def create_session_token(sender, user, request, **kwargs):
auth_token = AuthToken(user=user, api_server_url=settings.API_SERVER_URL)
auth_token.update_expiration()
auth_token.save()
request.session['username'] = auth_token.user.username
request.session['token'] = auth_token.key
return auth_token
def auth_response(request):
"""
Create a new AuthToken for the user, then return the Token & API URL
AuthTokens will expire after a predefined time
(See #/auth/utils.py:settings.TOKEN_EXPIRY_TIME)
AuthTokens will be re-newed if
the user is re-authenticated by CAS at expiry-time
"""
logger.debug("Creating Auth Response")
api_server_url = settings.API_SERVER_URL
#login validation
response = HttpResponse()
response['Access-Control-Allow-Origin'] = '*'
response['Access-Control-Allow-Methods'] = 'POST, GET, OPTIONS'
response['Access-Control-Max-Age'] = 1000
response['Access-Control-Allow-Headers'] = '*'
response['X-Server-Management-Url'] = api_server_url
response['X-Storage-Url'] = "http://"
response['X-CDN-Management-Url'] = "http://"
token = str(uuid.uuid4())
username = request.META['HTTP_X_AUTH_USER']
response['X-Auth-Token'] = token
#New code: If there is an 'emulate_user' parameter:
if 'HTTP_X_EMULATE_USER' in request.META:
# AND user has permission to emulate
if userCanEmulate(username):
logger.debug("EMULATION REQUEST:"
"Generating AuthToken for %s -- %s" %
(request.META['HTTP_X_EMULATE_USER'],
username))
response['X-Auth-User'] = request.META['HTTP_X_EMULATE_USER']
response['X-Emulated-By'] = username
#then this token is for the emulated user
auth_user_token = AuthToken(
user=request.META['HTTP_X_EMULATE_USER'],
issuedTime=datetime.now(),
remote_ip=request.META['REMOTE_ADDR'],
api_server_url=api_server_url
)
else:
logger.warn("EMULATION REQUEST:User deemed Unauthorized : %s" %
(username,))
#This user is unauthorized to emulate users - Don't create a token!
return HttpResponse("401 UNAUTHORIZED TO EMULATE", status=401)
else:
#Normal login, no user to emulate
response['X-Auth-User'] = username
auth_user_token = AuthToken(
user=username,
issuedTime=datetime.now(),
remote_ip=request.META['REMOTE_ADDR'],
api_server_url=api_server_url
)
auth_user_token.save()
return response
def auth_response(request):
"""
Create a new AuthToken for the user, then return the Token & API URL
AuthTokens will expire after a predefined time
(See #/auth/utils.py:settings.TOKEN_EXPIRY_TIME)
AuthTokens will be re-newed if
the user is re-authenticated by CAS at expiry-time
"""
logger.debug("Creating Auth Response")
api_server_url = settings.API_SERVER_URL
#login validation
response = HttpResponse()
response['Access-Control-Allow-Origin'] = '*'
response['Access-Control-Allow-Methods'] = 'POST, GET, OPTIONS'
response['Access-Control-Max-Age'] = 1000
response['Access-Control-Allow-Headers'] = '*'
response['X-Server-Management-Url'] = api_server_url
response['X-Storage-Url'] = "http://"
response['X-CDN-Management-Url'] = "http://"
token = str(uuid.uuid4())
username = request.META['HTTP_X_AUTH_USER']
response['X-Auth-Token'] = token
#New code: If there is an 'emulate_user' parameter:
if 'HTTP_X_EMULATE_USER' in request.META:
# AND user has permission to emulate
if userCanEmulate(username):
logger.debug("EMULATION REQUEST:"
"Generating AuthToken for %s -- %s" %
(request.META['HTTP_X_EMULATE_USER'],
username))
response['X-Auth-User'] = request.META['HTTP_X_EMULATE_USER']
response['X-Emulated-By'] = username
#then this token is for the emulated user
auth_user_token = AuthToken(
user=request.META['HTTP_X_EMULATE_USER'],
issuedTime=datetime.now(),
remote_ip=request.META['REMOTE_ADDR'],
api_server_url=api_server_url
)
else:
logger.warn("EMULATION REQUEST:User deemed Unauthorized : %s" %
(username,))
#This user is unauthorized to emulate users - Don't create a token!
return HttpResponse("401 UNAUTHORIZED TO EMULATE", status=401)
else:
#Normal login, no user to emulate
response['X-Auth-User'] = username
auth_user_token = AuthToken(
user=username,
issuedTime=datetime.now(),
remote_ip=request.META['REMOTE_ADDR'],
api_server_url=api_server_url
)
auth_user_token.save()
return response
def createAuthToken(username):
"""
returns a new token for username
"""
user = User.objects.get(username=username)
auth_user_token = AuthToken(user=user,
api_server_url=settings.API_SERVER_URL)
auth_user_token.update_expiration()
auth_user_token.save()
return auth_user_token
def create_session_token(sender, user, request, **kwargs):
auth_token = AuthToken(
user=user,
api_server_url=settings.API_SERVER_URL
)
auth_token.update_expiration()
auth_token.save()
request.session['username'] = auth_token.user.username
request.session['token'] = auth_token.key
return auth_token
def createAuthToken(username):
"""
returns a new token for username
"""
user = User.objects.get(username=username)
auth_user_token = AuthToken(
user=user,
api_server_url=settings.API_SERVER_URL
)
auth_user_token.update_expiration()
auth_user_token.save()
return auth_user_token
def createAuthToken(username):
"""
returns a new token for username
"""
# NOTE: REMOVE this when it is no longer true!
# Force any username lookup to be in lowercase
if not username:
return None
username = username.lower()
user = User.objects.get(username=username)
auth_user_token = AuthToken(user=user,
api_server_url=settings.API_SERVER_URL)
auth_user_token.update_expiration()
auth_user_token.save()
return auth_user_token
def authenticate(self):
from authentication.models import Token
self.user = Token.authenticate(self.token)
if self.user:
self.on_authenticated()
else:
self.send_message(pb.TxTokenInvalid())
return
def emulate_request(request, username=None):
try:
logger.info("Emulate attempt: %s wants to be %s"
% (request.user, username))
logger.info(request.session.__dict__)
if not username and 'emulated_by' in request.session:
logger.info("Clearing emulation attributes from user")
request.session['username'] = request.session['emulated_by']
del request.session['emulated_by']
# Allow user to fall through on line below
try:
user = DjangoUser.objects.get(username=username)
except DjangoUser.DoesNotExist:
logger.info("Emulate attempt failed. User <%s> does not exist"
% username)
return HttpResponseRedirect(
settings.REDIRECT_URL +
"/api/v1/profile")
logger.info("Emulate success, creating tokens for %s" % username)
token = AuthToken(
user=user,
key=str(uuid.uuid4()),
issuedTime=datetime.now(),
remote_ip=request.META['REMOTE_ADDR'],
api_server_url=settings.API_SERVER_URL
)
token.save()
# Keep original emulator if it exists, or use the last known username
original_emulator = request.session.get(
'emulated_by', request.session['username'])
request.session['emulated_by'] = original_emulator
# Set the username to the user to be emulated
# to whom the token also belongs
request.session['username'] = username
request.session['token'] = token.key
logger.info("Returning emulated user - %s - to api profile "
% username)
logger.info(request.session.__dict__)
logger.info(request.user)
return HttpResponseRedirect(settings.REDIRECT_URL + "/api/v1/profile")
except Exception as e:
logger.warn("Emulate request failed")
logger.exception(e)
return HttpResponseRedirect(settings.REDIRECT_URL + "/api/v1/profile")
def createAuthToken(username):
"""
returns a new token for username
"""
# NOTE: REMOVE this when it is no longer true!
# Force any username lookup to be in lowercase
if not username:
return None
username = username.lower()
user = User.objects.get(username=username)
auth_user_token = AuthToken(
user=user,
api_server_url=settings.API_SERVER_URL
)
auth_user_token.update_expiration()
auth_user_token.save()
return auth_user_token
def emulate_request(request, username=None):
try:
logger.info("Emulate attempt: %s wants to be %s"
% (request.user, username))
logger.info(request.session.__dict__)
if not username and 'emulated_by' in request.session:
logger.info("Clearing emulation attributes from user")
request.session['username'] = request.session['emulated_by']
del request.session['emulated_by']
#Allow user to fall through on line below
try:
user = DjangoUser.objects.get(username=username)
except DjangoUser.DoesNotExist:
logger.info("Emulate attempt failed. User <%s> does not exist"
% username)
return HttpResponseRedirect(settings.REDIRECT_URL+"/api/v1/profile")
logger.info("Emulate success, creating tokens for %s" % username)
token = AuthToken(
user=user,
key=str(uuid.uuid4()),
issuedTime=datetime.now(),
remote_ip=request.META['REMOTE_ADDR'],
api_server_url=settings.API_SERVER_URL
)
token.save()
#Keep original emulator if it exists, or use the last known username
original_emulator = request.session.get(
'emulated_by', request.session['username'])
request.session['emulated_by'] = original_emulator
#Set the username to the user to be emulated
#to whom the token also belongs
request.session['username'] = username
request.session['token'] = token.key
logger.info("Returning emulated user - %s - to api profile "
% username)
logger.info(request.session.__dict__)
logger.info(request.user)
return HttpResponseRedirect(settings.REDIRECT_URL+"/api/v1/profile")
except Exception, e:
logger.warn("Emulate request failed")
logger.exception(e)
return HttpResponseRedirect(settings.REDIRECT_URL+"/api/v1/profile")
def login(self, message: pb.RxLogin):
user = authenticate(username=message.proto.username,
password=message.proto.password)
if user is None:
message = pb.TxLoginError(
pb.TxLoginError.proto(error_text='Napačni prijavni podatki',
error_code='login-error'))
else:
message = pb.TxLoginToken(
pb.TxLoginToken.proto(token=Token.create(user)))
self.consumer.send_message(message)
def issue_token(self, owner=None):
from authentication.models import Token
token = Token(user=self, owner=owner)
token.save()
return token.key
