diff options
| author | 2011-02-05 14:19:22 +0100 | |
|---|---|---|
| committer | 2011-02-05 14:19:22 +0100 | |
| commit | 7c332ae610f7feca193ba50ea900f5a417681a7b (patch) | |
| tree | e71f1ba6b8eb52f13c11289069d65288b17a111c | |
| parent | py 2.5 fix -> removed import (diff) | |
| download | pyload-7c332ae610f7feca193ba50ea900f5a417681a7b.tar.xz | |
created unified authentication system (same data for webinterface an GUI/CLI, multiple accounts)
| -rw-r--r-- | module/ConfigParser.py | 35 | ||||
| -rw-r--r-- | module/DatabaseBackend.py | 42 | ||||
| -rw-r--r-- | module/UserDatabase.py | 53 | ||||
| -rw-r--r-- | module/config/default.conf | 5 | ||||
| -rw-r--r-- | module/gui/ConnectionManager.py | 2 | ||||
| -rw-r--r-- | module/lib/SecureXMLRPCServer.py | 23 | ||||
| -rw-r--r-- | module/remote/RemoteManager.py | 8 | ||||
| -rw-r--r-- | module/remote/XMLRPCBackend.py | 7 | ||||
| -rw-r--r-- | module/setup.py | 57 | ||||
| -rw-r--r-- | module/web/ServerThread.py | 48 | ||||
| -rw-r--r-- | module/web/pyload_app.py | 53 | ||||
| -rw-r--r-- | module/web/webinterface.py | 57 | ||||
| -rwxr-xr-x | pyLoadCore.py | 7 | ||||
| -rwxr-xr-x | pyLoadGui.py | 10 | 
14 files changed, 201 insertions, 206 deletions
| diff --git a/module/ConfigParser.py b/module/ConfigParser.py index e3e5d103a..a8ecf6324 100644 --- a/module/ConfigParser.py +++ b/module/ConfigParser.py @@ -39,11 +39,7 @@ class ConfigParser:          """Constructor"""          self.config = {} # the config values          self.plugin = {} # the config for plugins -         -        self.username = "" -        self.password = "" -        #stored outside and may not modified -         +        self.oldRemoteData = {}          self.checkVersion() @@ -98,20 +94,17 @@ class ConfigParser:          try:              homeconf = self.parseConfig("pyload.conf") +            if homeconf["remote"].has_key("username"): +                if homeconf["remote"].has_key("password"): +                    self.oldRemoteData = {"username": homeconf["remote"]["username"]["value"], "password": homeconf["remote"]["username"]["value"]} +                    del homeconf["remote"]["password"] +                del homeconf["remote"]["username"]              self.updateValues(homeconf, self.config)          except Exception, e:              print "Config Warning"              print_exc() -             -        self.username = self.config["remote"]["username"]["value"] -        del self.config["remote"]["username"] -         -        self.password = self.config["remote"]["password"]["value"] -        del self.config["remote"]["password"] -         -              #----------------------------------------------------------------------      def parseConfig(self, config):          """parses a given configfile""" @@ -273,23 +266,7 @@ class ConfigParser:      def save(self):          """saves the configs to disk""" -        self.config["remote"]["username"] = { -            "desc" : "Username", -            "type": "str", -            "value": self.username -        } -         -        self.config["remote"]["password"] = { -            "desc" : "Password", -            "type": "str", -            "value": self.password -        }  -                  self.saveConfig(self.config, "pyload.conf") -         -        del self.config["remote"]["username"] -        del self.config["remote"]["password"] -                  self.saveConfig(self.plugin, "plugin.conf")      #---------------------------------------------------------------------- diff --git a/module/DatabaseBackend.py b/module/DatabaseBackend.py index 2267f3577..d8ad2d252 100644 --- a/module/DatabaseBackend.py +++ b/module/DatabaseBackend.py @@ -134,9 +134,11 @@ class DatabaseBackend(Thread):                  self.conn.commit()              self.transactionLock.release() +    @style.queue      def shutdown(self): -        self.syncSave() +        self.conn.commit()          self.jobs.put(("quit")) +        self.conn.close()      def _checkVersion(self):          """ check db version and delete it if needed""" @@ -151,7 +153,10 @@ class DatabaseBackend(Thread):          f.close()          if v < DB_VERSION:              if v < 2: -                self.manager.core.log.warning(_("Filedatabase was deleted due to incompatible version.")) +                try: +                    self.manager.core.log.warning(_("Filedatabase was deleted due to incompatible version.")) +                except: +                    print "Filedatabase was deleted due to incompatible version."                  remove("files.version")                  move("files.db", "files.backup.db")              f = open("files.version", "wb") @@ -163,18 +168,27 @@ class DatabaseBackend(Thread):          try:              getattr(self, "_convertV%i" % v)()          except: -            self.core.log.error(_("Filedatabase could NOT be converted.")) +            try: +                self.core.log.error(_("Filedatabase could NOT be converted.")) +            except: +                print "Filedatabase could NOT be converted."      #--convert scripts start      def _convertV2(self):          self.c.execute('CREATE TABLE IF NOT EXISTS "storage" ("id" INTEGER PRIMARY KEY AUTOINCREMENT, "identifier" TEXT NOT NULL, "key" TEXT NOT NULL, "value" TEXT DEFAULT "")') -        self.manager.core.log.info(_("Database was converted from v2 to v3.")) +        try: +            self.manager.core.log.info(_("Database was converted from v2 to v3.")) +        except: +            print "Database was converted from v2 to v3."          self._convertV3()      def _convertV3(self):          self.c.execute('CREATE TABLE IF NOT EXISTS "users" ("id" INTEGER PRIMARY KEY AUTOINCREMENT, "name" TEXT NOT NULL, "email" TEXT DEFAULT "" NOT NULL, "password" TEXT NOT NULL, "role" INTEGER DEFAULT 0 NOT NULL, "permission" INTEGER DEFAULT 0 NOT NULL, "template" TEXT DEFAULT "default" NOT NULL)') -        self.manager.core.log.info(_("Database was converted from v3 to v2.")) +        try: +            self.manager.core.log.info(_("Database was converted from v3 to v4.")) +        except: +            print "Database was converted from v3 to v4."      #--convert scripts end @@ -186,6 +200,24 @@ class DatabaseBackend(Thread):          self.c.execute('CREATE INDEX IF NOT EXISTS "pIdIndex" ON links(package)')          self.c.execute('CREATE TABLE IF NOT EXISTS "storage" ("id" INTEGER PRIMARY KEY AUTOINCREMENT, "identifier" TEXT NOT NULL, "key" TEXT NOT NULL, "value" TEXT DEFAULT "")')          self.c.execute('CREATE TABLE IF NOT EXISTS "users" ("id" INTEGER PRIMARY KEY AUTOINCREMENT, "name" TEXT NOT NULL, "email" TEXT DEFAULT "" NOT NULL, "password" TEXT NOT NULL, "role" INTEGER DEFAULT 0 NOT NULL, "permission" INTEGER DEFAULT 0 NOT NULL, "template" TEXT DEFAULT "default" NOT NULL)') +         +        if exists("pyload.db"): +            try: +                self.core.log.info(_("Converting old Django DB")) +            except: +                print "Converting old Django DB" +            conn = sqlite3.connect('pyload.db') +            c = conn.cursor() +            c.execute("SELECT username, password, email from auth_user WHERE is_superuser") +            users = [] +            for r in c: +                pw = r[1].split("$") +                users.append((r[0], pw[1] + pw[2], r[2])) +            c.close() +            conn.close() +             +            self.c.executemany("INSERT INTO users(name, password, email) VALUES (?, ?, ?)", users) +            move("pyload.db", "pyload.old.db")          self.c.execute('VACUUM')      def createCursor(self): diff --git a/module/UserDatabase.py b/module/UserDatabase.py new file mode 100644 index 000000000..54852fae1 --- /dev/null +++ b/module/UserDatabase.py @@ -0,0 +1,53 @@ +# -*- coding: utf-8 -*- +""" +    This program is free software; you can redistribute it and/or modify +    it under the terms of the GNU General Public License as published by +    the Free Software Foundation; either version 3 of the License, +    or (at your option) any later version. + +    This program is distributed in the hope that it will be useful, +    but WITHOUT ANY WARRANTY; without even the implied warranty of +    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. +    See the GNU General Public License for more details. + +    You should have received a copy of the GNU General Public License +    along with this program; if not, see <http://www.gnu.org/licenses/>. + +    @author: mkaay +""" + +from DatabaseBackend import DatabaseBackend +from DatabaseBackend import style + +from hashlib import sha1 +import random + +class UserMethods(): +    @style.queue +    def checkAuth(db, user, password): +        c = db.createCursor() +        c.execute('SELECT name, password, role, permission, template FROM "users" WHERE name=?', (user, )) +        r = c.fetchone() +        if not r: +            return {} +         +        salt = r[1][:5] +        pw = r[1][5:] +        h = sha1(salt + password) +        if h.hexdigest() == pw: +            return {"name": r[0], "role": r[2], "permission": r[3], "template": r[4]} +     +    @style.queue +    def addUser(db, user, password): +        salt = reduce(lambda x, y: x + y, [str(random.randint(0, 9)) for i in range(0, 5)]) +        h = sha1(salt + password) +        password = salt + h.hexdigest() +         +        c = db.createCursor() +        c.execute('SELECT name FROM users WHERE name=?', (user, )) +        if c.fetchone() is not None: +            c.execute('UPDATE users SET password=? WHERE name=?', (password, user)) +        else: +            c.execute('INSERT INTO users (name, password) VALUES (?, ?)', (user, password)) + +DatabaseBackend.registerSub(UserMethods) diff --git a/module/config/default.conf b/module/config/default.conf index 18edd5a77..ab9afaca0 100644 --- a/module/config/default.conf +++ b/module/config/default.conf @@ -3,8 +3,7 @@ version: 1  remote - "Remote":
  	int port : "Port" = 7227
  	ip listenaddr : "Adress" = 0.0.0.0
 -	str username : "Username" = admin
 -	password password : "Password" = pwhere
 +	bool nolocalauth : "No authentication on local connections" = True
  ssl - "SSL":
  	bool activated : "Activated"= False
  	file cert : "SSL Certificate" = ssl.crt
 @@ -58,4 +57,4 @@ proxy - "Proxy":  	int port : "Port" = 7070
  	http;socks4;socks5 type : "Protocol" = http
  	str username : "Username" = None
 -	password password : "Password" = None
\ No newline at end of file +	password password : "Password" = None
 diff --git a/module/gui/ConnectionManager.py b/module/gui/ConnectionManager.py index 021bd6bdd..92c1540d7 100644 --- a/module/gui/ConnectionManager.py +++ b/module/gui/ConnectionManager.py @@ -285,7 +285,7 @@ class ConnectionManager(QWidget):              d["default"] = self.default              d["name"] = self.controls["name"].text()              d["local"] = self.controls["local"].isChecked() -            d["ssl"] = str(self.controls["ssl"].isChecked()) +            d["ssl"] = self.controls["ssl"].isChecked()              d["user"] = self.controls["user"].text()              d["password"] = self.controls["password"].text()              d["host"] = self.controls["host"].text() diff --git a/module/lib/SecureXMLRPCServer.py b/module/lib/SecureXMLRPCServer.py index d2238aeed..525ffbe82 100644 --- a/module/lib/SecureXMLRPCServer.py +++ b/module/lib/SecureXMLRPCServer.py @@ -66,7 +66,7 @@ class SecureSocketServer(SocketServer.TCPServer, SocketServer.ThreadingMixIn):  class AuthXMLRPCRequestHandler(SimpleXMLRPCRequestHandler):      def __init__(self, request, client_address, server): -        self.authMap = server.getAuthenticationMap() +        self.checkAuth = server.checkAuth          SimpleXMLRPCRequestHandler.__init__(self, request, client_address, server)      def setup(self): @@ -76,20 +76,17 @@ class AuthXMLRPCRequestHandler(SimpleXMLRPCRequestHandler):      def do_POST(self):          # authentication -        if self.authMap is not None: # explicit None! +        if self.checkAuth is not None: # explicit None!              if self.headers.has_key('authorization') and self.headers['authorization'].startswith('Basic '):                  authenticationString = base64.b64decode(self.headers['authorization'].split(' ')[1])                  if authenticationString.find(':') != -1:                      username, password = authenticationString.split(':', 1) -                    if self.authMap.has_key(username) and self.verifyPassword(username, password): +                    if self.checkAuth(username, password, self.client_address[0]):                          return SimpleXMLRPCRequestHandler.do_POST(self)              self.send_response(401)              self.end_headers()              return False          return SimpleXMLRPCRequestHandler.do_POST(self) -     -    def verifyPassword(self, username, givenPassword): -        return self.authMap[username] == givenPassword  class SecureXMLRPCRequestHandler(AuthXMLRPCRequestHandler):      def __init__(self, request, client_address, server, client_digest=None): @@ -102,19 +99,16 @@ class SecureXMLRPCRequestHandler(AuthXMLRPCRequestHandler):  #####################################  class AuthXMLRPCServer(SimpleXMLRPCServer): -    def __init__(self, address, authenticationMap = None, handler=AuthXMLRPCRequestHandler): +    def __init__(self, address, checkAuth = None, handler=AuthXMLRPCRequestHandler):          SimpleXMLRPCServer.__init__(self, address, requestHandler=handler)          self.logRequests = False          self._send_traceback_header = False          self.encoding = "utf-8"          self.allow_none = True -        self.authenticationMap = authenticationMap -     -    def getAuthenticationMap(self): -        return self.authenticationMap +        self.checkAuth = checkAuth  class SecureXMLRPCServer(AuthXMLRPCServer, SecureSocketServer): -    def __init__(self, address, cert, key, authenticationMap = None, handler=SecureXMLRPCRequestHandler, verify_cert_func=None): +    def __init__(self, address, cert, key, checkAuth = None, handler=SecureXMLRPCRequestHandler, verify_cert_func=None):          self.logRequests = False          self._send_traceback_header = False          self.encoding = "utf-8" @@ -123,7 +117,4 @@ class SecureXMLRPCServer(AuthXMLRPCServer, SecureSocketServer):          # This comes from SimpleXMLRPCServer.__init__()->SimpleXMLRPCDispatcher.__init__()          self.funcs = {}          self.instance = None -        self.authenticationMap = authenticationMap -     -    def getAuthenticationMap(self): -        return self.authenticationMap +        self.checkAuth = checkAuth diff --git a/module/remote/RemoteManager.py b/module/remote/RemoteManager.py index bc40ea124..fbc7bc5f1 100644 --- a/module/remote/RemoteManager.py +++ b/module/remote/RemoteManager.py @@ -42,6 +42,9 @@ class BackendBase(Thread):      def serve(self):          pass +     +    def checkAuth(self, user, password, remoteip=None): +        return self.manager.checkAuth(user, password, remoteip)  class RemoteManager():      available = ("XMLRPCBackend", ) @@ -65,4 +68,7 @@ class RemoteManager():              else:                  backend.start()                  self.backends.append(backend) -     +    def checkAuth(self, user, password, remoteip=None): +        if self.core.config["remote"]["nolocalauth"] and remoteip == "127.0.0.1": +            return True +        return self.core.db.checkAuth(user, password) diff --git a/module/remote/XMLRPCBackend.py b/module/remote/XMLRPCBackend.py index d5f72034e..08803df23 100644 --- a/module/remote/XMLRPCBackend.py +++ b/module/remote/XMLRPCBackend.py @@ -23,17 +23,16 @@ from module.remote.RemoteManager import BackendBase  class XMLRPCBackend(BackendBase):      def setup(self):          server_addr = (self.core.config['remote']['listenaddr'], int(self.core.config['remote']['port'])) -        usermap = {self.core.config.username: self.core.config.password}          if self.core.config['ssl']['activated']:              if exists(self.core.config['ssl']['cert']) and exists(self.core.config['ssl']['key']):                  self.core.log.info(_("Using SSL XMLRPCBackend"))                  self.server = Server.SecureXMLRPCServer(server_addr, self.core.config['ssl']['cert'], -                                                        self.core.config['ssl']['key'], usermap) +                                                        self.core.config['ssl']['key'], self.checkAuth)              else:                  self.core.log.warning(_("SSL Certificates not found, fallback to auth XMLRPC server")) -                self.server = Server.AuthXMLRPCServer(server_addr, usermap) +                self.server = Server.AuthXMLRPCServer(server_addr, self.checkAuth)          else: -            self.server = Server.AuthXMLRPCServer(server_addr, usermap) +            self.server = Server.AuthXMLRPCServer(server_addr, self.checkAuth)          self.server.register_instance(self.core.server_methods) diff --git a/module/setup.py b/module/setup.py index 5618ea8e0..e837e08ae 100644 --- a/module/setup.py +++ b/module/setup.py @@ -236,9 +236,16 @@ class Setup():          print _("## Basic Setup ##")          print "" -        print _("The following logindata are only valid for CLI and GUI, but NOT for webinterface.") -        self.config.username = self.ask(_("Username"), "User") -        self.config.password = self.ask("", "", password=True) +        print _("The following logindata is valid for CLI, GUI and webinterface.") +         +        from module.DatabaseBackend import DatabaseBackend +        import module.UserDatabase #register user backend +        db = DatabaseBackend(None) +        db.setup() +        username = self.ask(_("Username"), "User")        +        password = self.ask("", "", password=True) +        db.addUser(username, password) +        db.shutdown()          print ""          langs = self.config.getMetaData("general", "language") @@ -259,36 +266,7 @@ class Setup():      def conf_web(self):          print ""          print _("## Webinterface Setup ##") - -        db_path = "web.db" -        is_db = isfile(db_path) -        db_setup = True - -        if is_db: -            print _("You already have a database for the webinterface.") -            db_setup = self.ask(_("Do you want to delete it and make a new one?"), "n", bool=True) - -        if db_setup: -            if is_db: remove(db_path) -            import sqlite3 -            from web.webinterface import setup_database -            setup_database() - -            print "" -            username = self.ask(_("Username"), "User") -             -            password = self.ask("", "", password=True) -            salt = reduce(lambda x, y: x + y, [str(random.randint(0, 9)) for i in range(0, 5)]) -            hash = sha1(salt + password) -            password = salt + hash.hexdigest() - -            conn = sqlite3.connect(db_path) -            c = conn.cursor() -            c.execute('INSERT INTO users(name, password) VALUES (?,?)', (username, password)) - -            conn.commit() -            c.close() - +            print ""          self.config["webinterface"]["activated"] = self.ask(_("Activate webinterface?"), "y", bool=True)          print "" @@ -317,9 +295,16 @@ class Setup():          translation.install(unicode=(True if  sys.getfilesystemencoding().startswith("utf") else False))          print _("Setting new username and password")          print "" -        self.config.username = self.ask(_("Username"), "User") -        self.config.password = self.ask("", "", password=True) -        self.config.save() +         +        from module.DatabaseBackend import DatabaseBackend +        import module.UserDatabase #register user backend +        db = DatabaseBackend(None) +        db.setup() +        print "" +        username = self.ask(_("Username"), "User")        +        password = self.ask("", "", password=True) +        db.addUser(username, password) +        db.shutdown()      def conf_path(self, trans=False):          if trans: diff --git a/module/web/ServerThread.py b/module/web/ServerThread.py index 9a3e6cb2a..297eb2f8f 100644 --- a/module/web/ServerThread.py +++ b/module/web/ServerThread.py @@ -3,7 +3,6 @@ from __future__ import with_statement  from os.path import exists  import threading  import logging -import sqlite3  core = None  log = logging.getLogger("log") @@ -28,8 +27,6 @@ class WebServer(threading.Thread):          import webinterface          global webinterface -        self.checkDB() -          if self.https:              if not exists(self.cert) or not exists(self.key):                  log.warning(_("SSL certificates not found.")) @@ -57,49 +54,6 @@ class WebServer(threading.Thread):          else:              self.start_builtin() - -    def checkDB(self): -        conn = sqlite3.connect('web.db') -        c = conn.cursor() -        c.execute("SELECT * from users LIMIT 1") -        empty = True -        if c.fetchone(): -            empty = False - -        c.close() -        conn.close() - -        if not empty: -            return True - -        if exists("pyload.db"): -            log.info(_("Converting old database to new web.db")) -            conn = sqlite3.connect('pyload.db') -            c = conn.cursor() -            c.execute("SELECT username, password, email from auth_user WHERE is_superuser") -            users = [] -            for r in c: -                pw = r[1].split("$") -                users.append((r[0], pw[1] + pw[2], r[2])) - -            c.close() -            conn.close() - -            conn = sqlite3.connect('web.db') -            c = conn.cursor() -            c.executemany("INSERT INTO users(name, password, email) VALUES (?,?,?)", users) -            conn.commit() -            c.close() -            conn.close() -            return True - -        else: -            log.warning(_("Database for Webinterface does not exitst, it will not be available.")) -            log.warning(_("Please run: python pyLoadCore.py -s")) -            log.warning(_("Go through the setup and create a database and add an user to gain access.")) -            return False - -      def start_builtin(self):          if self.https: @@ -124,4 +78,4 @@ class WebServer(threading.Thread):          webinterface.run_fcgi(host=self.host, port=self.port)      def quit(self): -        self.running = False
\ No newline at end of file +        self.running = False diff --git a/module/web/pyload_app.py b/module/web/pyload_app.py index 2778566e1..0f8dd859c 100644 --- a/module/web/pyload_app.py +++ b/module/web/pyload_app.py @@ -22,7 +22,6 @@ from itertools import chain  from operator import itemgetter  import os -import sqlite3  import time  from os import listdir  from os.path import isdir @@ -45,9 +44,15 @@ def pre_processor():      s = request.environ.get('beaker.session')      user = parse_userdata(s)      perms = parse_permissions(s) +    status = {} +    if user["is_authenticated"]: +        status = PYLOAD.status_server() +    captcha = False +    if user["is_authenticated"]: +        captcha = PYLOAD.is_captcha_waiting()      return {"user": user, -            'status': PYLOAD.status_server(), -            'captcha': PYLOAD.is_captcha_waiting(), +            'status': status, +            'captcha': captcha,              'perms': perms} @@ -80,35 +85,20 @@ def login_post():      user = request.forms.get("username")      password = request.forms.get("password") -    conn = sqlite3.connect('web.db') -    c = conn.cursor() -    c.execute('SELECT name, password, role, permission,template FROM "users" WHERE name=?', (user,)) -    r = c.fetchone() -    c.close() -    conn.commit() -    conn.close() +    info = PYLOAD.checkAuth(user, password) -    if not r: +    if not info:          return render_to_response("login.html", {"errors": True}, [pre_processor]) -    salt = r[1][:5] -    pw = r[1][5:] - -    hash = sha1(salt + password) -    if hash.hexdigest() == pw: -        s = request.environ.get('beaker.session') -        s["authenticated"] = True -        s["name"] = r[0] -        s["role"] = r[2] -        s["perms"] = r[3] -        s["template"] = r[4] -        s.save() - -        return redirect("/") +    s = request.environ.get('beaker.session') +    s["authenticated"] = True +    s["name"] = info["name"] +    s["role"] = info["role"] +    s["perms"] = info["permission"] +    s["template"] = info["template"] +    s.save() - -    else: -        return render_to_response("login.html", {"errors": True}, [pre_processor]) +    return redirect("/")  @route("/logout")  def logout(): @@ -121,7 +111,12 @@ def logout():  @route("/home")  @login_required("can_see_dl")  def home(): -    res = PYLOAD.status_downloads() +    try: +        res = PYLOAD.status_downloads() +    except: +        s = request.environ.get('beaker.session') +        s.delete() +        return redirect("/login")      for link in res:          if link["status"] == 12: diff --git a/module/web/webinterface.py b/module/web/webinterface.py index 49e8e831c..be28fb2eb 100644 --- a/module/web/webinterface.py +++ b/module/web/webinterface.py @@ -19,7 +19,6 @@  import sys  import gettext -import sqlite3  from os.path import join, abspath,dirname, exists  from os import makedirs @@ -48,24 +47,34 @@ try:  except:      import xmlrpclib -    ssl = "" -      from module.ConfigParser import ConfigParser -      config = ConfigParser() - -    if config.get("ssl", "activated"): -        ssl = "s" - -    server_url = "http%s://%s:%s@%s:%s/" % ( -    ssl, -    config.username, -    config.password, -    config.get("remote", "listenaddr"), -    config.get("remote", "port") -    ) - -    PYLOAD = xmlrpclib.ServerProxy(server_url, allow_none=True) +     +    class wrap(): +        authed = False +        proxy = None +        def checkAuth(self, username, password): +            server_url = "http%s://%s:%s@%s:%s/" % ( +              "s" if config.get("ssl", "activated") else "", +              username, +              password, +              config.get("remote", "listenaddr"), +              config.get("remote", "port") +            ) +            proxy = xmlrpclib.ServerProxy(server_url, allow_none=True) +            try: +                info = proxy.checkAuth(username, password) +            except: +                self.authed = False +                return {} +            self.proxy = proxy +            self.authed = False +            return info +         +        def __getattr__(self, attr): +            return getattr(self.proxy, attr) +     +    PYLOAD = wrap()  from module.JsEngine import JsEngine @@ -77,18 +86,6 @@ LOG_ROOT = config.get('log', 'log_folder')  DEBUG = config.get("general","debug_mode")  bottle.debug(DEBUG) -def setup_database(): -    conn = sqlite3.connect('web.db') -    c = conn.cursor() -    c.execute( -            'CREATE TABLE IF NOT EXISTS "users" ("id" INTEGER PRIMARY KEY AUTOINCREMENT, "name" TEXT NOT NULL, "email" TEXT DEFAULT "" NOT NULL, "password" TEXT NOT NULL, "role" INTEGER DEFAULT 0 NOT NULL, "permission" INTEGER DEFAULT 0 NOT NULL, "template" TEXT DEFAULT "default" NOT NULL)') -    c.close() -    conn.commit() -    conn.close() - -setup_database() - -  if not exists(join("tmp", "jinja_cache")):      makedirs(join("tmp", "jinja_cache")) @@ -148,4 +145,4 @@ def run_fcgi(host="0.0.0.0", port="8000"):  if __name__ == "__main__": -    run(app=web, port=8001)
\ No newline at end of file +    run(app=web, port=8001) diff --git a/pyLoadCore.py b/pyLoadCore.py index 4cf2cdad6..e08c4c544 100755 --- a/pyLoadCore.py +++ b/pyLoadCore.py @@ -63,6 +63,7 @@ from module.JsEngine import JsEngine  from module.remote.RemoteManager import RemoteManager  from module.DatabaseBackend import DatabaseBackend  from module.FileDatabase import FileHandler +from module.UserDatabase import UserMethods  from codecs import getwriter  if os.name == "nt": @@ -310,6 +311,9 @@ class Core(object):              self.check_install("OpenSSL", _("OpenSSL for secure connection"), True)          self.setupDB() +        if self.config.oldRemoteData: +            self.log.info(_("Moving old user config to DB")) +            self.db.addUser(self.config.oldRemoteData["username"], self.config.oldRemoteData["password"])          self.requestFactory = RequestFactory(self)          __builtin__.pyreq = self.requestFactory @@ -862,6 +866,9 @@ class ServerMethods():      def restart_failed(self):          """ restart all failed links """          self.core.files.restartFailed() +     +    def checkAuth(self, username, password): +        return self.core.db.checkAuth(username, password)  def deamon():      try: diff --git a/pyLoadGui.py b/pyLoadGui.py index e48370dfe..5018842ef 100755 --- a/pyLoadGui.py +++ b/pyLoadGui.py @@ -419,14 +419,14 @@ class main(QObject):              coreparser = ConfigParser(self.configdir)              if not coreparser.config:                  data["port"] = 7227 -                data["user"] = "admin" -                data["password"] = "pwhere" +                data["user"] = "anonymous" +                data["password"] = "anonymous"                  data["host"] = "127.0.0.1"                  data["ssl"] = False              else:                  data["port"] = coreparser.get("remote","port") -                data["user"] = coreparser.get("remote","username") -                data["password"] = coreparser.get("remote","password") +                data["user"] = "anonymous" +                data["password"] = "anonymous"                  data["host"] = "127.0.0.1"                  data["ssl"] = coreparser.get("ssl","activated") @@ -450,7 +450,7 @@ class main(QObject):                  self.core = Core()                  thread.start_new_thread(self.core.start, (False,False))                  self.connector.setAddr(("core", self.core)) - +                  self.startMain()          self.notification.showMessage(_("connected to %s") % data["host"]) | 
