ticketfrei/session.py

33 lines
1 KiB
Python
Raw Normal View History

2019-01-27 13:52:42 +00:00
from bottle import redirect, request, abort, response
2018-03-28 15:36:35 +00:00
from db import db
from functools import wraps
from inspect import Signature
from user import User
class SessionPlugin(object):
name = 'SessionPlugin'
keyword = 'user'
api = 2
def __init__(self, loginpage):
self.loginpage = loginpage
def apply(self, callback, route):
if self.keyword in Signature.from_callable(route.callback).parameters:
@wraps(callback)
def wrapper(*args, **kwargs):
uid = request.get_cookie('uid', secret=db.get_secret())
2018-03-28 15:36:35 +00:00
if uid is None:
return redirect(self.loginpage)
2018-03-28 18:24:21 +00:00
kwargs[self.keyword] = User(uid)
2019-01-27 13:52:42 +00:00
if request.method == 'POST':
if request.forms['csrf'] != request.get_cookie('csrf',
secret=db.get_secret()):
2019-01-27 13:52:42 +00:00
abort(400)
2018-03-28 15:36:35 +00:00
return callback(*args, **kwargs)
return wrapper
else:
return callback