def user_auth():
""" POST /auth
Takes a user's username and password and attempts to auth
against the database. If there is a match, it will return
`status: 200` and an auth token to use for future operations.
Note that the auth token expires after a set amount of time.
"""
config = manager.RESTAPIManager.get_instance().config.get_section("auth-tokens")
username = request.forms.get("username")
password = hashlib.sha512(request.forms.get("password")).hexdigest()
try:
res = User.get(User.username == username, User.password == password)
except Exception:
resp = routing.base.generate_error_response(code=409)
resp["message"] = "Invalid username or password."
return json.dumps(resp) + "\n"
token = res.create_token()
resp = routing.base.generate_bare_response()
resp["username"] = username
resp["auth"] = {
"token": token.token,
"expires": config.get_int("expire", 14400),
}
return json.dumps(resp) + "\n"
def user_info(username):
""" GET /user/:username
Headers:
X-Keydom-Session => current session token
Returns information about a user. Some information will
only be returned if a valid session token is provided.
"""
token = token_by_header_data(request.headers.get("X-Keydom-Session"))
if token is not None and token.has_expired:
token = None
try:
user = User.get(User.username == username)
except Exception:
resp = routing.base.generate_error_response(code=404)
resp["message"] = "Invalid username."
return json.dumps(resp) + "\n"
resp = routing.base.generate_bare_response()
resp["user"] = {
"username": user.username,
"join_date": str(user.join_date),
}
if token:
# Information for registered users is inserted here.
resp["user"].update({
"email": user.email,
})
return json.dumps(resp) + "\n"
def user_auth():
""" POST /auth
Takes a user's username and password and attempts to auth
against the database. If there is a match, it will return
`status: 200` and an auth token to use for future operations.
Note that the auth token expires after a set amount of time.
"""
config = manager.RESTAPIManager.get_instance().config.get_section(
"auth-tokens")
username = request.forms.get("username")
password = hashlib.sha512(request.forms.get("password")).hexdigest()
try:
res = User.get(User.username == username,
User.password == password)
except Exception:
resp = routing.base.generate_error_response(code=409)
resp["message"] = "Invalid username or password."
return json.dumps(resp) + "\n"
token = res.create_token()
resp = routing.base.generate_bare_response()
resp["username"] = username
resp["auth"] = {
"token": token.token,
"expires": config.get_int("expire", 14400),
}
return json.dumps(resp) + "\n"
def user_info(username):
""" GET /user/:username
Headers:
X-Keydom-Session => current session token
Returns information about a user. Some information will
only be returned if a valid session token is provided.
"""
token = token_by_header_data(request.headers.get("X-Keydom-Session"))
if token is not None and token.has_expired:
token = None
try:
user = User.get(User.username == username)
except Exception:
resp = routing.base.generate_error_response(code=404)
resp["message"] = "Invalid username."
return json.dumps(resp) + "\n"
resp = routing.base.generate_bare_response()
resp["user"] = {
"username": user.username,
"join_date": str(user.join_date),
}
if token:
# Information for registered users is inserted here.
resp["user"].update({
"email": user.email,
})
return json.dumps(resp) + "\n"
def key_get_user_keys(username):
""" GET /keys/<username>
Returns the keys for the specified username based on the
requesting user's scope.
"""
token = token_by_header_data(request.headers.get("X-Keydom-Session"))
if not token:
req_user = None
else:
req_user = token.for_user
if token is not None and token.has_expired:
resp = routing.base.generate_error_response(code=403)
resp[
"message"] = "Authentication token has expired. Request another."
return json.dumps(resp) + "\n"
user = User.get(username=username)
scope = Key.VIS_PUB # Default to lowest permission scope.
if token and user.is_friends(req_user):
scope = Key.VIS_PRIV
elif user == req_user:
scope = Key.VIS_SELF
else:
scope = Key.VIS_PUB
user_keys = user.scoped_keys(scope)
resp = routing.base.generate_base_response()
resp["keys"] = []
resp["owner"] = {
"username": user.username,
"scope": scope,
}
for key in user_keys:
resp["keys"].append({
"short_name": key.short_name,
"key": key.content,
"fingerprint": key.fingerprint(),
"published": str(key.published_at),
})
return json.dumps(resp) + "\n"
def key_get_user_keys(username):
""" GET /keys/<username>
Returns the keys for the specified username based on the
requesting user's scope.
"""
token = token_by_header_data(request.headers.get("X-Keydom-Session"))
if not token:
req_user = None
else:
req_user = token.for_user
if token is not None and token.has_expired:
resp = routing.base.generate_error_response(code=403)
resp["message"] = "Authentication token has expired. Request another."
return json.dumps(resp) + "\n"
user = User.get(username=username)
scope = Key.VIS_PUB # Default to lowest permission scope.
if token and user.is_friends(req_user):
scope = Key.VIS_PRIV
elif user == req_user:
scope = Key.VIS_SELF
else:
scope = Key.VIS_PUB
user_keys = user.scoped_keys(scope)
resp = routing.base.generate_base_response()
resp["keys"] = []
resp["owner"] = {
"username": user.username,
"scope": scope,
}
for key in user_keys:
resp["keys"].append({
"short_name": key.short_name,
"key": key.content,
"fingerprint": key.fingerprint(),
"published": str(key.published_at),
})
return json.dumps(resp) + "\n"
