':0}
26 26  
27 27 def get_date(hour):
28 28 """ Returns timestamp of days ago """
29 29  
30 30  
31 31  
32 32  
33 33  
34 34  
... ... @@ -31,42 +31,30 @@
31 31 return yesterday
32 32  
33 33 def get_dateSub():
34   - sub = int(get_date(0)) - admin_user['fail_date']
  34 + sub = int(get_date(0)) - session['fail_date']
35 35 return sub
36 36  
37   -def logout_handler(signum, frame):
38   - if signum == signal.SIGALRM:
39   - logout()
  37 +def is_login():
  38 + if session.has_key('is_login') == False or session['is_login'] == False:
  39 + return False
  40 + return True
40 41  
41   -
42   -signal.signal(signal.SIGALRM, logout_handler)
43   -
44 42 def logout():
45   - print "logout"
46   - admin_user['login'] = False
47   - admin_user['auth'] = ''
  43 + session.clear()
48 44  
49 45 @app.route('/log_out',methods=['GET','POST'])
50 46 def log_out():
51 47 logout()
52 48 return redirect(url_for('login'))
53 49  
  50 +""" main page controller """
54 51 @app.route('/',methods=['GET','POST'])
55 52 @app.route('/index', methods=['GET','POST'])
56 53 def index():
57   - auth = ""
58   -
59   - if admin_user['login'] == False:
  54 +
  55 + if is_login() == False
60 56 return redirect(url_for('login'))
61 57  
62   - if request.form.has_key('auth'):
63   - auth = request.form['auth']
64   - else:
65   - return redirect(url_for('login'))
66   -
67   - if auth != admin_user['auth']:
68   - return redirect(url_for('login'))
69   - signal.alarm(300)
70 58 data = []
71 59 user_id=""
72 60 del_flag = 0
73 61  
74 62  
75 63  
76 64  
77 65  
78 66  
79 67  
... ... @@ -84,35 +72,44 @@
84 72 data = utils.get_userbyname(user_id)
85 73  
86 74  
87   - return render_template('user.html',data=data, search=user_id, del_flag=del_flag, auth=auth)
  75 + return render_template('user.html',data=data, search=user_id, del_flag=del_flag)
88 76  
  77 +
  78 +""" login page controller """
89 79 @app.route('/auth', methods=['GET','POST'])
90 80 def login():
91 81 error = 0
92 82 form = LoginForm()
93 83  
94   - if admin_user['fail_cnt'] > 4:
  84 + if session.has_key('fail_cnt') == False:
  85 + session['fail_cnt'] = 0
  86 + session['fail_date'] = 0
  87 +
  88 + if session['fail_cnt'] > 4:
95 89 if get_dateSub() > 10:
96   - admin_user['fail_cnt'] = 0
97   - admin_user['fail_date'] = 0
  90 + session['fail_cnt'] = 0
  91 + session['fail_date'] = 0
98 92 else:
99 93 error = -2
100 94 return render_template('login.html', error=error, form=form)
101 95  
102 96  
103   - if form.validate_on_submit() and admin_user['fail_cnt'] < 5:
  97 + if form.validate_on_submit() and session['fail_cnt'] < 5:
104 98 if form.ID.data == admin_user['id'] and form.passwd.data == admin_user['passwd']:
105   - admin_user['login'] = True
106   - admin_user['auth'] = hashlib.sha256(admin_user['id'] + admin_user['passwd'] + str(get_date(0))).hexdigest()
107   - admin_user['fail_cnt'] = 0
108   - signal.alarm(300)
109   - return render_template('user.html',data=[], search='', del_flag=0, auth=admin_user['auth'])
  99 + #admin_user['login'] = True
  100 + #admin_user['auth'] = hashlib.sha256(admin_user['id'] + admin_user['passwd'] + str(get_date(0))).hexdigest()
  101 + session['is_login'] = True
  102 + session['fail_cnt'] = 0
  103 + #admin_user['fail_cnt'] = 0
  104 +
  105 + session.permanent = True
  106 + return render_template('user.html',data=[], search='', del_flag=0)
110 107 else:
111 108 error = -1
112   - admin_user['fail_cnt'] += 1
  109 + session['fail_cnt'] += 1
113 110  
114   - if admin_user['fail_cnt'] > 4:
115   - admin_user['fail_date'] = int(get_date(0))
  111 + if session['fail_cnt'] > 4:
  112 + session['fail_date'] = int(get_date(0))
116 113 error = -2
117 114  
118 115 return render_template('login.html', error=error, form=form)
project/project/templates/user.html View file @ bdd6bf7
... ... @@ -32,7 +32,6 @@
32 32 <b>ID or email : </b><input id="user_id" class="user_id" name="user_id" placeholder="ID or email" value="{{ search }}"></input>
33 33 <input class="btn btn-primary" style="height:30px;" value="검색" type="submit"/>
34 34 <input type="hidden" id="del_user" name="del_user">
35   - <input type="hidden" id="auth" name="auth" value="{{ auth }}">
36 35 </form>
37 36 </div>
38 37 <table class="table">
project/runserver.py View file @ bdd6bf7
... ... @@ -4,5 +4,6 @@
4 4 from project import app
5 5  
6 6 if __name__=='__main__':
  7 + app.permanent_session_lifetime = timedelta(minutes=5)
7 8 app.run('0.0.0.0',debug=True,port=5555)