liquid_feedback_frontend

annotate app/main/index/_action/login.lua @ 905:e3887fea39fa

find changesets by author, revision, files, or words in the commit message
Added support for SHA-2 based password hashing
author bsw
date Sun Sep 23 14:35:20 2012 +0200 (2012-09-23)
parents c2022db9f64c
children 81bde33c2256
rev   line source
bsw@905 1 local login = param.get("login")
bsw@905 2 local password = param.get("password")
bsw@905 3
bsw@905 4 local member = Member:by_login_and_password(login, password)
bsw/jbe@0 5
bsw@286 6 function do_etherpad_auth(member)
bsw@286 7 local result = net.curl(
bsw@286 8 config.etherpad.api_base
bsw@286 9 .. "api/1/createAuthorIfNotExistsFor?apikey=" .. config.etherpad.api_key
bsw@286 10 .. "&name=" .. encode.url_part(member.name) .. "&authorMapper=" .. tostring(member.id)
bsw@286 11 )
bsw@286 12
bsw@286 13 if not result then
bsw@286 14 slot.put_into("error", _"Etherpad authentication failed" .. " 1")
bsw@286 15 return false
bsw@286 16 end
bsw@286 17
bsw@286 18 local etherpad_author_id = string.match(result, '"authorID"%s*:%s*"([^"]+)"')
bsw@286 19
bsw@286 20 if not etherpad_author_id then
bsw@286 21 slot.put_into("error", _"Etherpad authentication failed" .. " 2")
bsw@286 22 return false
bsw@286 23 end
bsw@286 24
bsw@286 25 local time_in_24h = os.time() + 24 * 60 * 60
bsw@286 26
bsw@286 27 local result = net.curl(
bsw@286 28 config.etherpad.api_base
bsw@286 29 .. "api/1/createSession?apikey=" .. config.etherpad.api_key
bsw@286 30 .. "&groupID=" .. config.etherpad.group_id
bsw@286 31 .. "&authorID=" .. etherpad_author_id
bsw@286 32 .. "&validUntil=" .. time_in_24h
bsw@286 33 )
bsw@286 34
bsw@286 35 if not result then
bsw@286 36 slot.put_into("error", _"Etherpad authentication failed" .. " 3")
bsw@286 37 return false
bsw@286 38 end
bsw@286 39
bsw@286 40 local etherpad_sesion_id = string.match(result, '"sessionID"%s*:%s*"([^"]+)"')
bsw@286 41
bsw@286 42 if not etherpad_sesion_id then
bsw@286 43 slot.put_into("error", _"Etherpad authentication failed" .. " 4")
bsw@286 44 return false
bsw@286 45 end
bsw@286 46
bsw@286 47 request.set_cookie{
bsw@286 48 path = config.etherpad.cookie_path,
bsw@286 49 name = "sessionID",
bsw@286 50 value = etherpad_sesion_id
bsw@286 51 }
bsw@286 52
bsw@286 53 end
bsw@286 54
bsw@286 55
bsw/jbe@0 56 if member then
bsw@203 57 member.last_login = "now"
bsw@272 58 member.last_activity = "now"
bsw@203 59 member.active = true
bsw@292 60 if member.lang == nil then
bsw@292 61 member.lang = app.session.lang
bsw@292 62 else
bsw@292 63 app.session.lang = member.lang
bsw@292 64 end
bsw@905 65
bsw@905 66 if member.password_hash_needs_update then
bsw@905 67 member:set_password(password)
bsw@905 68 end
bsw@905 69
bsw@203 70 member:save()
bsw/jbe@0 71 app.session.member = member
bsw/jbe@0 72 app.session:save()
bsw/jbe@0 73 trace.debug('User authenticated')
bsw@286 74 if config.etherpad then
bsw@286 75 do_etherpad_auth(member)
bsw@286 76 end
bsw/jbe@0 77 else
bsw@3 78 slot.select("error", function()
bsw@756 79 ui.tag{ content = _'Invalid login name or password!' }
bsw/jbe@0 80 end)
bsw/jbe@0 81 trace.debug('User NOT authenticated')
bsw/jbe@0 82 return false
bsw/jbe@0 83 end

Impressum / About Us