def auth(uid, tok, perms=None): id, _, pw = tok.partition("$") p = sess.query(Person).get(uid) a = Auth(p) a.neverusethisinsecuremethod_set(id,pw) a.perms = p.perms if perms is None else perms sess.add(a) return a
def get_authenticators(self): if self.request.method == "GET": return [ Auth(), ] else: return [ CoerceAuth(), ]
def user_login(req, mysql_client): err, user = mysql_client.get_user_by_id(req.user_id) if err: return HTTPStatus.BAD_REQUEST, ErrorResp(err_msg="用户未注册") if user.password != req.password: return HTTPStatus.BAD_REQUEST, ErrorResp(err_msg="密码错误") login_time = int(time.time()) token = Auth.encode_auth_token(req.user_id, login_time) session['user_name'] = user.name session['user_id'] = user.user_id return HTTPStatus.OK, api_pb2.LoginResp(token=token)
def POST(self): j = self.req.json s = self.dbs user = j.get("user") if not user: self.status_code = 400 return {"e":1, "msg":"No user provided."} if not isinstance(user, str): self.status_code = 400 return {"e":1, "msg":"'user' must be a string."} pw = j.get("pass") if not pw: self.status_code = 400 return {"e":1, "msg":"No password provided."} if "@" in user: person = s.query(Person).join(Email).filter_by(email=user).scalar() else: person = s.query(Person).get(user) if not person or not person.password_check(j["pass"]): self.status_code = 403 return {"e":1, "msg":"Invalid credentials."} a = Auth(person) s.add(a) a.perms = person.perms s.commit() return {"e":0, "token": a.token, "perms": a.perms, "user": a.user.id, }
def wrapper(*args, **kwargs): """ 用户鉴权 :return: list """ auth_token = request.headers.get('JWT') if not auth_token: return to_err_resp(500, '没有JWT Token') auth_token = auth_token.strip() payload = Auth.decode_auth_token(auth_token) current_time = int(time.time()) exp = payload['exp'] if current_time > exp: return to_err_resp(500, 'JWT Token 过期') return f(*args, **kwargs)
def __init__(self): sys.path.append(os.path.join(os.path.dirname(__file__), '..')) parser = argparse.ArgumentParser(prog='nester') parser.add_argument('-v', '--version', action='version', version='%(prog)s 0.1') parser.add_argument('-l', '--log', type=str, required=False, help='The output log file') subparsers = parser.add_subparsers(dest='command', help='sub commands') auth = Auth(os.environ['NEST_CONTACT_EMAIL']) if auth.load(): auth.get_token() auth.save() objects = [ App(auth), #Forest(auth), #Tree(auth), Content(auth), Nest(auth), #Domain(auth), #Certificate(auth), #Contact(auth), #DevKit(auth), Deployment(auth), Data(auth) ] for the_obj in objects: the_obj.parse_command(subparsers) args = parser.parse_args() print('\n') for the_obj in objects: if the_obj.exec_command(args) == True: break
import io import os from googleapiclient.errors import HttpError from googleapiclient.http import MediaIoBaseDownload, MediaFileUpload from httplib2 import Http from oauth2client import file from apiclient.discovery import build from DatShiroShop.models import Song from api.auth import Auth SCOPES = 'https://www.googleapis.com/auth/drive' store = file.Storage('credentials.json') auth = Auth(SCOPES, store) creds = auth.getCredentials() shiro_store_folder_id = '1E1_y5_-vW6Qwvh0aXkQ3DK5cYq2ZaVY2' shiro_store_user_folder_id = '11PJLtUpw2U1u7Sm-acxYYaoi_QbIWhg5' service = build('drive', 'v3', http=creds.authorize(Http())) downloads_path = os.path.expanduser(os.sep.join(["~", "Downloads"])) def list_files(size=10, folder_id=shiro_store_folder_id): results = service.files().list( pageSize=10, fields="nextPageToken, files(id, name)", q="'{0}' in parents".format(folder_id)).execute() items = results.get('files', []) if not items: print('No files found.')
def get_ramdom(user): if request.method == 'GET': return format_return(Auth.get_random())
def get_token(user): if request.method == 'GET': return format_return(Auth.get_token())