diff options
| author | hmeland | 1999-06-13 08:10:10 +0000 |
|---|---|---|
| committer | hmeland | 1999-06-13 08:10:10 +0000 |
| commit | ee4bf52e074bdaa647294e54afae49493eca6034 (patch) | |
| tree | 00301b29943a1b4baaa79753f8e5de5302314c11 /Mailman/Cgi/admindb.py | |
| parent | db1ac2dcaec79558fe763f701ede08321aa72655 (diff) | |
| download | mailman-ee4bf52e074bdaa647294e54afae49493eca6034.tar.gz mailman-ee4bf52e074bdaa647294e54afae49493eca6034.tar.zst mailman-ee4bf52e074bdaa647294e54afae49493eca6034.zip | |
Diffstat (limited to 'Mailman/Cgi/admindb.py')
| -rw-r--r-- | Mailman/Cgi/admindb.py | 56 |
1 files changed, 22 insertions, 34 deletions
diff --git a/Mailman/Cgi/admindb.py b/Mailman/Cgi/admindb.py index 0f76c032c..ac979a62b 100644 --- a/Mailman/Cgi/admindb.py +++ b/Mailman/Cgi/admindb.py @@ -22,35 +22,8 @@ import sys import os, cgi, string, types from Mailman import Utils, MailList, Errors from Mailman.htmlformat import * -from Mailman import Cookie from Mailman import mm_cfg -# copied from admin.py -def isAuthenticated(mlist, password=None, SECRET="SECRET"): - if password is not None: # explicit login - try: - mlist.ConfirmAdminPassword(password) - except Errors.MMBadPasswordError: - AddErrorMessage(doc, 'Error: Incorrect admin password.') - return 0 - - token = list.MakeCookie() - c = Cookie.Cookie() - cookie_key = list_name + "-admin" - c[cookie_key] = token - c[cookie_key]['expires'] = mm_cfg.ADMIN_COOKIE_LIFE - print c # Output the cookie - return 1 - if os.environ.has_key('HTTP_COOKIE'): - c = Cookie.Cookie( os.environ['HTTP_COOKIE'] ) - if c.has_key(list_name + "-admin"): - if list.CheckCookie(c[list_name + "-admin"].value): - return 1 - else: - AddErrorMessage(doc, "error decoding authorization cookie") - return 0 - return 0 - def main(): # XXX: Yuk, blech, ick @@ -98,17 +71,32 @@ def main(): try: form = cgi.FieldStorage() - # authenticate. all copied from admin.py + # Authenticate. is_auth = 0 + adminpw = None + message = "" + if form.has_key('adminpw'): - is_auth = isAuthenticated(list, form['adminpw'].value) - message = FontAttr('Sorry, wrong password. Try again.', - color='ff5060', size='+1').Format() - else: - is_auth = isAuthenticated(list) - message = '' + adminpw = form['adminpw'].value + try: + # admindb uses the same cookie as admin + is_auth = list.WebAuthenticate(password=adminpw, + cookie='admin') + except Errors.MMBadPasswordError: + message = 'Sorry, wrong password. Try again.' + except Errors.MMExpiredCookieError: + message = 'Your cookie has gone stale, ' \ + 'enter password to get a new one.', + except Errors.MMInvalidCookieError: + message = 'Error decoding authorization cookie.' + except Errors.MMAuthenticationError: + message = 'Authentication error.' + if not is_auth: defaulturi = '/mailman/admindb%s/%s' % (mm_cfg.CGIEXT, list_name) + if message: + message = FontAttr( + message, color='FF5060', size='+1').Format() print 'Content-type: text/html\n\n' text = Utils.maketext( 'admlogin.txt', |