def login(self, username, token, next="/"):
generateToken = False
if token == Options['auth_key']:
# Auth_key token option for testing local-only proxy
generateToken = True
elif Options['no_auth'] and Options['debug'] and not Options['gsheet_url']:
# No authentication option for testing local-only proxy
generateToken = True
role = ''
if username == sdproxy.ADMIN_ROLE:
role = sdproxy.ADMIN_ROLE
elif username == sdproxy.GRADER_ROLE:
role = sdproxy.GRADER_ROLE
if generateToken:
token = gen_proxy_auth_token(username, role=role)
data = {}
comps = token.split(':')
if not role and (self.is_web_view() or len(comps) > 1):
if len(comps) != 3:
self.redirect('/_auth/login/' + '?error=' + tornado.escape.url_escape('Invalid locked access token. Expecting site:session:code'))
return
siteName, sessionName, _ = comps
if not sessionName:
# Locked site access
next = '/' + siteName
else:
# Locked session access
next = getSessionPath(sessionName)
if siteName: # Add site prefix separately because this is root site
next = '/' + siteName + next
data['locked_access'] = next
auth = self.check_locked(username, token, siteName, sessionName)
else:
auth = self.check_access(username, token, role=role)
if auth:
if Global.twitter_params:
data['site_twitter'] = Global.twitter_params['site_twitter']
self.set_id(username, data=data, role=role)
self.redirect(next)
else:
error_msg = "?error=" + tornado.escape.url_escape("Incorrect username or token")
self.redirect("/_auth/login/" + error_msg)
评论列表
文章目录
