When getting the authtoken in the web interface, call remctl from the

[invirt/packages/invirt-web.git] / code / main.py

diff --git a/code/main.py b/code/main.py
index bf25c26..452a285 100755 (executable)
--- a/code/main.py
+++ b/code/main.py
@@ -245,18 +245,7 @@ def vnc(username, state, path, fields):
     """
     machine = validation.Validate(username, state, machine_id=fields.getfirst('machine_id')).machine
 
-    TOKEN_KEY = "0M6W0U1IXexThi5idy8mnkqPKEq1LtEnlK/pZSn0cDrN"
-
-    data = {}
-    data["user"] = username
-    data["machine"] = machine.name
-    data["expires"] = time.time()+(5*60)
-    pickled_data = cPickle.dumps(data)
-    m = hmac.new(TOKEN_KEY, digestmod=sha)
-    m.update(pickled_data)
-    token = {'data': pickled_data, 'digest': m.digest()}
-    token = cPickle.dumps(token)
-    token = base64.urlsafe_b64encode(token)
+    token = controls.remctl('control', machine.name, 'vnctoken')
     host = controls.listHost(machine)
     if host:
         port = 10003 + [h.hostname for h in config.hosts].index(host)
@@ -653,7 +642,8 @@ def show_error(op, username, fields, err, emsg, traceback):
     d = dict(op=op, user=username, fields=fields,
              errorMessage=str(err), stderr=emsg, traceback=traceback)
     details = templates.error_raw(searchList=[d])
-    if False: #username not in config.web.errormail_exclude:
+    exclude = config.web.errormail_exclude
+    if username not in exclude and '*' not in exclude:
         send_error_mail('xvm error on %s for %s: %s' % (op, username, err),
                         details)
     d['details'] = details