Untitled

# -*- coding: utf-8 -*-
from flask import Flask, render_template_string, request, Response, session, redirect
import logging, os, sys, time
import random

app = Flask(__name__)

app.config["SECRET_KEY"] = "SECRETKEYSECRETKEYSECRETKEYSECRETKEYSECRETKEY"
app.config["DEBUG"] = os.environ.get("FLASK_DEBUG", True)
app.config["JSON_AS_ASCII"] = False


html_login = """
{% if auth_name %}
	{% set NAME = auth_name %}
{% else %}
	{% set NAME = 'unknown' %}
{% endif %}
{% if not status %}
	{% set status = 'UNKNOWN' %}
{% endif %}
<!DOCTYPE html>
<html>
<head><title>AD AUTH</title></head>
<body>
	<div> <h2>Hello, <small>{{NAME}}</small>.</h2><p>You are in {{status}} status.</p><p>and otp status is {{otp_status}}</p> </div>
	<div>
		<form action="/login" method="post">
			<input name="username" placeholder="username" type="text">
			<input type="password" name="password">
			<input type="submit" name="submit">
		</form>
	</div>
</body>
</html>
"""


html_otp = """
{% if auth_name %}
	{% set NAME = auth_name %}
{% else %}
	{% set NAME = 'unknown' %}
{% endif %}
{% if not status %}
	{% set status = 'UNKNOWN' %}
{% endif %}
{% if not otp_status %}
	{% set otp_status = 'UNKNOWN' %}
{% endif %}
<!DOCTYPE html>
<html>
<head><title>AD AUTH</title></head>
<body>
	<div> <h2>Hello, <small>{{NAME}}</small>.</h2><p>You are in {{status}} status.</p><p>and otp status is {{otp_status}}</p> </div>
	<div>
		<form action="/otp" method="post">
			<input name="otp" placeholder="otp" type="text">
			<input type="submit" name="submit">
		</form>
	</div>
</body>
</html>
"""

html_result = """
{% if auth_name %}
	{% set NAME = auth_name %}
{% else %}
	{% set NAME = 'unknown' %}
{% endif %}
{% if not status %}
	{% set status = 'UNKNOWN' %}
{% endif %}
{% if not otp_status %}
	{% set otp_status = 'UNKNOWN' %}
{% endif %}
<!DOCTYPE html>
<html>
<head><title>AD AUTH</title></head>
<body>
	<div>
		<h2>Hello, <small>{{NAME}}</small>.</h2>
		<p>You are in {{status}} status.</p>
		<p>and otp status is {{otp_status}}</p>
		<p><a href="/">Go to home?</a></p>
	</div>
</body>
</html>
"""


def generate_code():
	return str(random.randrange(100000, 999999))


def send_otp_code():
	otp_code = generate_code()
	app.logger.critical('OTP: %s' % otp_code)
	session['otp_code'] = otp_code
	return otp_code


def validate_user(username, password):
	if username == 'foo' and password == 'bar':
		return True
	else:
		return False


def validate_otp(otp_password):
	if otp_password == session['otp_code']:
		return True
	else:
		return False


@app.route('/')
def home():
	app.logger.info("route =>'/' - hit!")
	return render_template_string(html_login)


@app.route('/login', methods=['GET','POST'])
def login():
	app.logger.info("route =>'/login' - hit!")
	if request.method == 'GET':
		return redirect('/')
	else:
		session['auth_user'] = request.form['username']
		session['auth_pass'] = request.form['password']
		app.logger.info("login: %s" % session['auth_user'])
		status = validate_user(username=session['auth_user'], password=session['auth_pass'])
		if not status:
			session['status'] = 'UNAUTHORIZED'
			return render_template_string(html_login, auth_name=session['auth_user'], status=session['status'])
		else:
			session['status'] = 'AUTHORIZED'
			return redirect('/otp')


@app.route('/otp', methods=['GET','POST'])
def login_otp():
	app.logger.info("route =>'/otp' - hit!")
	if request.method == 'GET':
		send_otp_code()
		return render_template_string(html_otp, auth_name=session['auth_user'], status=session['status'])
	else:
		session['otp'] = request.form['otp']
		otp_status = validate_otp(session['otp'])
		if not otp_status:
			session['otp_status'] = 'INVALID'
		else:
			session['otp_status'] = 'VALID'
	return render_template_string(html_result, auth_name=session['auth_user'], status=session['status'], otp_status=session['otp_status'])


if __name__ == '__main__':
    app.run(debug=True)