Beispiel #1
0
def change_passwd():
    password = request.json.get('password')
    password_repeat = request.json.get('password_repeat')
    if not password or not password_repeat:
        # Request body is not complete.
        return error_response(errors.AUTH_RESET_MISSING, 400)
    if password != password_repeat:
        # Password do not match.
        return error_response(errors.AUTH_PASSWD_MATCH, 400)
    if current_user.is_authenticated():
        # No need to check password hash object or email.
        user = current_user
    else:
        email = request.json.get('email')
        hashstr = request.json.get('hashstr')
        if not email or not hashstr:
            # Request body is not complete for not authenticated
            # request, ie, uses password reset hash.
            return error_response(errors.AUTH_RESET_MISSING, 400)
        reset = db.session.query(PasswdReset).join(User).\
                    filter(User.email == email, PasswdReset.active == True).\
                    filter(PasswdReset.hashstr == hashstr).\
                    first()
        if not reset:
            return error_response(errors.AUTH_RESET_HASH, 404)
        db.session.add(reset)
        reset.active = False
        user = reset.user
    user.password = encrypt_password(password)
    db.session.add(user)
    db.session.commit()
    return jsonify({})
Beispiel #2
0
def change_passwd():
    password = request.json.get('password')
    password_repeat = request.json.get('password_repeat')
    if not password or not password_repeat:
        # Request body is not complete.
        return error_response(errors.AUTH_RESET_MISSING, 400)
    if password != password_repeat:
        # Password do not match.
        return error_response(errors.AUTH_PASSWD_MATCH, 400)
    if current_user.is_authenticated():
        # No need to check password hash object or email.
        user = current_user
    else:
        email = request.json.get('email')
        hashstr = request.json.get('hashstr')
        if not email or not hashstr:
            # Request body is not complete for not authenticated
            # request, ie, uses password reset hash.
            return error_response(errors.AUTH_RESET_MISSING, 400)
        reset = db.session.query(PasswdReset).join(User).\
                    filter(User.email == email, PasswdReset.active == True).\
                    filter(PasswdReset.hashstr == hashstr).\
                    first()
        if not reset:
            return error_response(errors.AUTH_RESET_HASH, 404)
        db.session.add(reset)
        reset.active = False
        user = reset.user
    user.password = encrypt_password(password)
    db.session.add(user)
    db.session.commit()
    return jsonify({})
Beispiel #3
0
 def wrapped_view(*args, **kwargs):
     if current_user and current_user.is_authenticated():
         return view(*args, **kwargs)
     elif request.authorization:
         auth = request.authorization
         if auth and auth.get('username') == auth.get('password') and\
            Sensor.query.filter_by(uuid=auth.get('username')).count() == 1:
             return view(*args, **kwargs)
     return error_response(errors.API_NOT_AUTHORIZED, 401)
Beispiel #4
0
 def wrapped_view(*args, **kwargs):
     if current_user and current_user.is_authenticated():
         return view(*args, **kwargs)
     elif 'deploy_key' in request.json:
         server_key = current_app.config['DEPLOY_KEY']
         passed_key = request.json['deploy_key']
         if server_key == passed_key:
             return view(*args, **kwargs)
     return error_response(errors.API_NOT_AUTHORIZED, 401)
Beispiel #5
0
 def wrapped_view(*args, **kwargs):
     if current_user and current_user.is_authenticated():
         return view(*args, **kwargs)
     elif request.authorization:
         auth = request.authorization
         if auth and auth.get('username') == auth.get('password') and\
            Sensor.query.filter_by(uuid=auth.get('username')).count() == 1:
             return view(*args, **kwargs)
     return error_response(errors.API_NOT_AUTHORIZED, 401)
Beispiel #6
0
 def wrapped_view(*args, **kwargs):
     if current_user and current_user.is_authenticated():
         return view(*args, **kwargs)
     elif 'deploy_key' in request.json:
         server_key = current_app.config['DEPLOY_KEY']
         passed_key = request.json['deploy_key']
         if server_key == passed_key:
             return view(*args, **kwargs)
     return error_response(errors.API_NOT_AUTHORIZED, 401)
Beispiel #7
0
    def wrapped_view(*args, **kwargs):
        if current_user and current_user.is_authenticated():
            return view(*args, **kwargs)

        api_key = request.args.get('api_key', '')
        if api_key:
            key = ApiKey.query.filter_by(api_key=api_key).first()
            if key:
                return view(*args, **kwargs)

        return error_response(errors.API_NOT_AUTHORIZED, 401)
Beispiel #8
0
    def wrapped_view(*args, **kwargs):
        if current_user and current_user.is_authenticated():
            return view(*args, **kwargs)

        api_key = request.args.get('api_key', '')
        if api_key:
            key = ApiKey.query.filter_by(api_key=api_key).first()
            if key:
                return view(*args, **kwargs)

        return error_response(errors.API_NOT_AUTHORIZED, 401)
Beispiel #9
0
def get_feed():
    from mhn.auth import current_user
    authfeed = mhn.config['FEED_AUTH_REQUIRED']
    if authfeed and not current_user.is_authenticated():
        abort(404)
    feed = AtomFeed('MHN HpFeeds Report', feed_url=request.url,
                    url=request.url_root)
    sessions = new_clio_connection().session.get(options={'limit': 1000})
    for s in sessions:
        feedtext = u'Sensor "{identifier}" '
        feedtext += '{source_ip}:{source_port} on sensorip:{destination_port}.'
        feedtext = feedtext.format(**s.to_dict())
        feed.add('Feed', feedtext, content_type='text',
                 published=s.timestamp, updated=s.timestamp,
                 url=makeurl(url_for('api.get_session', session_id=str(s._id))))
    return feed
Beispiel #10
0
def get_feed():
    from mhn.common.clio import Clio
    from mhn.auth import current_user
    authfeed = mhn.config['FEED_AUTH_REQUIRED']
    if authfeed and not current_user.is_authenticated():
        abort(404)
    feed = AtomFeed('MHN HpFeeds Report', feed_url=request.url,
                    url=request.url_root)
    sessions = Clio().session.get(options={'limit': 1000})
    for s in sessions:
        feedtext = u'Sensor "{identifier}" '
        feedtext += '{source_ip}:{source_port} on sensorip:{destination_port}.'
        feedtext = feedtext.format(**s.to_dict())
        feed.add('Feed', feedtext, content_type='text',
                 published=s.timestamp, updated=s.timestamp,
                 url=makeurl(url_for('api.get_session', session_id=str(s._id))))
    return feed
Beispiel #11
0
def login_user():
    if current_user.is_authenticated():
        return redirect(url_for('ui.dashboard'))
    return render_template('security/login_user.html')
Beispiel #12
0
def login_user():
    if current_user.is_authenticated():
        return redirect(url_for('ui.dashboard'))
    return render_template('security/login_user.html')