1 # -*- coding: utf-8 -*-
7 def get_user(authuser=''):
9 Devuelve el usuario autenticado
11 session = web.ctx.session
15 authuser = session.get('username', '')
17 user = orm.query(User).filter(User.name == authuser).one()
23 def authenticated(function):
25 Si es un usuario autenticado permite el acceso al recurso, sino
28 session = web.ctx.session
29 def decorated(*args, **kwargs):
30 if session.get('username', ''):
31 return function(*args, **kwargs)
33 raise web.seeother('/login')
39 vname = form.regexp("\w*$", 'Alphanumeric only')
40 vpass = form.regexp(r".{3,20}", 'Must be between 3 and 20 chars')
43 form.Textbox("username", vname, description="User"),
44 form.Password("password", vpass, description="Password"),
47 return web.ctx.render.login(self.logform())
49 def POST(self, *args):
51 session = web.ctx.session
53 lform = self.logform()
54 if not lform.validates():
55 return web.ctx.render.login(lform)
58 name = values['username']
59 pwd = values['password']
61 query = orm.query(User).filter(User.name == name)
62 # si no existe se crea
69 session.username = name
70 raise web.seeother('/index')
73 lform.username.note = 'wrong password'
74 return web.ctx.render.login(lform)
80 web.ctx.session.username = ''
81 raise web.seeother('/index')