From bcdc84fb416820493e048fe28ca59e9090762ffb Mon Sep 17 00:00:00 2001
From: Aaron LI <aaronly.me@outlook.com>
Date: Tue, 15 Nov 2016 17:36:51 +0800
Subject: webui: Implement login support (password authentication)

---
 fg21sim/webui/handlers/login.py | 40 ++++++++++++++++++++++++++++++++++++++++
 1 file changed, 40 insertions(+)
 create mode 100644 fg21sim/webui/handlers/login.py

(limited to 'fg21sim/webui/handlers/login.py')

diff --git a/fg21sim/webui/handlers/login.py b/fg21sim/webui/handlers/login.py
new file mode 100644
index 0000000..4529005
--- /dev/null
+++ b/fg21sim/webui/handlers/login.py
@@ -0,0 +1,40 @@
+# Copyright (c) 2016 Weitian LI <liweitianux@live.com>
+# MIT license
+
+"""
+Login handler
+"""
+
+from tornado.options import options
+from tornado.escape import xhtml_escape
+
+from .base import BaseRequestHandler
+
+
+class LoginHandler(BaseRequestHandler):
+    """
+    Login page handler of the Web UI.
+
+    NOTE
+    ----
+    Only check the password to authenticate the access, therefore, the
+    default username "FG21SIM" is used.
+    """
+    def get(self):
+        if (options.password is None) or (options.password == ""):
+            # Password is not set, just allow
+            self.redirect(self.reverse_url("index"))
+        elif self.current_user:
+            # Already authenticated
+            self.redirect(self.reverse_url("index"))
+        else:
+            self.render("login.html", error="")
+
+    def post(self):
+        password = xhtml_escape(self.get_argument("password"))
+        if password == options.password:
+            self.set_secure_cookie("user", "FG21SIM")
+            self.redirect(self.reverse_url("index"))
+        else:
+            # Password incorrect
+            self.render("login.html", error="Incorrect password!")
-- 
cgit v1.2.2