diff laterlinks2/laterlinks_app.py @ 78:f833a888c548

add cookie-based PIN system, and update laterlinks to use it
author paulo
date Thu, 02 Jun 2016 00:27:50 -0700
parents 49ca145627cb
children d7d67887102f
line diff
     1.1 --- a/laterlinks2/laterlinks_app.py	Tue May 31 23:40:17 2016 -0600
     1.2 +++ b/laterlinks2/laterlinks_app.py	Thu Jun 02 00:27:50 2016 -0700
     1.3 @@ -6,10 +6,11 @@
     1.4  
     1.5  import html
     1.6  
     1.7 +import pinlib
     1.8 +
     1.9  
    1.10  DEBUG = True
    1.11  STRTIME_FMT = "%Y-%m-%d %H:%M:%S"
    1.12 -MY_PIN = "qworpy"
    1.13  
    1.14  
    1.15  class LLDialect(csv.Dialect):
    1.16 @@ -79,24 +80,17 @@
    1.17  	return urlparse.parse_qs(environ["wsgi.input"].read())
    1.18  
    1.19  
    1.20 -def get_pin(inp):
    1.21 -	if "pin" not in inp:
    1.22 -		raise PinFailError()
    1.23 -
    1.24 -	pin = inp["pin"][0]
    1.25 -	if pin != MY_PIN:
    1.26 -		raise PinFailError()
    1.27 -
    1.28 -	return pin
    1.29 -
    1.30  
    1.31  def main(environ):
    1.32 -	pin = '' 
    1.33  	is_post = (environ["REQUEST_METHOD"] == "POST")
    1.34 +	cookies = pinlib.parse_cookies(environ)
    1.35  	inp = parse_wsgi_input(environ)
    1.36  
    1.37  	if is_post:
    1.38 -		pin = get_pin(inp)
    1.39 +		try:
    1.40 +			pinlib.check(cookies)
    1.41 +		except pinlib.PinFailError:
    1.42 +			raise PinFailError
    1.43  		if inp["submit"][0] == "Add":
    1.44  			lldb_add(inp)
    1.45  		elif inp["submit"][0] == "Delete":
    1.46 @@ -118,7 +112,8 @@
    1.47  		for i in environ.items():
    1.48  			debug += cgi.escape("%s = %s \n" % i)
    1.49  
    1.50 -		debug += cgi.escape("wsgi.input.read = %s" % inp)
    1.51 +		debug += cgi.escape("wsgi.input.read = %s \n" % inp)
    1.52 +		debug += cgi.escape("cookies = %s \n" % cookies)
    1.53  
    1.54  	form = body.form(action="index.fcgi", method="post")
    1.55  
    1.56 @@ -142,9 +137,6 @@
    1.57  	p1.br
    1.58  	p1.input(type="submit", name="submit", value="Add")
    1.59  
    1.60 -	p2 = form.p
    1.61 -	p2.input(type="password", name="pin", value=pin)
    1.62 -
    1.63  	return unicode(root).encode("utf-8")
    1.64  
    1.65  
    1.66 @@ -154,7 +146,7 @@
    1.67  
    1.68  	try:
    1.69  		response_body = main(environ)
    1.70 -	        response_code = "200 OK"
    1.71 +		response_code = "200 OK"
    1.72  		response_type = "text/html; charset=UTF-8"
    1.73  	except LLError as e:
    1.74  		response_body = str(e)