Ejemplo n.º 1
0
def add_note():
    """
    Adds a note to the user's notebook. The request should be in this format:

        {
            "message": "note message."
        }
    """

    # Verify Firebase auth.
    claims = firebase_helper.verify_auth_token(request)
    if not claims:
        return 'Unauthorized', 401

    # [START create_entity]
    data = request.get_json()

    # Populates note properties according to the model,
    # with the user ID as the key name.
    note = Note(
        parent=ndb.Key(Note, claims['sub']),
        message=data['message'])

    # Some providers do not provide one of these so either can be used.
    note.friendly_id = claims.get('name', claims.get('email', 'Unknown'))
    # [END create_entity]

    # Stores note in database.
    note.put()

    return 'OK', 200
Ejemplo n.º 2
0
def add_note():
    """
    Adds a note to the user's notebook. The request should be in this format:

        {
            "message": "note message."
        }
    """

    # Verify Firebase auth.
    claims = firebase_helper.verify_auth_token(request)
    if not claims:
        return 'Unauthorized', 401

    # [START create_entity]
    data = request.get_json()

    # Populates note properties according to the model,
    # with the user ID as the key name.
    note = Note(parent=ndb.Key(Note, claims['sub']), message=data['message'])

    # Some providers do not provide one of these so either can be used.
    note.friendly_id = claims.get('name', claims.get('email', 'Unknown'))
    # [END create_entity]

    # Stores note in database.
    note.put()

    return 'OK', 200
def test_verify_auth_token_invalid_key_id(test_certificate):
    _, _, _, private_key_bytes = test_certificate
    jwt = make_jwt(private_key_bytes, headers={'kid': 'invalid'})
    request = mock.Mock()
    request.headers = {'Authorization': 'Bearer {}'.format(jwt)}

    get_cert_patch = mock.patch('firebase_helper.get_firebase_certificates')
    with get_cert_patch as get_cert_mock:
        # Make get_firebase_certificates return no certificates
        get_cert_mock.return_value = {}
        assert firebase_helper.verify_auth_token(request) is None
Ejemplo n.º 4
0
def list_notes():
    """Returns a list of notes added by the current Firebase user."""

    # Verify Firebase auth.
    claims = firebase_helper.verify_auth_token(request)
    if not claims:
        return 'Unauthorized', 401

    notes = query_database(claims['sub'])

    return jsonify(notes)
Ejemplo n.º 5
0
def list_notes():
    """Returns a list of notes added by the current Firebase user."""

    # Verify Firebase auth.
    claims = firebase_helper.verify_auth_token(request)
    if not claims:
        return 'Unauthorized', 401

    notes = query_database(claims['sub'])

    return jsonify(notes)
Ejemplo n.º 6
0
def test_verify_auth_token_invalid_key_id(test_certificate):
    _, _, _, private_key_bytes = test_certificate
    jwt = make_jwt(private_key_bytes, headers={'kid': 'invalid'})
    request = mock.Mock()
    request.headers = {'Authorization': 'Bearer {}'.format(jwt)}

    get_cert_patch = mock.patch('firebase_helper.get_firebase_certificates')
    with get_cert_patch as get_cert_mock:
        # Make get_firebase_certificates return no certificates
        get_cert_mock.return_value = {}
        assert firebase_helper.verify_auth_token(request) is None
Ejemplo n.º 7
0
def user_car_filter(request):
    """Returns cars by user or by session

	If user is verified as logged in, returns user's cars.
	Otherwise the cars associated with the session are returned.
	"""
    try:
        claims = firebase_helper.verify_auth_token(request)
        if not claims:
            cars = get_cars(str(session['sid']))
        else:
            cars = get_cars(claims['sub'])
    except:
        cars = get_cars(str(session['sid']))

    return cars
Ejemplo n.º 8
0
def user_new_car_filter(request):
    """Returns a new car object

	If the user is logged in, creates a new car using "subject" returned 
	by Firebase.
	Otherwise, creates a new car using session ID.
	"""
    try:
        claims = firebase_helper.verify_auth_token(request)
        if not claims:
            new_car = Car(parent=ndb.Key(Car, str(session['sid'])))
        else:
            new_car = Car(parent=ndb.Key(Car, claims['sub']))
    except:
        new_car = Car(parent=ndb.Key(Car, str(session['sid'])))

    return new_car
Ejemplo n.º 9
0
    def post(self):
        # Verify Firebase auth.
        claims = firebase_helper.verify_auth_token(self.request)
        if not claims:
            self.abort(401, detail='Unauthorized access attempted')

        # We set the same parent key on the 'Greeting' to ensure each
        # Greeting is in the same entity group. Queries across the
        # single entity group will be consistent. However, the write
        # rate to a single entity group should be limited to
        # ~1/second.
        register_name = self.request.get('register_name',
                                         DEFAULT_REGISTER_NAME)

        key = self.request.get('key')
        print 'block is ' + self.request.get('block')
        block = int(self.request.get('block'))
        current = self.request.get('Current')
        desired = self.request.get('Desired')

        if key:
            trade = ndb.Key(urlsafe=key).get()
            trade.current = current
            trade.desired = desired

        else:
            trade = ClerkshipTrade(parent=register_key(register_name))

            trade.student = Student(email=claims.get('email'))
            print trade.student.email
            trade.block = block
            trade.current = current
            trade.desired = desired

        if trade.is_valid():
            trade.put()
            print 'trade was put'
            self.response.headers['Content-Type'] = 'application/json'
            response_obj = {'data': trade.get_json()}
            self.response.out.write(json.dumps(response_obj))
        else:
            self.abort(500, detail='Unable to save record')
def test_verify_auth_token(test_certificate, monkeypatch):
    _, certificate_pem, _, private_key_bytes = test_certificate

    # The Firebase project ID is used as the JWT audience.
    monkeypatch.setenv('FIREBASE_PROJECT_ID', 'test_audience')

    # Generate a jwt to include in the request.
    jwt = make_jwt(private_key_bytes, headers={'kid': '1'})

    # Make a mock request
    request = mock.Mock()
    request.headers = {'Authorization': 'Bearer {}'.format(jwt)}

    get_cert_patch = mock.patch('firebase_helper.get_firebase_certificates')
    with get_cert_patch as get_cert_mock:
        # Make get_firebase_certificates return our test certificate.
        get_cert_mock.return_value = {'1': certificate_pem}
        claims = firebase_helper.verify_auth_token(request)

    assert claims['user_id'] == '123'
Ejemplo n.º 11
0
def test_verify_auth_token_expired(test_certificate, monkeypatch):
    _, certificate_pem, _, private_key_bytes = test_certificate

    # The Firebase project ID is used as the JWT audience.
    monkeypatch.setenv('FIREBASE_PROJECT_ID', 'test_audience')

    # Generate a jwt to include in the request.
    jwt = make_jwt(private_key_bytes,
                   claims={'exp': int(time.time()) - 60},
                   headers={'kid': '1'})

    # Make a mock request
    request = mock.Mock()
    request.headers = {'Authorization': 'Bearer {}'.format(jwt)}

    get_cert_patch = mock.patch('firebase_helper.get_firebase_certificates')
    with get_cert_patch as get_cert_mock:
        # Make get_firebase_certificates return our test certificate.
        get_cert_mock.return_value = {'1': certificate_pem}
        assert firebase_helper.verify_auth_token(request) is None
Ejemplo n.º 12
0
    def get(self):
        # Verify Firebase auth.
        print self.request
        claims = firebase_helper.verify_auth_token(self.request)

        register_name = self.request.get('register_name',
                                         DEFAULT_REGISTER_NAME)
        if claims:
            print 'claims found'
            trade_query = ClerkshipTrade.query(
                ClerkshipTrade.student.email == claims.get('email'),
                ancestor=register_key(register_name))
            trades = trade_query.fetch()
        else:
            trades = []

        data = {}
        for trade in trades:
            data[trade.block] = trade.get_json()

        response_obj = {'data': data}

        self.response.headers['Content-Type'] = 'application/json'
        self.response.out.write(json.dumps(response_obj))
def test_verify_auth_token_no_auth_header():
    request = mock.Mock()
    request.headers = {}
    assert firebase_helper.verify_auth_token(request) is None
Ejemplo n.º 14
0
def test_verify_auth_token_no_auth_header():
    request = mock.Mock()
    request.headers = {}
    assert firebase_helper.verify_auth_token(request) is None