Mercurial > hg > index.fcgi > www > www-1

comparison laterlinks2/laterlinks_app.py @ 78:f833a888c548

find changesets by author, revision, files, or words in the commit message
add cookie-based PIN system, and update laterlinks to use it
author paulo
date Thu, 02 Jun 2016 00:27:50 -0700
parents 49ca145627cb
children d7d67887102f
comparison
equal deleted inserted replaced
1:f6aec992e639 2:8f9142eb534a
4 import csv 4 import csv
5 import traceback 5 import traceback
6 6
7 import html 7 import html
8 8
9 import pinlib
10
9 11
10 DEBUG = True 12 DEBUG = True
11 STRTIME_FMT = "%Y-%m-%d %H:%M:%S" 13 STRTIME_FMT = "%Y-%m-%d %H:%M:%S"
12 MY_PIN = "qworpy"
13 14
14 15
15 class LLDialect(csv.Dialect): 16 class LLDialect(csv.Dialect):
16 delimiter = '\t' 17 delimiter = '\t'
17 quoting = csv.QUOTE_NONE 18 quoting = csv.QUOTE_NONE
77 78
78 def parse_wsgi_input(environ): 79 def parse_wsgi_input(environ):
79 return urlparse.parse_qs(environ["wsgi.input"].read()) 80 return urlparse.parse_qs(environ["wsgi.input"].read())
80 81
81 82
82 def get_pin(inp):
83 if "pin" not in inp:
84 raise PinFailError()
85
86 pin = inp["pin"][0]
87 if pin != MY_PIN:
88 raise PinFailError()
89
90 return pin
91
92 83
93 def main(environ): 84 def main(environ):
94 pin = ''
95 is_post = (environ["REQUEST_METHOD"] == "POST") 85 is_post = (environ["REQUEST_METHOD"] == "POST")
86 cookies = pinlib.parse_cookies(environ)
96 inp = parse_wsgi_input(environ) 87 inp = parse_wsgi_input(environ)
97 88
98 if is_post: 89 if is_post:
99 pin = get_pin(inp) 90 try:
91 pinlib.check(cookies)
92 except pinlib.PinFailError:
93 raise PinFailError
100 if inp["submit"][0] == "Add": 94 if inp["submit"][0] == "Add":
101 lldb_add(inp) 95 lldb_add(inp)
102 elif inp["submit"][0] == "Delete": 96 elif inp["submit"][0] == "Delete":
103 lldb_unread_delete(inp) 97 lldb_unread_delete(inp)
104 98
116 if (DEBUG): 110 if (DEBUG):
117 debug = body.pre 111 debug = body.pre
118 for i in environ.items(): 112 for i in environ.items():
119 debug += cgi.escape("%s = %s \n" % i) 113 debug += cgi.escape("%s = %s \n" % i)
120 114
121 debug += cgi.escape("wsgi.input.read = %s" % inp) 115 debug += cgi.escape("wsgi.input.read = %s \n" % inp)
116 debug += cgi.escape("cookies = %s \n" % cookies)
122 117
123 form = body.form(action="index.fcgi", method="post") 118 form = body.form(action="index.fcgi", method="post")
124 119
125 table = form.table 120 table = form.table
126 hrow = table.tr 121 hrow = table.tr
140 p1.br 135 p1.br
141 p1.label("URL").input(type="text", name="url", size="64") 136 p1.label("URL").input(type="text", name="url", size="64")
142 p1.br 137 p1.br
143 p1.input(type="submit", name="submit", value="Add") 138 p1.input(type="submit", name="submit", value="Add")
144 139
145 p2 = form.p
146 p2.input(type="password", name="pin", value=pin)
147
148 return unicode(root).encode("utf-8") 140 return unicode(root).encode("utf-8")
149 141
150 142
151 def app(environ, start_response): 143 def app(environ, start_response):
152 response_code = "500 Internal Server Error" 144 response_code = "500 Internal Server Error"
153 response_type = "text/plain; charset=UTF-8" 145 response_type = "text/plain; charset=UTF-8"
154 146
155 try: 147 try:
156 response_body = main(environ) 148 response_body = main(environ)
157 response_code = "200 OK" 149 response_code = "200 OK"
158 response_type = "text/html; charset=UTF-8" 150 response_type = "text/html; charset=UTF-8"
159 except LLError as e: 151 except LLError as e:
160 response_body = str(e) 152 response_body = str(e)
161 except: 153 except:
162 response_body = traceback.format_exc() 154 response_body = traceback.format_exc()