Beispiel #1
0
    def get_current_user(self):
        logger.debug('get_current_user')

        try:
            cli_token = self.get_cookie('token')
            if not cli_token:
                logger.debug('token is missed')
                return

            uid = decode_token(cli_token)['uid']
            user_docu = self.mongo_db.users.find_one({'_id': ObjectId(uid)})
            assert user_docu, 'user not existed'
            assert cli_token == user_docu['token'], 'token incorrect'
            validate_token(cli_token)

        except (jwt.ExpiredSignatureError, jwt.InvalidTokenError,
                AssertionError) as err:
            logger.debug('token validate error: {}'.format(err))
            self.clear_cookie('token')
        except AttributeError as err:
            logger.debug('get_current_user error: {}'.format(err))
            self.clear_cookie('token')
        except Exception:
            err = traceback.format_exc()
            logger.exception('get_current_user error: {}'.format(err))
        else:
            logger.debug("authenticated user %s", user_docu['username'])
            return user_docu
Beispiel #2
0
    def get_current_user(self):
        logger.debug('get_current_user')

        try:
            cli_token = self.get_cookie('token')
            if not cli_token:
                logger.debug('token is missed')
                return

            uid = decode_token(cli_token)['uid']
            user_docu = self.mongo_db.users.find_one(
                {'_id': ObjectId(uid)}
            )
            assert user_docu, 'user not existed'
            assert cli_token == user_docu['token'], 'token incorrect'
            validate_token(cli_token)

        except (jwt.ExpiredSignatureError, jwt.InvalidTokenError,
                AssertionError) as err:
            logger.debug('token validate error: {}'.format(err))
            self.clear_cookie('token')
        except AttributeError as err:
            logger.debug('get_current_user error: {}'.format(err))
            self.clear_cookie('token')
        except Exception:
            err = traceback.format_exc()
            logger.exception('get_current_user error: {}'.format(err))
        else:
            logger.debug("authenticated user %s", user_docu['username'])
            return user_docu
Beispiel #3
0
    def ramjet_login(self):
        """
        GET 一个包含 source, id, username 的 token
        """
        try:
            token = self.get_argument('token')
            d = validate_token(token)
        except Exception:
            logger.debug('ramjet_login validate error')
            self.http_400_bad_request(err='token validate error')
            return

        # login from twitter
        sid_str = '{}.id'.format(d['source'])  # like "twitter.id"
        old_user = yield self.db.users.find_one({sid_str: d['id']})
        username = old_user['username'] if old_user else d['username']
        yield self.db.users.update({sid_str: d['id']}, {
            '$set': {
                'username': username,
                sid_str: d['id'],
                'last_update': utcnow()
            }
        },
                                   upsert=True)
        user_docu = yield self.db.users.find_one({sid_str: d['id']})

        token = generate_token({
            'username': d['username'],
            'uid': user_docu['_id']
        })
        self.set_cookie('token', token, expires_days=30)
        self.write_json(msg=OK)
        self.finish()
Beispiel #4
0
 def test_jwt(self):
     passwd = ''.join([random.choice(ascii_lowercase) for _ in range(15)])
     wrong = passwd[:-1] + '0'
     j = {'username': '******'}
     token = generate_token(j, passwd)
     self.assertTrue(validate_token(token, passwd))
     self.assertRaises(jwt.DecodeError, validate_token, token, wrong)
Beispiel #5
0
    def get_current_user(self):
        log.debug('get_current_user')

        try:
            cli_uid = self.get_secure_cookie('uid')
            cli_token = self.get_secure_cookie('token')

            cli_uid = cli_uid and cli_uid.decode()
            cli_token = cli_token and cli_token.decode()

            if not cli_uid or not cli_token:
                return

            user_docu = self.mongo_db.users.find_one(
                {'_id': ObjectId(cli_uid)})
            assert cli_token == user_docu['token']

            token_docu = validate_token(cli_token, user_docu['password'])
            assert token_docu['uid'] == cli_uid

        except (jwt.ExpiredSignatureError, jwt.InvalidTokenError) as err:
            log.debug('token validate error: {}'.format(err))
        except AttributeError as err:
            log.debug('get_current_user error: {}'.format(err))
        except Exception:
            err = traceback.format_exc()
            log.exception('get_current_user error: {}'.format(err))
        else:
            log.debug("authenticated user")
            return user_docu
Beispiel #6
0
 def test_jwt(self):
     passwd = self.generate_random()
     wrong = passwd[:-1] + '0'
     j = {'username': '******'}
     token = generate_token(j, passwd)
     self.assertTrue(validate_token(token, passwd))
     self.assertRaises(jwt.DecodeError, validate_token, token, wrong)
Beispiel #7
0
    def ramjet_login(self):
        """
        GET 一个包含 source, id, username 的 token
        """
        try:
            token = self.get_argument('token')
            d = validate_token(token)
        except Exception:
            logger.debug('ramjet_login validate error')
            self.http_400_bad_request(err='token validate error')
            return

        # login from twitter
        sid_str = '{}.id'.format(d['source'])  # like "twitter.id"
        old_user = yield self.db.users.find_one({sid_str: d['id']})
        username = old_user['username'] if old_user else d['username']
        yield self.db.users.update(
            {sid_str: d['id']},
            {'$set': {'username': username,
                      sid_str: d['id'],
                      'last_update': utcnow()}},
            upsert=True
        )
        user_docu = yield self.db.users.find_one({sid_str: d['id']})

        token = generate_token({'username': d['username'], 'uid': user_docu['_id']})
        self.set_cookie('token', token, expires_days=30)
        self.write_json(msg=OK)
        self.finish()
Beispiel #8
0
    def get_current_user(self):
        log.debug("get_current_user")

        try:
            cli_uid = self.get_secure_cookie("uid")
            cli_token = self.get_secure_cookie("token")

            cli_uid = cli_uid and cli_uid.decode()
            cli_token = cli_token and cli_token.decode()

            if not cli_uid or not cli_token:
                return

            user_docu = self.mongo_db.users.find_one({"_id": ObjectId(cli_uid)})
            assert cli_token == user_docu["token"]

            token_docu = validate_token(cli_token, user_docu["password"])
            assert token_docu["uid"] == cli_uid

        except (jwt.ExpiredSignatureError, jwt.InvalidTokenError) as err:
            log.debug("token validate error: {}".format(err))
        except AttributeError as err:
            log.debug("get_current_user error: {}".format(err))
        except Exception:
            err = traceback.format_exc()
            log.exception("get_current_user error: {}".format(err))
        else:
            log.debug("authenticated user")
            return user_docu