o h@sddlZddlmZddlmZmZmZmZddlm Z ddl m Z ddl m Z mZddlmZddlmZmZmZdd lmZmZgd Zd d gZd dZddZddZddZddZ GdddZ!GdddeZ"GdddeZ#dS)N)reverse) HttpResponseHttpResponseServerErrorHttpResponseRedirectHttpResponseForbidden)PermissionDenied)messages)renderredirect) CommonView)query_00dump log_activity)koleksimaster)/loginlogout403404usrpwdcOsN|D]\}} |jjdkrt|}|||<qi}|D]}||||<q|S)Ndatetime)items __class____name__str) SessionStoreargskwargskvsessargr$./var/www/html/mfile_papteng_new/webapp/auth.pysessions r&cCs,t|d}t|d}|S)Nzutf-8)hashlibmd5encode hexdigestsha1)rr$r$r% auth_pwd_hashsr,cKsTd}ztjjjdi|}tj|}|jj|d<W|St y)Y|Sw)Nroler$) m_masterUsersobjectsfilterselect_relatedget_sanitize_resultpk_rolesr- Exception)raccountuserr$r$r%auth_account_bys  r9cOsXt|d|dd}|durdStD] }||||kr!dSqt|fi|dS)NrrrrFT)r9r3auth_validate_requiredr&)rrrr7rr$r$r%validate+s r=cCsd}ztjjj||ddd}Wn tyYnw|r#|jr#dStd||dg }|}Wdn1s;wY|rH|drHdSdS)z select access.is from access join menus on (menus.pk=access.menus_pk) join roles on (roles.pk=access.roles_pk) where access.users_pk is null and menus.href = '$path' and roles.role = '$role' Nr-)menus_pk__hrefroles_pk__roleusers_pkTz SELECT access.is,menus.href FROM access JOIN menus ON (menus.pk=access.menus_pk) JOIN roles ON (roles.pk=access.roles_pk) WHERE access.users_pk IS NULL and %s like menus.href||'%%' and roles.role = %s ORDER BY menus.href DESC isF) r.Accessr0r1r3r6_isr result_one)pathr" rule_by_roleqrule_by_href_partr$r$r%urlpath_validate7s(    rIc@eZdZddZddZdS)AuthMiddlewarecCs ||_dSN) get_response)selfrMr$r$r%__init___s zAuthMiddleware.__init__cstjjd<}tfddtD}jdr |S|dur3|dkr3ttddjS|rD|dkrDt jjdkrDt |S)N sess_is_authc3s|] }t|jkVqdSrL)rrE).0irequestr$r% gsz*AuthMiddleware.__call__..z/api/Frz ?redirect=) r=r&anymiddleware_views_ignoredrE startswithrMrrrIr)rNrTyn yn_ignoredr$rSr%__call__es   zAuthMiddleware.__call__N)r __module__ __qualname__rOr[r$r$r$r%rK]s rKc@rJ) AuthLoginViewcCst|jr tdSt|dS)Nrz login.html)r=r&r r )rNrTr$r$r%r3ws zAuthLoginView.getcCs|jdd}|jdd}|dks|dkr t|dtdSt|t|d}|dur6t|dtdSt|jfi|t |dd|d d |d|j d dr\t |j d Std S) Nrrz#Isian Username atau Password kosongrr:zUser Tidak DitemukanauthpkzLogin sebagai r dash) POSTr3rwarningr r9r,errorr&rGETr)rNrTrrr7r$r$r%post|s&    zAuthLoginView.postN)rr\r]r3rgr$r$r$r%r^vs r^c@s$eZdZddZddZddZdS)AuthLogoutViewcO|j|g|Ri|SrLrrNrTrrr$r$r%r3zAuthLogoutView.getcOrirLrjrkr$r$r%rgrlzAuthLogoutView.postcCsTddlm}|jd}|jdd}|r!||dd|d|d |jtd S) Nr)rrarunknownrr`zLogout dari sistem ()r) webapp.commonrr&r3flushr )rNrTruser_id user_namer$r$r%rs    zAuthLogoutView.logoutN)rr\r]r3rgrr$r$r$r%rhs rh)$r' django.urlsr django.httprrrrdjango.core.exceptionsrdjango.contribrdjango.shortcutsr r webapp.views.baser ror r r webapp.modelsr m_koleksirr.rWr;r&r,r9r=rIrKr^rhr$r$r$r%s&       &$