Commit 83426257 authored by Gero Müller's avatar Gero Müller
Browse files

fix guest login

parent 0c906471
......@@ -52,6 +52,8 @@ forgot.subject = Your VISPA password
# absolute url
password_url = http://localhost:4282/vispa/password
# enable guets logins without providing any information
enable_guest_login = False
[websockets]
enabled = False
......
......@@ -153,8 +153,14 @@ class AjaxController(AbstractController):
@cherrypy.expose
@cherrypy.tools.ajax()
def connectworkspace(self, wid, password, prepend=True, state=True,
def connectworkspace(self, wid, password=None, prepend=True, state=True,
preload=True):
if password is None:
if 'guest_password' in cherrypy.session:
password = cherrypy.session['guest_password']
else:
return {"wrong_password": True}
db = cherrypy.request.db
user = cherrypy.request.user
user_id = self.get("user_id")
......
......@@ -182,10 +182,13 @@ class RootController(AbstractController):
@cherrypy.expose
@cherrypy.tools.user(on=False)
def guest_login(self):
if vispa.config("web", "enable_guest_login", False) is False:
raise cherrypy.HTTPError(403, "Guest login not allowed!")
db = cherrypy.request.db
user = User.guest_login(db)
user, password = User.guest_login(db)
cherrypy.session["user_id"] = unicode(user.id)
cherrypy.session["user_name"] = user.name
cherrypy.session["guest_password"] = password
vispa.fire_callback("user.login", user)
raise cherrypy.HTTPRedirect(vispa.url.dynamic("/"))
......
......@@ -120,13 +120,12 @@ class User(Base):
if count >= User.MAX_USERS:
return 'The maximum number of registered users is reached!'
# The userdata passed all checks
password = str(uuid.uuid4())
# register the user?
user = User(
name=name,
password=str(
uuid.uuid4()),
password=sha256_crypt.encrypt(password),
email=name,
hash=User.generate_hash(32),
status=User.ACTIVE)
......@@ -137,7 +136,7 @@ class User(Base):
vispa.fire_callback("user.register", user)
vispa.fire_callback("user.activate", user)
return user
return user, password
@staticmethod
def register(session, name, email):
......
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment