def api_login(request):
"""
Function used for API login validation and authentication
(:http:post:`POST </accounts/login>`). There are two required parameters.
.. http:post:: /accounts/login
:DC-bound?:
* |dc-no|
:Permissions:
* |APIAccess|
:Asynchronous?:
* |async-no|
:arg string data.username: **required** - Username used for authentication
:arg string data.password: **required** - Password used for authentication
:status 200: Login successful
:status 400: Bad request
"""
serializer = APIAuthTokenSerializer(data=request.data)
if serializer.is_valid():
user = serializer.object['user']
token, created = Token.objects.get_or_create(user=user)
if not created: # Old Token - regenerate token and datetime
# TODO: We do this by deleting the old token (could be done better)
token.delete()
token = Token.objects.create(user=user)
auth_logger.info('User %s successfully logged in from %s (%s)', user,
get_client_ip(request),
request.META.get('HTTP_USER_AGENT', ''))
request.user = user
request.dc = Dc.objects.get_by_id(user.current_dc_id)
return Response(
{
'token': token.key,
'expires': (token.created + AUTHTOKEN_TIMEDELTA).isoformat(),
'detail': 'Welcome to Danube Cloud API.'
},
status=scode.HTTP_200_OK,
request=request)
auth_logger.warning('User %s login failed from %s (%s)',
request.data.get('username', None),
get_client_ip(request),
request.META.get('HTTP_USER_AGENT', ''))
try:
error_message = serializer.errors['non_field_errors'][0]
except (KeyError, IndexError):
error_message = serializer.errors
return Response({'detail': error_message},
status=scode.HTTP_400_BAD_REQUEST)
def logout(request):
"""
Log users out (destroy all sessions) and re-direct them to the main page.
"""
# Save profile and user object
user = request.user
profile = request.user.userprofile
# Create guacamole object attached to request.user.username and with current guacamole password
g = GuacamoleAuth(request)
# Do a guacamole logout
gcookie = g.logout()
# We can then remove the cached configuration
g.del_auth()
# Get the response object
response = logout_then_login(request)
# Remove the guacamole cookie from response object
response.delete_cookie(**gcookie['cookie'])
# Setup i18n settings of the logged in user into session of an anonymous user
profile.activate_locale(request)
# Get auth logger and log the logout :)
auth_logger.info('User %s successfully logged out from %s (%s)',
user, get_client_ip(request), request.META.get('HTTP_USER_AGENT', ''))
# Bye bye
return response
def api_logout(request):
"""
Function used for API logout (:http:get:`GET </accounts/logout>`).
.. http:get:: /accounts/logout
:DC-bound?:
* |dc-no|
:Permissions:
:Asynchronous?:
* |async-no|
:status 200: Logout successful
:status 403: Forbidden
"""
response = Response({'detail': 'Bye.'},
status=scode.HTTP_200_OK,
request=request)
user = None
# noinspection PyBroadException
try:
user = request.user
request.user = None
request.auth.delete()
except Exception:
pass
auth_logger.info('User %s successfully logged out from %s (%s)', user,
get_client_ip(request),
request.META.get('HTTP_USER_AGENT', ''))
return response
def initialize(self):
request = self.request
self.user_id = str(request.user.id)
self.user_ip = get_client_ip(request)
self.sess_id = self.socket.sessid
self.session_key = request.session.session_key
self.last_tasks = deque(maxlen=100)
self.setup_user()
self.log('API socketio session started for user %s (%s) from %s', self.user_id, self.username, self.user_ip)
def login(request):
"""
Log users in the system and re-direct them to dashboard or show proper error message when failed.
"""
response = contrib_login(request, 'gui/accounts/login.html', authentication_form=partial(LoginForm, request))
# Setup i18n settings into session
if request.method == 'POST':
user = request.user
if user.is_authenticated():
auth_logger.info('User %s successfully logged in from %s (%s)', user, get_client_ip(request),
request.META.get('HTTP_USER_AGENT', ''))
user.userprofile.activate_locale(request)
clear_attempts_cache(request, user.username)
else:
auth_logger.warning('User %s login failed from %s (%s)', request.POST.get('username', None),
get_client_ip(request), request.META.get('HTTP_USER_AGENT', ''))
return response
