1
0
mirror of https://github.com/spl0k/supysonic.git synced 2024-12-22 17:06:17 +00:00

Small change on UserManager error handling

This commit is contained in:
Alban 2012-11-17 18:00:14 +01:00
parent c8f0a22980
commit 856e96c28d
3 changed files with 53 additions and 43 deletions

View File

@ -45,7 +45,7 @@ def authorize():
if decoded_pass.startswith('enc:'): if decoded_pass.startswith('enc:'):
decoded_pass = hexdecode(decoded_pass[4:]) decoded_pass = hexdecode(decoded_pass[4:])
if UserManager.try_auth(username, decoded_pass)[0] != UserManager.LOGIN_SUCCESS: if UserManager.try_auth(username, decoded_pass)[0] != UserManager.SUCCESS:
return error return error
@app.after_request @app.after_request

22
user.py
View File

@ -34,11 +34,11 @@ def add_user():
if not error: if not error:
status = UserManager.add(name, passwd, mail, admin) status = UserManager.add(name, passwd, mail, admin)
if status == UserManager.ADD_SUCCESS: if status == UserManager.SUCCESS:
flash("User '%s' successfully added" % name) flash("User '%s' successfully added" % name)
return redirect(url_for('user_index')) return redirect(url_for('user_index'))
elif status == UserManager.ADD_NAME_EXISTS: else:
flash('There is already a user with that name. Please pick another one.') flash(UserManager.error_str(status))
return render_template('adduser.html') return render_template('adduser.html')
@ -46,14 +46,10 @@ def add_user():
@app.route('/user/del/<uid>') @app.route('/user/del/<uid>')
def del_user(uid): def del_user(uid):
status = UserManager.delete(uid) status = UserManager.delete(uid)
if status == UserManager.DEL_SUCCESS: if status == UserManager.SUCCESS:
flash('Deleted user') flash('Deleted user')
elif status == UserManager.DEL_INVALID_ID:
flash('Invalid user id')
elif status == UserManager.DEL_NO_SUCH_USER:
flash('No such user')
else: else:
flash('Unknown error') flash(UserManager.error_str(status))
return redirect(url_for('user_index')) return redirect(url_for('user_index'))
@ -78,16 +74,12 @@ def login():
if not error: if not error:
status, user = UserManager.try_auth(name, password) status, user = UserManager.try_auth(name, password)
if status == UserManager.LOGIN_SUCCESS: if status == UserManager.SUCCESS:
session['userid'] = str(user.id) session['userid'] = str(user.id)
flash('Logged in!') flash('Logged in!')
return redirect(return_url) return redirect(return_url)
elif status == UserManager.LOGIN_NO_SUCH_USER:
flash('Unknown user')
elif status == UserManager.LOGIN_WRONG_PASS:
flash('Wrong password')
else: else:
flash('Unknown error') flash(UserManager.error_str(status))
return render_template('login.html') return render_template('login.html')

View File

@ -6,59 +6,77 @@ import uuid
from db import User, session from db import User, session
class UserManager: class UserManager:
ADD_SUCCESS = 0 SUCCESS = 0
ADD_NAME_EXISTS = 1 INVALID_ID = 1
NO_SUCH_USER = 2
NAME_EXISTS = 3
WRONG_PASS = 4
DEL_SUCCESS = 0 @staticmethod
DEL_INVALID_ID = 1 def get(uid):
DEL_NO_SUCH_USER = 2 if type(uid) in (str, unicode):
try:
uid = uuid.UUID(uid)
except:
return UserManager.INVALID_ID, None
elif type(uid) is uuid.UUID:
pass
else:
return UserManager.INVALID_ID, None
LOGIN_SUCCESS = 0 user = User.query.get(uid)
LOGIN_NO_SUCH_USER = 1 if user is None:
LOGIN_WRONG_PASS = 2 return UserManager.NO_SUCH_USER, None
return UserManager.SUCCESS, user
@staticmethod @staticmethod
def add(name, password, mail, admin): def add(name, password, mail, admin):
if User.query.filter(User.name == name).first(): if User.query.filter(User.name == name).first():
return UserManager.ADD_NAME_EXISTS return UserManager.NAME_EXISTS
crypt, salt = UserManager.__encrypt_password(password) crypt, salt = UserManager.__encrypt_password(password)
user = User(name = name, mail = mail, password = crypt, salt = salt, admin = admin) user = User(name = name, mail = mail, password = crypt, salt = salt, admin = admin)
session.add(user) session.add(user)
session.commit() session.commit()
return UserManager.ADD_SUCCESS return UserManager.SUCCESS
@staticmethod @staticmethod
def delete(uid): def delete(uid):
if type(uid) in (str, unicode): status, user = UserManager.get(uid)
try: if status != UserManager.SUCCESS:
uid = uuid.UUID(uid) return status
except:
return UserManager.DEL_INVALID_ID
elif type(uid) is uuid.UUID:
pass
else:
return UserManager.DEL_INVALID_ID
user = User.query.get(uid)
if user is None:
return UserManager.DEL_NO_SUCH_USER
session.delete(user) session.delete(user)
session.commit() session.commit()
return UserManager.DEL_SUCCESS return UserManager.SUCCESS
@staticmethod @staticmethod
def try_auth(name, password): def try_auth(name, password):
user = User.query.filter(User.name == name).first() user = User.query.filter(User.name == name).first()
if not user: if not user:
return UserManager.LOGIN_NO_SUCH_USER, None return UserManager.NO_SUCH_USER, None
elif UserManager.__encrypt_password(password, user.salt)[0] != user.password: elif UserManager.__encrypt_password(password, user.salt)[0] != user.password:
return UserManager.LOGIN_WRONG_PASS, None return UserManager.WRONG_PASS, None
else: else:
return UserManager.LOGIN_SUCCESS, user return UserManager.SUCCESS, user
@staticmethod
def error_str(err):
if err == UserManager.SUCCESS:
return 'No error'
elif err == UserManager.INVALID_ID:
return 'Invalid user id'
elif err == UserManager.NO_SUCH_USER:
return 'No such user'
elif err == UserManager.NAME_EXISTS:
return 'There is already a user with that name'
elif err == UserManager.WRONG_PASS:
return 'Wrong password'
else:
return 'Unkown error'
@staticmethod @staticmethod
def __encrypt_password(password, salt = None): def __encrypt_password(password, salt = None):