Ejemplo n.º 1
0
    def authorize_revoke_client(cls, action, user_id, client_id, scope=[]):
        model = UsersBusiness.init_infos()['model']

        user = UsersBusiness.get_by_id(user_id)
        if not user:
            raise NotFound('User not Found!')

        new_list = []
        if action == 'authorize':
            ''' Authorize client '''
            has_client = False
            for client in user['clients_authorized']:
                if str(client['id']) == str(client_id):
                    client['scope'] = client['scope'] + scope
                    has_client = True
                    break

            if not has_client:
                user['clients_authorized'].append({
                    "id": ObjectId(client_id),
                    "scope": scope
                })
            new_list = user['clients_authorized']

        else:
            ''' Revoke client '''
            for client in user['clients_authorized']:
                if str(client['id']) == client_id:
                    new_list.append({
                        'id':
                        client['id'],
                        'scope': [
                            item for item in client['scope']
                            if item not in scope
                        ]
                    })
                else:
                    new_list.append(client)

        try:
            model.update_one({"_id": ObjectId(user_id)},
                             {"$set": {
                                 "clients_authorized": list(new_list)
                             }})
            return True
        except Exception:
            return False
Ejemplo n.º 2
0
    def login(cls, username, password):
        model = UsersBusiness.init_infos()['model']

        user = model.find_one({
            "credential.username": username,
            "deleted_at": None
        })
        if not user:
            raise NotFound('User not found!')

        if check_password_hash(user['credential']['password'],
                               password) is False:
            raise BadRequest('Incorrect password!')

        user_id = str(user['_id'])
        token = cls.encode_auth_token(user_id, user['credential']['grants'],
                                      'user')
        result = {
            "user_id": user_id,
            "access_token": token.decode('utf8').replace("'", '"')
        }
        return result
Ejemplo n.º 3
0
    def login(cls, username, password):
        model = UsersBusiness.init_infos()['model']

        user = model.find_one(
            {"credential.username": username, "deleted_at": None})
        if not user:
            raise NotFound('User not found!')

        if check_password_hash(user['credential']['password'], password) is False:
            raise BadRequest('Incorrect password!')

        user_id = str(user['_id'])
        token = cls.encode_auth_token(
            user_id, user['credential']['grants'], 'user')
        expired_date = time.mktime(time.localtime(
            int(time.time()) + int(Config.EXPIRES_IN_AUTH)))
        result = {
            "user_id": user_id,
            "grants": user['credential']['grants'],
            "access_token": token.decode('utf8').replace("'", '"'),
            "expired_date": time.strftime("%Y-%m-%d %H:%M:%S",
                                          time.localtime(expired_date))
        }
        return result