[llvm-commits] [zorg] r125861 - in /zorg/trunk/llvmlab/llvmlab: TODO.txt ui/app.py ui/templates/layout.html ui/templates/login.html

Daniel Dunbar daniel at zuster.org
Fri Feb 18 08:40:42 PST 2011 

Author: ddunbar
Date: Fri Feb 18 10:40:42 2011
New Revision: 125861

URL: http://llvm.org/viewvc/llvm-project?rev=125861&view=rev
Log:
llvmlab: Add login support.
 - Not yet very secure, password goes in plain text (TODOed).

Added:
    zorg/trunk/llvmlab/llvmlab/ui/templates/login.html
Modified:
    zorg/trunk/llvmlab/llvmlab/TODO.txt
    zorg/trunk/llvmlab/llvmlab/ui/app.py
    zorg/trunk/llvmlab/llvmlab/ui/templates/layout.html

Modified: zorg/trunk/llvmlab/llvmlab/TODO.txt
URL: http://llvm.org/viewvc/llvm-project/zorg/trunk/llvmlab/llvmlab/TODO.txt?rev=125861&r1=125860&r2=125861&view=diff
==============================================================================
--- zorg/trunk/llvmlab/llvmlab/TODO.txt (original)
+++ zorg/trunk/llvmlab/llvmlab/TODO.txt Fri Feb 18 10:40:42 2011
@@ -7,6 +7,8 @@
 
  - User Login
 
+   o Secure login support.
+
    o Expect superset of committer list.
 
    o Keep auth info with lab.llvm.org user cred, svn access will be an

Modified: zorg/trunk/llvmlab/llvmlab/ui/app.py
URL: http://llvm.org/viewvc/llvm-project/zorg/trunk/llvmlab/llvmlab/ui/app.py?rev=125861&r1=125860&r2=125861&view=diff
==============================================================================
--- zorg/trunk/llvmlab/llvmlab/ui/app.py (original)
+++ zorg/trunk/llvmlab/llvmlab/ui/app.py Fri Feb 18 10:40:42 2011
@@ -1,7 +1,8 @@
+import hashlib
 import os
 
 import flask
-from flask import redirect, render_template, url_for
+from flask import redirect, render_template, request, session, url_for
 
 import llvmlab.data
 import llvmlab.user
@@ -29,6 +30,11 @@
 
     return data
 
+def authenticate_login(username, password):
+    passhash = hashlib.sha256(password + app.config["SECRET_KEY"]).hexdigest()
+    user = app.config.data.users.get(username)
+    return user and passhash == user.passhash
+
 ###
 
 # Construct the Flask application.
@@ -37,6 +43,9 @@
 # Load the configuration file.
 app.config.from_envvar("LLVMLAB_CONFIG")
 
+# Set the application secret key.
+app.secret_key = app.config["SECRET_KEY"]
+
 # Load the LLVM-Lab database.
 app.config.data = load_llvmlab_data(app)
 
@@ -55,6 +64,31 @@
 def users():
     return render_template("users.html")
 
+ at app.route('/login', methods=['GET', 'POST'])
+def login():
+    # If this isn't a post request, return the login template.
+    if request.method != 'POST':
+        return render_template("login.html", error=None)
+
+    # Authenticate the user.
+    username = request.form['username']
+    if not authenticate_login(username, request.form['password']):
+        return render_template("login.html",
+                               error="Invalid login")
+
+    # Log the user in.
+    session['logged_in'] = True
+    session['active_user'] = username
+    flask.flash('You were logged in as "%s"!' % username)
+    return redirect(url_for("index"))
+
+ at app.route('/logout')
+def logout():
+    session.pop('logged_in', None)
+    session.pop('active_user', None)
+    flask.flash('You were logged out!')
+    return redirect(url_for("index"))
+
 ###
 
 if __name__ == '__main__':

Modified: zorg/trunk/llvmlab/llvmlab/ui/templates/layout.html
URL: http://llvm.org/viewvc/llvm-project/zorg/trunk/llvmlab/llvmlab/ui/templates/layout.html?rev=125861&r1=125860&r2=125861&view=diff
==============================================================================
--- zorg/trunk/llvmlab/llvmlab/ui/templates/layout.html (original)
+++ zorg/trunk/llvmlab/llvmlab/ui/templates/layout.html Fri Feb 18 10:40:42 2011
@@ -11,6 +11,10 @@
   <div class="header">
     <a href="{{ url_for('index') }}">{#
       #}lab.llvm.org</a> | {{ self.title() }}
+    {% if session.logged_in %}
+         
+      Logged In: <i>{{ session.active_user }}</i>
+    {% endif %}
   </div>
   <div class="flash_messages">
     {% for message in get_flashed_messages() %}

Added: zorg/trunk/llvmlab/llvmlab/ui/templates/login.html
URL: http://llvm.org/viewvc/llvm-project/zorg/trunk/llvmlab/llvmlab/ui/templates/login.html?rev=125861&view=auto
==============================================================================
--- zorg/trunk/llvmlab/llvmlab/ui/templates/login.html (added)
+++ zorg/trunk/llvmlab/llvmlab/ui/templates/login.html Fri Feb 18 10:40:42 2011
@@ -0,0 +1,15 @@
+{% extends "layout.html" %}
+{% block title %}login{% endblock %}
+{% block body %}
+<h2>Login</h2>
+{% if error %}
+<p class=error><strong>Error:</strong> {{ error }}
+{% endif %}
+<form action="{{ url_for('login') }}" method="POST">
+<dl>
+  <dt>Username:</dt><dd><input type=text name=username></dd>
+  <dt>Password:</td><dd><input type=password name=password></dd>
+  <dd><input type=submit value=Login></dd>
+</dl>
+</form>
+{% endblock %}

More information about the llvm-commits mailing list