def __init__(self,
directory=None,
backend=None,
email_sender=None,
initialize=False,
session_domain=None,
smtp_server=None,
smtp_url='localhost'):
"""Auth/Authorization/Accounting class
:param directory: configuration directory
:type directory: str.
:param users_fname: users filename (without .json), defaults to 'users'
:type users_fname: str.
:param roles_fname: roles filename (without .json), defaults to 'roles'
:type roles_fname: str.
"""
if smtp_server:
smtp_url = smtp_server
self.mailer = Mailer(email_sender, smtp_url)
self.password_reset_timeout = 3600 * 24
self.session_domain = session_domain
self.preferred_hashing_algorithm = 'PBKDF2'
# Setup JsonBackend by default for backward compatibility.
if backend is None:
self._store = JsonBackend(directory,
users_fname='users',
roles_fname='roles',
pending_reg_fname='register',
initialize=initialize)
else:
self._store = backend
def __init__(self,
directory="conf",
backend=None,
initialize=False,
session_domain=None):
"""Auth/Authorization/Accounting class
:param directory: configuration directory
:type directory: str.
:param users_fname: users filename (without .json), defaults to 'users'
:type users_fname: str.
:param roles_fname: roles filename (without .json), defaults to 'roles'
:type roles_fname: str.
:param apps_fname: apps filename (without .json), defaults to 'apps'
:type apps_fname: str.
"""
self.password_reset_timeout = 3600 * 24
self.session_domain = session_domain
self.preferred_hashing_algorithm = 'PBKDF2'
# Setup JsonBackend by default for backward compatibility.
if backend is None:
self._store = JsonBackend(directory,
users_fname='users',
roles_fname='roles',
apps_fname='apps',
initialize=initialize)
else:
self._store = backend
def __init__(
self,
directory=None,
backend=None,
email_sender=None,
initialize=False,
session_domain=None,
smtp_server=None,
smtp_url="localhost",
):
"""Auth/Authorization/Accounting class
:param directory: configuration directory
:type directory: str.
:param users_fname: users filename (without .json), defaults to 'users'
:type users_fname: str.
:param roles_fname: roles filename (without .json), defaults to 'roles'
:type roles_fname: str.
"""
if smtp_server:
smtp_url = smtp_server
self.mailer = Mailer(email_sender, smtp_url)
self.password_reset_timeout = 3600 * 24
self.session_domain = session_domain
self.preferred_hashing_algorithm = "PBKDF2"
# Setup JsonBackend by default for backward compatibility.
if backend is None:
self._store = JsonBackend(
directory, users_fname="users", roles_fname="roles", pending_reg_fname="register", initialize=initialize
)
else:
self._store = backend
class BaseCork(object):
"""Abstract class"""
def __init__(
self,
directory=None,
backend=None,
email_sender=None,
initialize=False,
session_domain=None,
smtp_server=None,
smtp_url="localhost",
):
"""Auth/Authorization/Accounting class
:param directory: configuration directory
:type directory: str.
:param users_fname: users filename (without .json), defaults to 'users'
:type users_fname: str.
:param roles_fname: roles filename (without .json), defaults to 'roles'
:type roles_fname: str.
"""
if smtp_server:
smtp_url = smtp_server
self.mailer = Mailer(email_sender, smtp_url)
self.password_reset_timeout = 3600 * 24
self.session_domain = session_domain
self.preferred_hashing_algorithm = "PBKDF2"
# Setup JsonBackend by default for backward compatibility.
if backend is None:
self._store = JsonBackend(
directory, users_fname="users", roles_fname="roles", pending_reg_fname="register", initialize=initialize
)
else:
self._store = backend
def login(self, username, password, success_redirect=None, fail_redirect=None):
"""Check login credentials for an existing user.
Optionally redirect the user to another page (typically /login)
:param username: username
:type username: str.
:param password: cleartext password
:type password: str.
:param success_redirect: redirect authorized users (optional)
:type success_redirect: str.
:param fail_redirect: redirect unauthorized users (optional)
:type fail_redirect: str.
:returns: True for successful logins, else False
"""
assert isinstance(username, str), "the username must be a string"
assert isinstance(password, str), "the password must be a string"
if username in self._store.users:
if self._verify_password(username, password, self._store.users[username]["hash"]):
# Setup session data
self._setup_cookie(username)
self._store.users[username]["last_login"] = str(datetime.utcnow())
self._store.save_users()
if success_redirect:
self._redirect(success_redirect)
return True
if fail_redirect:
self._redirect(fail_redirect)
return False
def logout(self, success_redirect="/login", fail_redirect="/login"):
"""Log the user out, remove cookie
:param success_redirect: redirect the user after logging out
:type success_redirect: str.
:param fail_redirect: redirect the user if it is not logged in
:type fail_redirect: str.
"""
try:
session = self._beaker_session
session.delete()
except Exception, e:
log.debug("Exception %s while logging out." % repr(e))
self._redirect(fail_redirect)
self._redirect(success_redirect)
class BaseCork(object):
"""Abstract class"""
def __init__(self,
directory=None,
backend=None,
email_sender=None,
initialize=False,
session_domain=None,
smtp_server=None,
smtp_url='localhost',
session_key_name=None):
"""Auth/Authorization/Accounting class
:param directory: configuration directory
:type directory: str.
:param users_fname: users filename (without .json), defaults to 'users'
:type users_fname: str.
:param roles_fname: roles filename (without .json), defaults to 'roles'
:type roles_fname: str.
"""
if smtp_server:
smtp_url = smtp_server
self.mailer = Mailer(email_sender, smtp_url)
self.password_reset_timeout = 3600 * 24
self.session_domain = session_domain
self.session_key_name = session_key_name or 'beaker.session'
self.preferred_hashing_algorithm = 'PBKDF2'
# Setup JsonBackend by default for backward compatibility.
if backend is None:
self._store = JsonBackend(directory,
users_fname='users',
roles_fname='roles',
pending_reg_fname='register',
initialize=initialize)
else:
self._store = backend
def login(self,
username,
password,
success_redirect=None,
fail_redirect=None):
"""Check login credentials for an existing user.
Optionally redirect the user to another page (typically /login)
:param username: username
:type username: str or unicode.
:param password: cleartext password
:type password: str.or unicode
:param success_redirect: redirect authorized users (optional)
:type success_redirect: str.
:param fail_redirect: redirect unauthorized users (optional)
:type fail_redirect: str.
:returns: True for successful logins, else False
"""
assert isinstance(username,
(str, unicode)), "the username must be a string"
assert isinstance(password,
(str, unicode)), "the password must be a string"
if username in self._store.users:
authenticated = self._verify_password(
username, password, self._store.users[username]['hash'])
if authenticated:
# Setup session data
self._setup_cookie(username)
self._store.users[username]['last_login'] = str(
datetime.utcnow())
self._store.save_users()
if success_redirect:
self._redirect(success_redirect)
return True
if fail_redirect:
self._redirect(fail_redirect)
return False
def logout(self, success_redirect='/login', fail_redirect='/login'):
"""Log the user out, remove cookie
:param success_redirect: redirect the user after logging out
:type success_redirect: str.
:param fail_redirect: redirect the user if it is not logged in
:type fail_redirect: str.
"""
try:
session = self._beaker_session
session.delete()
except Exception, e:
log.debug("Exception %s while logging out." % repr(e))
self._redirect(fail_redirect)
self._redirect(success_redirect)
class Cork(object):
def __init__(self,
directory="conf",
backend=None,
initialize=False,
session_domain=None):
"""Auth/Authorization/Accounting class
:param directory: configuration directory
:type directory: str.
:param users_fname: users filename (without .json), defaults to 'users'
:type users_fname: str.
:param roles_fname: roles filename (without .json), defaults to 'roles'
:type roles_fname: str.
:param apps_fname: apps filename (without .json), defaults to 'apps'
:type apps_fname: str.
"""
self.password_reset_timeout = 3600 * 24
self.session_domain = session_domain
self.preferred_hashing_algorithm = 'PBKDF2'
# Setup JsonBackend by default for backward compatibility.
if backend is None:
self._store = JsonBackend(directory,
users_fname='users',
roles_fname='roles',
apps_fname='apps',
initialize=initialize)
else:
self._store = backend
def delete_app(self, appID):
"""
Delete app from user and database
"""
user = self.current_user
try:
user.update(delApp=appID)
except:
raise AAAException("Unable to delete %s" % appID)
try:
self._store.apps.pop(appID)
self._store.save_apps()
except:
raise AAAException("Unable to delete %s" % appID)
def save_app(self, app):
"""
Save app dict to mongo database
"""
apps = self._store.apps
apps[app['appID']] = app
user = self.current_user
if user is None:
raise AAAException("Nonexistent user.")
try:
user.update(addApp=app['appID'])
self._store.save_apps()
except:
raise AAAException("Unable to save app")
def load_app(self, appID):
"""
Load app dict from mongodb
"""
if appID not in self._store.apps:
raise AAAException("Unable to load config for %s" % appID)
app = self._store.apps[appID]
return app
def check_apps_for(self, appID):
"""
Check appID against database
"""
if appID in self._store.apps:
return False
return True
def sort_nicely(self, l):
""" Sort the given list in the way that humans expect.
"""
convert = lambda text: int(text) if text.isdigit() else text
alphanum_key = lambda key: [
convert(c) for c in re.split('([0-9]+)', key)
]
l.sort(key=alphanum_key)
def list_apps(self, user=None):
apps = []
if user is not None:
if user.apps:
for appID in user.apps.split(","):
if appID in self._store.apps:
apps.append(self._store.apps[appID])
else:
for app in self._store.apps:
apps.append(self._store.apps[app])
apps.sort(key=lambda x: (x['owner'], x['created']))
return apps
def list_data(self):
logs = os.listdir("logs")
data = []
app_list = self.list_apps()
for app in app_list:
appdict = {}
appID = app['appID']
appdict["appID"] = appID
appdict['files'] = []
for log in logs:
if log.startswith(appID) and log.endswith(".json"):
appdict['files'].append(log)
self.sort_nicely(appdict['files'])
appdict['owner'] = app['owner']
appdict['created'] = app['created']
data.append(appdict)
data.sort(key=lambda x: (x['owner'], x['created'], x['appID']))
return data
def login(self,
username,
password,
success_redirect=None,
fail_redirect=None):
"""Check login credentials for an existing user.
Optionally redirect the user to another page (tipically /login)
:param username: username
:type username: str.
:param password: cleartext password
:type password: str.
:param success_redirect: redirect authorized users (optional)
:type success_redirect: str.
:param fail_redirect: redirect unauthorized users (optional)
:type fail_redirect: str.
:returns: True for successful logins, else False
"""
assert isinstance(username, str), "the username must be a string"
assert isinstance(password, str), "the password must be a string"
if username in self._store.users:
if self._verify_password(username, password,
self._store.users[username]['hash']):
# Setup session data
self._setup_cookie(username)
if success_redirect:
bottle.redirect(success_redirect)
return True
if fail_redirect:
session = self._beaker_session
session['redir_msg'] = "Invalid username or password!"
bottle.redirect(fail_redirect)
return False
def logout(self, success_redirect=None, fail_redirect=None):
"""Log the user out, remove cookie
:param success_redirect: redirect the user after logging out
:type success_redirect: str.
:param fail_redirect: redirect the user if it is not logged in
:type fail_redirect: str.
"""
try:
session = self._beaker_session
session.delete()
except Exception, e:
log.debug("Exception %s while logging out." % repr(e))
bottle.redirect(fail_redirect)
bottle.redirect(success_redirect)
