- new module MmdUser.py

- registration works basically git-svn-id: https://svn.spreadspace.org/mur.sat@85 7de4ea59-55d0-425e-a1af-a3118ea81d4c
author: Jogi Hofmüller <jogi@mur.at> 2011-07-31 15:52:59 +0000
committer: Jogi Hofmüller <jogi@mur.at> 2011-07-31 15:52:59 +0000
commit: f852eea73acb6d04d7b9213949fc521b92636a96 (patch)
tree: 38cedb0c6c4fba3f99767594845dbe64237533b7 /tools/mmd
parent: 1wire for DS1821 works now (diff)
7 files changed, 201 insertions, 55 deletions
diff --git a/tools/mmd/MmdCommands.py b/tools/mmd/MmdCommands.py
index 5bf870d..19a5968 100644
--- a/tools/mmd/MmdCommands.py
+++ b/tools/mmd/MmdCommands.py
@@ -4,12 +4,13 @@ command methods for MURSAT1 Mission Dashboard
 
 from cgi import parse_qs, escape
 from mmd.MmdWidgets import *
+from mmd.MmdUser import User
 
 def loginForm (session):
   """
   display the login form
   """
-  return indexWidget (dataWidget (), loginFormWidget (), statusWidget (session.session_id, session.user))
+  return indexWidget (dataWidget (), loginFormWidget (), statusWidget (session.session_id, session.email))
 
 def login (session):
   """
@@ -18,43 +19,60 @@ def login (session):
   email = escape (session.qs.get ('email', [''])[0])
   # check for account
   # verify password
-  return indexWidget (dataWidget (), loginWidget (email), statusWidget (session.session_id, session.user))
+  return indexWidget (dataWidget (), loginWidget (email), statusWidget (session.session_id, email))
 
 def registerForm (session):
   """
   display the register form
   """
-  return indexWidget (dataWidget (), registerFormWidget (), statusWidget (session.session_id, session.user))
+  return indexWidget (dataWidget (), registerFormWidget (), statusWidget (session.session_id, session.email))
 
 def register (session):
   """
   evaluate data from registerForm
   """
-  return indexWidget (dataWidget (), registerWidget (), statusWidget (session.session_id, session.user))
+  firstname = session.getQsFirstname ()
+  lastname = session.getQsLastname ()
+  email = session.getQsEmail ()
+  callsign = session.getQsCallsign ()
+  longitude = session.getQsLongitude ()
+  latitude = session.getQsLatitude ()
+  password = session.getQsPassword ()
+  confirm = session.getQsConfirm ()
+
+  if password != confirm:
+    error_message = {'error': 'Password', 'description': 'Passwords do not match'}
+    return indexWidget (dataWidget (), errorWidget (error_message), statusWidget (session.session_id, session.email))
+
+  user = User ()
+  user.create (session.session_id, firstname, lastname, email, callsign, longitude, latitude, password)
+
+
+  return indexWidget (dataWidget (), registerWidget (), statusWidget (session.session_id, session.email))
 
 def submitForm (session):
   """
   display the form for data submission
   """
-  return indexWidget (dataWidget (), submitFormWidget (), statusWidget (session.session_id, session.user))
+  return indexWidget (dataWidget (), submitFormWidget (), statusWidget (session.session_id, session.email))
 
 def submit (session):
   """
   evaluate data from submitForm
   """
-  return indexWidget (dataWidget (), submitWidget (), statusWidget (session.session_id, session.user))
+  return indexWidget (dataWidget (), submitWidget (), statusWidget (session.session_id, session.email))
 
 def viewlog (session):
   """
   show latest log entries/submissions
   """
-  return indexWidget (dataWidget (), logWidget (), statusWidget (session.session_id, session.user))
+  return indexWidget (dataWidget (), logWidget (), statusWidget (session.session_id, session.email))
 
 def index (session):
   """
   display the index page
   """
-  return indexWidget (dataWidget (), osmWidget (), statusWidget (session.session_id, session.user))
+  return indexWidget (dataWidget (), osmWidget (), statusWidget (session.session_id, session.email))
 
 def mmdtest (env, cookie):
   body = ''
diff --git a/tools/mmd/MmdDb.py b/tools/mmd/MmdDb.py
index 6947c88..640a8ff 100644
--- a/tools/mmd/MmdDb.py
+++ b/tools/mmd/MmdDb.py
@@ -14,14 +14,36 @@ class Db:
     self.cursor.execute ('SELECT * FROM session WHERE id=?', (session_id,))
     return self.cursor.fetchone ()
 
-  def sessionInit (self, session_id, user):
-    self.cursor.execute ('INSERT INTO session VALUES (?,?)', (session_id, user,))
+  def sessionInit (self, session_id, email, expires):
+    self.cursor.execute ('INSERT INTO session (id, email, expires) VALUES (?,?,?)', (session_id, email, expires,))
     self.conn.commit ()
 
   def sessionDelete (self, session_id):
     self.cursor.execute ('DELETE FROM session WHERE id=?', (session_id,))
     self.conn.commit ()
 
+  def sessionUpdate (self, session_id, expires):
+    self.cursor.execute ('UPDATE session SET expires=? WHERE id=?', (expires, session_id,))
+    self.conn.commit ()
+
+  def sessionSetEmail (self, session_id, email):
+    self.cursor.execute ('UPDATE session SET email=? WHERE id=?', (email, session_id))
+    self.conn.commit ()
+
+  def sessionSetStatus (self, session_id, status):
+    self.cursor.execute ('UPDATE session SET status=? WHERE id=?', (status, session_id))
+    self.conn.commit ()
+
+  def sessionDeleteExpired (self, expires):  
+    self.cursor.execute ('DELETE FROM session WHERE expires<?', (expires,))
+    self.conn.commit ()
+    return self.cursor.rowcount
+
+  def userCreate (self, user_id, firstname, lastname, email, callsign, password):
+    self.cursor.execute ('INSERT INTO user (id, firstname, lastname, email, callsign, password) VALUES (?,?,?,?,?,?)',
+      (user_id, firstname, lastname, email, callsign, password))
+    self.conn.commit ()
+
   def close (self):
     self.cursor.close ()
     self.conn.close ()
diff --git a/tools/mmd/MmdMaintainance.py b/tools/mmd/MmdMaintainance.py
new file mode 100644
index 0000000..32a38ba
--- /dev/null
+++ b/tools/mmd/MmdMaintainance.py
@@ -0,0 +1,8 @@
+#!/usr/bin/env python
+
+import time
+from mmd.MmdDb import Db
+
+db = Db ()
+print "Deleted {0} expired session(s)".format (db.sessionDeleteExpired (int (time.strftime ('%s'))))
+db.close ()
diff --git a/tools/mmd/MmdSession.py b/tools/mmd/MmdSession.py
index 82f0ecd..c2d41b4 100644
--- a/tools/mmd/MmdSession.py
+++ b/tools/mmd/MmdSession.py
@@ -3,30 +3,79 @@ Session class for MURSAT1 Mission Dashboard
 """
 from cgi import parse_qs, escape
 from MmdDb import Db
+import time
+
+# session timeout set to 10 minutes (600 seconds)
+timeout = 600
 
 class Session:
 
   def __init__ (self, session_id):
     self.session_id = session_id
-    self.authenticated = False
+    self.email = 'Anonymous'
+    self.status = 'anon'
     self.headers = []
-    db = Db ()
-    data = db.sessionFind (session_id)
+    self.db = Db ()
+    data = self.db.sessionFind (session_id)
     if not data:
-      self.user = 'Anon'
-      db.sessionInit (self.session_id, self.user)
-      self.status = 'new'
+      self.db.sessionInit (self.session_id, self.email, int (time.strftime ('%s')) + timeout)
     else:
-      self.user = data[1]
-      self.status = 'db'
-    db.close ()
-
-  def getCmd (self):
-    return escape (self.qs.get ('cmd', [''])[0])
+      self.email = data[1]
+      self.status = data[2]
 
   def addHeader (self, header):
     self.headers.append (header)
 
+  def update (self):
+    self.db.sessionUpdate (self.session_id, int (time.strftime ('%s')) + timeout)
+
+  def setEmail (self, email = 'Anonymous'):
+    self.email = email
+    self.db.sessionSetEmail (self.session_id, self.email)
+
+  def setStatus (self, status = 'anon'):
+    self.status = status
+    self.db.sessionSetStatus (self.session_id, self.status)
+
+  def valid (self):
+    data = self.db.sessionFind (self.session_id)
+    if not data:
+      return False
+    if data[3] < int (time.strftime ('%s')):
+      return False
+    return True
+
+  def delete (self):
+    self.db.sessionDelete (self.session_id)
+
+  # session methods to extract strings from QueryString
+  def getQsCmd (self):
+    return escape (self.qs.get ('cmd', [''])[0]).decode ('utf-8')
+
+  def getQsFirstname (self):
+    return escape (self.qs.get ('firstname', [''])[0]).decode ('utf-8')
+
+  def getQsLastname (self):
+    return  escape (self.qs.get ('lastname', [''])[0]).decode ('utf-8')
+
+  def getQsEmail (self):
+    return escape (self.qs.get ('email', [''])[0]).decode ('utf-8')
+
+  def getQsCallsign (self):
+    return escape (self.qs.get ('callsign', [''])[0]).decode ('utf-8')
+
+  def getQsLongitude (self):
+    return escape (self.qs.get ('longitude', [''])[0]).decode ('utf-8')
+
+  def getQsLatitude (self):
+    return escape (self.qs.get ('latitude', [''])[0]).decode ('utf-8')
+
+  def getQsPassword (self):
+    return escape (self.qs.get ('password', [''])[0]).decode ('utf-8')
+
+  def getQsConfirm (self):
+    return escape (self.qs.get ('confirm', [''])[0]).decode ('utf-8')
+
 if __name__ == "__main__":
   pass
 
diff --git a/tools/mmd/MmdUser.py b/tools/mmd/MmdUser.py
new file mode 100644
index 0000000..86e0a3d
--- /dev/null
+++ b/tools/mmd/MmdUser.py
@@ -0,0 +1,21 @@
+"""
+User class for MURSAT1 Mission Dashboard
+"""
+import hashlib
+from cgi import parse_qs, escape
+from MmdDb import Db
+
+class User:
+
+  def __init__ (self):
+    self.db = Db ()
+
+  def create (self, user_id, firstname, lastname, email, callsign, longitude, latitude, password):
+    password_hash = hashlib.sha1 (password).hexdigest ()
+    self.db.userCreate (user_id, firstname, lastname, email, callsign, password_hash)
+
+if __name__ == "__main__":
+  pass
+
+# vim: tw=0 ts=2 expandtab
+# EOF
diff --git a/tools/mmd/MmdWidgets.py b/tools/mmd/MmdWidgets.py
index 8bade15..9219e8c 100644
--- a/tools/mmd/MmdWidgets.py
+++ b/tools/mmd/MmdWidgets.py
@@ -6,12 +6,12 @@ import time
 
 def loginFormWidget ():
   html = '''
-   Please enter your email/callsign and your password in the form below.
-   <form method="post">
+   Please enter your email and password in the form below.
+   <form method="post" accept-charset="UTF-8">
     <table>
      <tr><td class="formfield">Email:</td><td><input type="text" name="email" /></td></tr>
      <tr><td class="formfield">Password:</td><td><input type="password" name="password" /></td></tr>
-     <tr><td class="formfield"><input type="submit" value="Login" /></td><td></td></tr>
+     <tr><td class="formfield"><input type="submit" value="Login" disabled="disabled" /></td><td></td></tr>
     </table>
     <input type="hidden" name="cmd" value="login" />
    </form>
@@ -30,7 +30,7 @@ def loginWidget (email):
 def registerFormWidget ():
   html = '''
    Please fill in the form below an click on Register.  You will receive a confirmation email.
-   <form method="post">
+   <form method="post" accept-charset="UTF-8">
     <table>
      <tr><td class="formfield">Firstname*:</td><td><input type="text" name="firstname" /></td></tr>
      <tr><td class="formfield">Lastname*: </td><td><input type="text" name="lastname" /></td></tr>
@@ -40,7 +40,7 @@ def registerFormWidget ():
      <tr><td class="formfield">Latitude: </td><td><input type="text" name="longitude" /></td></tr>
      <tr><td class="formfield">Password*: </td><td><input type="password" name="password" /></td></tr>
      <tr><td class="formfield">Confirm Password*: </td><td><input type="password" name="confirm" /></td></tr>
-     <tr><td class="formfield"><input type="submit" value="Register" /></td><td></td></tr>
+     <tr><td class="formfield"><input type="submit" value="Register" disabled="disabled" /></td><td></td></tr>
     </table>
     <input type="hidden" name="cmd" value="register" />
    </form>
@@ -56,6 +56,15 @@ def registerWidget ():
 
   return html
 
+def errorWidget (error_message):
+  html = '''
+  <h3>An error occured!</h3>
+  <div>Error: {0}</div>
+  <div>Description: {1}</div>
+  '''.format (error_message['error'], error_message['description'])
+
+  return html
+
 def submitFormWidget ():
   html = '''
   sorry, no form yet!
@@ -102,7 +111,7 @@ def osmWidget (longitude = 15.4426, latitude = 47.06576):
 
   return html
 
-def statusWidget (ip, user = 'Anonymous'):
+def statusWidget (ip, email):
   html = '''
    <a href="mmd">
     <img src="http://sat.mur.at/pics/sat-logo-notext.png" alt="mur.sat logo" />
@@ -111,7 +120,7 @@ def statusWidget (ip, user = 'Anonymous'):
    <div id="info">
     Hello {0} with session id '{1}'! Local time is {2}
    </div>
-  '''.format (user, ip, time.strftime ('%c'))
+  '''.format (email, ip, time.strftime ('%c'))
 
   return html
 
diff --git a/tools/mmd/mmd.wsgi b/tools/mmd/mmd.wsgi
index a1c780b..4c0d3ee 100644
--- a/tools/mmd/mmd.wsgi
+++ b/tools/mmd/mmd.wsgi
@@ -6,9 +6,11 @@ for server configuration guidelines
 """
 
 import sys
-sys.path.append  ('/var/www/hofos.at/mmd/')
-from cgi import parse_qs, escape
-from MmdCommands import *
+from cgi import escape
+from urlparse import parse_qs
+from mmd.MmdCommands import *
+from mmd.MmdSession import Session
+import Cookie
 
 def application (environ, response):
   """
@@ -16,43 +18,60 @@ def application (environ, response):
   MURSAT1 Dashboard
   """
 
-  # dict data to be passed to command methods
-  data = {}
-
+  # session and cookie stuff
+  cookie = Cookie.SimpleCookie ()
   try:
-    data['qs'] = parse_qs (environ['wsgi.input'].read (int (environ['CONTENT_LENGTH'])))
+    cookie.load (environ['HTTP_COOKIE'])
+    session = Session (cookie['mmd'].value)
+    if not session.valid ():
+      session.delete ()
+      session = Session (environ['UNIQUE_ID'])
+      cookie['mmd'] = session.session_id
+      session.addHeader (('Set-Cookie', cookie.output (header = '').strip ()))
   except KeyError:
-    data['qs'] = parse_qs (environ['QUERY_STRING'])
+    # no cookie, so we make a new session
+    session = Session (environ['UNIQUE_ID'])
+    cookie['mmd'] = session.session_id
+    session.addHeader (('Set-Cookie', cookie.output (header = '').strip ()))
 
-  data['ip'] = environ['REMOTE_ADDR']
-  data['user'] = 'Anonymous'
-  cmd = data['qs'].get ('cmd', [''])[0]
-  cmd = escape (cmd)
+  try:
+    session.qs = parse_qs (environ['wsgi.input'].read (int (environ['CONTENT_LENGTH'])), True)
+  except KeyError:
+    session.qs = parse_qs (environ['QUERY_STRING'], True)
 
-  # always return 200 OK
-  status = '200 OK'
+  
+  session.update ()
+  session.ip = environ['REMOTE_ADDR']
+  session.http_status = '200 OK'
+  
+  # evaluate cmd
+  cmd = session.getQsCmd ()
+  content_type = 'text/html'
 
   if cmd == 'loginForm':
-    body = loginForm (data)
+    body = loginForm (session)
   elif cmd == 'login':
-    body = login (data)
+    body = login (session)
   elif cmd == 'registerForm':
-    body = registerForm (data)
+    body = registerForm (session)
   elif cmd == 'register':
-    body = register (data)
+    body = register (session)
   elif cmd == 'submitForm':
-    body = submitForm (data)
+    body = submitForm (session)
   elif cmd == 'submit':
-    body = submit (data)
+    body = submit (session)
   elif cmd == 'viewlog':
-    body = viewlog (data)
-  elif cmd == 'msdbtest':
-    body = msdbtest (environ)
+    body = viewlog (session)
+  elif cmd == 'mmdtest':
+    body = mmdtest (environ, cookie)
+    content_type = 'text/plain'
   else:
-    body = index (data)
+    body = index (session)
+
+  session.addHeader (('Content-Type', content_type))
+  session.addHeader (('Content-Length', str (len (body))))
+  response (session.http_status, session.headers)
 
-  headers = [('Content-Type', 'text/html'), ('Content-Length', str (len (body)))]
-  response (status, headers)
   return [body]
 
 # vim: tw=0 ts=2 expandtab
author	Jogi Hofmüller <jogi@mur.at>	2011-07-31 15:52:59 +0000
committer	Jogi Hofmüller <jogi@mur.at>	2011-07-31 15:52:59 +0000
commit	f852eea73acb6d04d7b9213949fc521b92636a96 (patch)
tree	38cedb0c6c4fba3f99767594845dbe64237533b7 /tools/mmd
parent	1wire for DS1821 works now (diff)