Creating a budget overview from a SuperX export.
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
 
 
 
 
 

64 lines
1.9 KiB

from passlib.hash import argon2
from pyramid.view import view_config, forbidden_view_config
from pyramid.security import forget, remember
from pyramid.authorization import ACLAuthorizationPolicy
from pyramid.authentication import AuthTktAuthenticationPolicy
from pyramid.httpexceptions import HTTPFound
from . import Root
AUTHENTICATED_USER_ID = "authenticated"
class MyAuthenticationPolicy(AuthTktAuthenticationPolicy):
def authenticated_userid(self, request):
user = request.user
if user is not None:
return AUTHENTICATED_USER_ID
def get_user(request):
return request.unauthenticated_userid
@forbidden_view_config(renderer="superx_budget:pyramid/templates/login.jinja2")
def forbidden_view(request):
return {"error": False}
@view_config(
context=Root,
name="login",
request_method="POST",
permission="login",
renderer="superx_budget:pyramid/templates/login.jinja2",
)
def login(request):
if request.check_password():
headers = remember(request, AUTHENTICATED_USER_ID, max_age=3600)
return HTTPFound("/", headers=headers)
return {"error": True}
@view_config(context=Root, name="logout", permission="login")
def logout(request):
headers = forget(request)
return HTTPFound("/", headers=headers)
def includeme(config):
settings = config.get_settings()
authn_policy = MyAuthenticationPolicy(
settings["auth.secret"], hashalg="sha512"
)
config.set_authentication_policy(authn_policy)
config.set_authorization_policy(ACLAuthorizationPolicy())
hashes = [hash for hash in settings["pwd.db"].splitlines() if hash]
def check_password(request):
password = request.POST.get("password", "")
return any(argon2.verify(password, hash) for hash in hashes)
config.add_request_method(check_password, "check_password")
config.add_request_method(get_user, "user", reify=True)