diff options
author | Aaron LI <aaronly.me@outlook.com> | 2016-11-15 17:36:51 +0800 |
---|---|---|
committer | Aaron LI <aaronly.me@outlook.com> | 2016-11-15 17:47:21 +0800 |
commit | bcdc84fb416820493e048fe28ca59e9090762ffb (patch) | |
tree | 95a0d85429d1ba9011001f22bd59c3e06274008e | |
parent | 823fb20c83ff9dedcc5d804f32a0f80ab1810813 (diff) | |
download | fg21sim-bcdc84fb416820493e048fe28ca59e9090762ffb.tar.bz2 |
webui: Implement login support (password authentication)
-rw-r--r-- | fg21sim/webui/handlers/__init__.py | 5 | ||||
-rw-r--r-- | fg21sim/webui/handlers/base.py | 30 | ||||
-rw-r--r-- | fg21sim/webui/handlers/login.py | 40 | ||||
-rw-r--r-- | fg21sim/webui/templates/login.html | 30 |
4 files changed, 105 insertions, 0 deletions
diff --git a/fg21sim/webui/handlers/__init__.py b/fg21sim/webui/handlers/__init__.py new file mode 100644 index 0000000..f97ef07 --- /dev/null +++ b/fg21sim/webui/handlers/__init__.py @@ -0,0 +1,5 @@ +# Copyright (c) 2016 Weitian LI <liweitianux@live.com> +# MIT license + +from .index import IndexHandler +from .login import LoginHandler diff --git a/fg21sim/webui/handlers/base.py b/fg21sim/webui/handlers/base.py new file mode 100644 index 0000000..5a6e3a9 --- /dev/null +++ b/fg21sim/webui/handlers/base.py @@ -0,0 +1,30 @@ +# Copyright (c) 2016 Weitian LI <liweitianux@live.com> +# MIT license + +""" +Base handler for other handlers +""" + + +import tornado.web +from tornado.options import options + + +class BaseRequestHandler(tornado.web.RequestHandler): + def get_current_user(self): + """ + Override the ``get_current_user()`` method to implement user + authentication. + + Determine the current user based on the value of a cookie. + + References + ---------- + - Tornado: Authentication and security + http://www.tornadoweb.org/en/stable/guide/security.html + """ + if (options.password is None) or (options.password == ""): + # Password not set, then all accesses are allowed + return True + else: + return self.get_secure_cookie("user") diff --git a/fg21sim/webui/handlers/login.py b/fg21sim/webui/handlers/login.py new file mode 100644 index 0000000..4529005 --- /dev/null +++ b/fg21sim/webui/handlers/login.py @@ -0,0 +1,40 @@ +# Copyright (c) 2016 Weitian LI <liweitianux@live.com> +# MIT license + +""" +Login handler +""" + +from tornado.options import options +from tornado.escape import xhtml_escape + +from .base import BaseRequestHandler + + +class LoginHandler(BaseRequestHandler): + """ + Login page handler of the Web UI. + + NOTE + ---- + Only check the password to authenticate the access, therefore, the + default username "FG21SIM" is used. + """ + def get(self): + if (options.password is None) or (options.password == ""): + # Password is not set, just allow + self.redirect(self.reverse_url("index")) + elif self.current_user: + # Already authenticated + self.redirect(self.reverse_url("index")) + else: + self.render("login.html", error="") + + def post(self): + password = xhtml_escape(self.get_argument("password")) + if password == options.password: + self.set_secure_cookie("user", "FG21SIM") + self.redirect(self.reverse_url("index")) + else: + # Password incorrect + self.render("login.html", error="Incorrect password!") diff --git a/fg21sim/webui/templates/login.html b/fg21sim/webui/templates/login.html new file mode 100644 index 0000000..51d4cd1 --- /dev/null +++ b/fg21sim/webui/templates/login.html @@ -0,0 +1,30 @@ +{# + # Copyright (c) 2016 Weitian LI <liweitianux@live.com> + # MIT license + # + # Login page for the Web UI of "fg21sim" + #} + +{% extends "base.html" %} + +{% block subtitle %}Login |{% end %} + +{% block main %} +<section id="login"> + <h2><span class="fa fa-key" aria-hidden="true"></span> Login</h2> + <hr /> + + <form action="/login" method="post"> + {% module xsrf_form_html() %} + <fieldset> + <label for="password">Password: + {% if (error != "") %} + <span class="label label-warning">{{ error }}</span> + {% end %} + </label> + <input class="form-control" type="password" id="password" name="password" required /> + <button type="submit">Login</button> + </fieldset> + </form> +</section> +{% end %} |